Fork bomb is also known as a wabbit virus or rabbit virus that is designed by hackers to attack the target system. The virus replicates and damages the available system resources. It slows system performance or can cause system crashes due to resource hunger Modus Operandi Fork bomb viruses function two different ways to perform the forking process: one by using the processing time of the CPU and the other by slowing down the operating system process. It’s an endless process where your copies are repeatedly launched.
Who developed Fork Bombs
Fork bombs are developed in a system operating on a Unix-based operating system for the use of the fork system call. Forked processes are typically copies of the first program when the new address on the framework pointer begins to run, the forking process continues, and multiple copies are produced that cause the process to grow.
A fox bomb works in a short time to generate a huge number of processes to fill space in certain processes intended for the computer’s operating system. When processes are saturated, new programs can not start until other processes are completed. Even if space is not saturated, the real program is unlikely to start as the fork bomb reserves space for its new copy and the procedure continues like an endless loop.
In all its new copies, the bifurcation bomb virus uses not only space in the process table, but also all the time and storage. As a result, the system is slowed down and existing programs are disrupted and difficult to use and almost unavailable.
Preventive measures Bombs can only be avoided if the user limits their number of processes. You can do this by using the Unix / Linux ulimit parameter to limit the creation process of the user. For example, ulimit=30 limits the user to only create and own 30 processes. However, the command is specific to the sessions: the ulimit must be reset once the session ends.
Implement process limits with the /etc / security / limit.conf file entirely across the system. This is the most common way because the user can easily use the setting on all profiles, so it works well to reduce the risk by changing the profile settings of each user.
It should also be noted that hackers are efficient in obtaining administrative permissions to infect the system with a fork-bomb attack, even if the configuration of limit.conf is correct.
There is no way to deny the fork bomb completely, even with modern and advanced operating systems. However, it can end a majority of fork bomb attacks by best applying some of the basic security practices by securing the system by denying suspected root software, and most of all by using efficient virus elimination tools.