DoS !!

DoS !!

Post by Boris Glaw » Sat, 28 Jun 2003 17:51:30



Hi,

Maybe I discovered something already widely known, but I am a little
shocked though.
I just wrote this small program:

#include <stdlib.h>

char* func (void){
char* string = (char*)malloc(10000*sizeof(char));
return string;

Quote:}

int main () {

char* mem;

while (1){
         mem = func();
         //free(mem);
         }

Quote:}

The result is, that my system immediately freezes after a short while of
swapping. I expected my memory to be flooded, but not a freezed system.

I started this program as a normal user.

Couldn't such code be used for DoS attacks (A user executing something,
that affects the integrity of the system)??

Actually I expected my system to terminate this program, since it eats
up all memory, but it didn't do that.

Any ideas/opinions ??

greets Boris

 
 
 

DoS !!

Post by Stefan Schlot » Sat, 28 Jun 2003 18:00:50



> Couldn't such code be used for DoS attacks (A user executing something,
> that affects the integrity of the system)??

In theory, yes.

Quote:> Actually I expected my system to terminate this program, since it eats
> up all memory, but it didn't do that.

Depends on the system - and the system configuration...

Quote:> Any ideas/opinions ??

man ulimit

Stefan.

 
 
 

DoS !!

Post by Catalin Marina » Sat, 28 Jun 2003 18:10:15



> I just wrote this small program:

[skipped, program that allocates a lot of memory using malloc()]

Quote:> The result is, that my system immediately freezes after a short while of
> swapping. I expected my memory to be flooded, but not a freezed system.

See the OOM (Out Of Memory) Killer
(http://linux-mm.org/docs/oom-killer.shtml). It should kill the program
if it is enabled.

What kernel version are you using?

Catalin

 
 
 

DoS !!

Post by Boris Glaw » Sat, 28 Jun 2003 18:15:40




>> The result is, that my system immediately freezes after a short while
>> of swapping. I expected my memory to be flooded, but not a freezed
>> system.

> See the OOM (Out Of Memory) Killer
> (http://linux-mm.org/docs/oom-killer.shtml). It should kill the program
> if it is enabled.

Can't this be handled by the kernel itself ?

Quote:> What kernel version are you using?

2.4.20-18.9 from redhat 9
Quote:> Catalin

 
 
 

DoS !!

Post by Kasper Dupon » Sat, 28 Jun 2003 18:59:39





> >> The result is, that my system immediately freezes after a short while
> >> of swapping. I expected my memory to be flooded, but not a freezed
> >> system.

> > See the OOM (Out Of Memory) Killer
> > (http://linux-mm.org/docs/oom-killer.shtml). It should kill the program
> > if it is enabled.

> Can't this be handled by the kernel itself ?

The oom_kill is part of the kernel. But the problem is
not in any way related to an out of memory situation. It
happens even if there is still lots of free swap.

Quote:

> > What kernel version are you using?

> 2.4.20-18.9 from redhat 9

I tried your program with the exact same kernel version.
My system didn't freeze. But it certainly was slowed
down a lot more than I would have expected. I think it
took almost a minute from I pressed C-C until the
program was killed. I consider this to be a kernel bug,
I didn't test it with other kernel versions.

--
Kasper Dupont -- der bruger for meget tid p? usenet.

It is NOT portable (Linus Benedict Torvalds 1991)

 
 
 

DoS !!

Post by Catalin Marina » Sat, 28 Jun 2003 18:50:59



>> See the OOM (Out Of Memory) Killer
>> (http://linux-mm.org/docs/oom-killer.shtml). It should kill the
>> program if it is enabled.

> Can't this be handled by the kernel itself ?

It is, the OOM killer is included in the kernel as part of the VM code
(Rik van Riel's rmap VM).

Quote:>> What kernel version are you using?

> 2.4.20-18.9 from redhat 9

AFAIK they use the Rik's VM and enable the OOM killer in their kernel,
they even try to improve the OOM detection. I don't know why it doesn't
work. Try building a different kernel maybe.

Catalin

 
 
 

DoS !!

