This script contains a piece of code known as a "fork bomb" within the Bash scripting language.
The script defines a function named :
(colon), which recursively calls itself twice: :|:&
. LOL 🤣
:
is the function name, followed by()
, defining an anonymous function in Bash.:|:
is a shorthand for the function calling itself and sending the output to another instance of the function.&
puts each function call in the background, allowing multiple instances to be created.
To fortify your Linux server against such attacks, a strategic approach involves reducing the permissible number of processes.
By default, Linux allows 128,038 processes. While the process of lowering this number is straightforward, caution must be exercised to avoid rendering the system inoperable.
To initiate this safeguarding process, it is essential to assess the current limit on processes by executing the command ulimit -u.
If the output indicates the default limit of 128,038 processes, your system could be susceptible to a fork bomb.
Mitigate this risk by lowering the permissible processes to a more conservative value, such as 5,000, using the command ulimit -S -u 5000.
Subsequent execution of ulimit -u should confirm the adjustment to 5,000 processes.
For enhanced security, consider implementing process limitations on a per-user basis.
Access the limits.conf file with sudo nano /etc/security/limits.conf and append a line at the end, resembling "username hard nproc 5000," effectively restricting the specified user to a maximum of 5,000 processes.
Exercise prudence when applying these modifications, particularly with system users, to avert unintended system performance issues.
After implementing these changes, a system reboot ensures the effectiveness of the adjustments.
Congratulations, you have successfully fortified your Linux development system against potential fork bomb attacks.
Caution:
Based on reported incidents from other users, executing this script has led to severe problems with their systems, causing instability and unresponsiveness.
Advice: This script should only be executed on a sandboxed system or a test environment within a hypervisor.
This piece of code is commonly used as an educational example in IT security training to illustrate the concept of a fork bomb and the importance of understanding potentially harmful code.
Running this script in a live environment or on a shared system is highly discouraged.
When executed, it rapidly spawns numerous processes until system resources are exhausted, potentially leading to a system freeze.
Please use extreme caution and ensure you are in a controlled environment before executing this script for educational or experimental purposes.
Its execution in any other context can cause significant disruption.