Reading time: 10 minutes
Fork Bomb Attack is a type of denial of service attack which causes the degradation of a system by making it run out of the memory. The attack forks the processes recursively to fill the entire available memory, thus choking the available system resources. Locating and terminating a Fork Bomb is a tedious process. When the saturation level is fully achieved in the process table, it is also a challenging task to develop the program to isolate the fork bomb.
Procedure For The Attack
- The hacker starts by making self-replicating child processes through a malicious code, possibly using the recursive functions.
- The fork loop consumes the system resources (CPU & memory) and saturates the operating system’s process table.
- Due to this, the operating system reaches the maximum allowed processes, and the system's resources get depleted.
- The attack thus blocks the legitimate program from running and prevents the creation of the new processes. Eventually, the attack causes the kernel to crash.
Mitigation For The Attack
Administrator should restart the entire system as locating and terminating a Fork Bomb is a tedious process. Limit the maximum number of processes a user can own. Avoid the use of fork in any of the statements, which might end up into an infinite loop.