Post by Boris Glaw » Sat, 28 Jun 2003 19:10:41


Quote:> I tried your program with the exact same kernel version.
> My system didn't freeze. But it certainly was slowed
> down a lot more than I would have expected. I think it
> took almost a minute from I pressed C-C until the
> program was killed.

I waited 10 Minutes and pressed reset then...

Quote:> I consider this to be a kernel bug,
> I didn't test it with other kernel versions.

It's certainly not a feature ;-)
If this was a bug, where can I report it ?

greets Boris

 
 
 

DoS !!

Post by Catalin Marina » Sat, 28 Jun 2003 20:16:59



> If this was a bug, where can I report it ?

http://bugzilla.redhat.com/

Catalin

 
 
 

DoS !!

Post by Gerhard W. Grube » Sat, 28 Jun 2003 21:46:49




Quote:>Maybe I discovered something already widely known, but I am a little
>shocked though.

Last time I exceeded my memory, the system bacme slow for several minutes. X
was shut down. After several minutes I could login again without any problems.
So I guess your program is not that big of a problem. :)

--
Gerhard Gruber

Fr jedes menschliche Problem gibt es immer eine einfache L?sung:
Klar, einleuchtend und falsch. (Henry Louis Mencken)

 
 
 

DoS !!

Post by Clifford Kit » Sat, 28 Jun 2003 22:10:18



>> > What kernel version are you using?

>> 2.4.20-18.9 from redhat 9
> I tried your program with the exact same kernel version.
> My system didn't freeze. But it certainly was slowed
> down a lot more than I would have expected. I think it
> took almost a minute from I pressed C-C until the
> program was killed. I consider this to be a kernel bug,
> I didn't test it with other kernel versions.

It's killed here by the kernel when swap fills up.  The kernel
is compiled using a 2.4.21 standard source from ftp.kernel.org.
The only change is one line added to ip_conntrack_core.c to correct
another problem, as per a suggestion by the core netfilter team.
The ip_conntrack module wasn't loaded during the test.

--

PPP-Q&A links, downloads:                      http://ckite.no-ip.net/
/* 97.3% of all statistics are made up. */

 
 
 

DoS !!

Post by M?ns Rullg? » Sun, 29 Jun 2003 22:18:56



> Couldn't such code be used for DoS attacks (A user executing
> something, that affects the integrity of the system)??

Try this:

while(1)
    fork();

--
M?ns Rullg?rd

 
 
 

1. HELP: Connectivity between DOS/DOS and DOS/Linux

HI there,

In about march we should be getting a second PC in our house. I was
concidering trying to network the two machines. One of the machines
is going to be a DOS/Windows affair while the other one is hoping
to become a DOS and Linux setup. I have a few questions that I hope
that someone out there can answer. (The kind of network I'm concid-
ering is peer-to-peer, I think)

1) Using Novell Netware light on the DOS/Windows machine, could it
connect to the Linux machine using standard networking stuff? Would
I be able to have netware on my DOS partition of my Linux/DOS machine
so that when I boot it up using DOS I'm still connected?

2) If I were using the Linux front end for DOOM, could I still play
a multiplayer game across the network? Or would I have to go back to
DOS?

3) Just out of curiosity, could anyone give me info on cost. I've
got a home made estimate (made from various sources) of :



Cabling (roughly)                               :20
                                                ----
Total                                           136

This is a rough estimate, if anyone can confirm or deny this value
please set me straight.

Answers would be much appersiated as it will influence my decision
as to weather to get the network and/or to get Linux.

TTFN and TC, Michael Dales

-'Damn you and your networking problems Q!'-Picard

2. No Adduser!!!

3. accessing dos partitions with wd7000fasst scsi, isc unix 2.2, dos[345]

4. Hdisk Misidentified After SCSI Controller Failure/Replacement

5. Uninstall Linux: Deleted "non dos partition" with DOS fdisk -- Now what?!?

6. File Type of .bz

7. Samba w/ DOS box - what does DOS need?

8. "difference between "xxx.h" and <xxx.h> ????"

9. Can I boot from DOS to use DOS Device Drivers?

10. Mini Linux coexists in DOS partition and boot from DOS

11. Q: Filenames turnicated DOS to LINUX to DOS?

12. DEFBOOTSTR=dos should this allow dos to boot by default?

13. copying files from unix to dos system in dos readable format