From owner-freebsd-questions@FreeBSD.ORG Sat Mar 19 01:57:19 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA62D16A4CE for ; Sat, 19 Mar 2005 01:57:19 +0000 (GMT) Received: from relay01.pair.com (relay01.pair.com [209.68.5.15]) by mx1.FreeBSD.org (Postfix) with SMTP id 3E32343D1D for ; Sat, 19 Mar 2005 01:57:19 +0000 (GMT) (envelope-from ryan@confabulator.net) Received: (qmail 31523 invoked from network); 19 Mar 2005 01:57:18 -0000 Received: from unknown (HELO ?192.168.0.83?) (unknown) by unknown with SMTP; 19 Mar 2005 01:57:18 -0000 X-pair-Authenticated: 209.197.24.227 Message-ID: <423B879C.8020402@confabulator.net> Date: Fri, 18 Mar 2005 19:59:56 -0600 From: "Ryan J. Cavicchioni" User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: FreeBSD Questions References: <423B8314.1000606@confabulator.net> In-Reply-To: <423B8314.1000606@confabulator.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: How to avoid forkbomb? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Mar 2005 01:57:19 -0000 I apologize, I did not mention what version I was running. Here it is: 5.3-RELEASE-p5 Ryan J. Cavicchioni wrote: > Hi, > > After reading this article: > http://www.securityfocus.com/cgi-bin/sfonline/columnists-item.pl?id=308, > I decided to give the forkbomb script a try which is below: > > #!/bin/sh > > $0 & $0 & > > The system was unresponsive for a couple minutes but then FreeBSD > killed the script and the system was accessible. > > I started looking around for what my process limit was set at but I > found a couple different values. > > ulimit -a outputs: > > core file size (blocks, -c) unlimited > data seg size (kbytes, -d) 524288 > file size (blocks, -f) unlimited > max locked memory (kbytes, -l) unlimited > max memory size (kbytes, -m) unlimited > open files (-n) 7264 > pipe size (512 bytes, -p) 1 > stack size (kbytes, -s) 65536 > cpu time (seconds, -t) unlimited > max user processes (-u) 3632 > > > kern.maxproc is set to 4036 > > > /etc/login.conf reads: > > :maxproc=unlimited:\ > > My questions are: > Am I looking at the correct values? > Which is the actual process limit? > What would you recommend that I set it to in order to have my machine > shrug off the fork bomb sooner? > What would be a good process limit for a LAMP webserver? > How would I set the process limits? > > Thanks in advance. > > - Ryan > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >