About a week ago, in Koc University, we were having problems with our linux server namely Dali. It was severely going down and sometimes it was staying that way for a whole weekend untill somebody comes to the IT departmant and reboots it.
Without knowing the real reason, CIT (our IT department) was announcing that they are looking for ways to fix it and instructors were posphoning the deadlines for the projects.
As students, we were really happy about it🙂
Last week, in our “comp304 – Operating systems” projects, we were tryin to write a little shell for unix. Main aspects of the shell was to use multiprogramming and fork() function to create child processes.
As I was testing my project, I realised that Dali went down suddenly. I called a couple of friends and asked if their dali was also down and they confirmed.
At MSN messenger, I had a friend and asked her if she can connect to dali. She answered that she is on the Linux Lab so that she doesn’t have to connect to dali.
So I logged into linux lab, using putty again. And we started to test our code there. Suddenly, putty forzed again. Wow. Could my innocent code was breaking down servers?
Couple of seconds later, I had a message from that friend on messenger saying that:
” allah belani versin lab coktu !”
meaning that: My dear friend, our lab went down. Non of the linux machines work now !
So I was nearly sure that that I was putting the server down somehow. The funny thing was that, just 2 days before I took those servers down,in the comp304 class, I was joking about writing a code that puts the servers into an infinite loop so that they break down and our homeworks will be postphoned.
However, Dali should have had some kind of protection for cpu consuming processes that might take down the whole server. In fact it had : Jobs more than 1 hour will be killed.
The only possible way my code put those servers down was that I had an infinite loop in which I was creating child processes. So since Dali had so much new processes, it was not able to shut them down of because they were all new. And since they all had memory spaces, the server was really down, even not allowing a root access.
I searched about this issue and find that what i did is called ” FORK BOMB “, one of the most serious dos attacks.
Our Dali server uses CENTOS 4.4. I found some information in CENTOS forums that this version does allow users to have infinite limitations for process number and memory unless it is changed by the admin.
So, CIT didn`t know that. They allowed infinite processes for each user and whenever a student was forking the system, it was going down.
I informed CIT and said that they put process limit to users.
I still think that it is easy to find ways to put Dali down playing with fork() issue. I will try them sometimes later.