Thursday, September 17, 2015

What Is A Rabbit Virus?



A Rabbit Virus or Wabbit or Fork Bomb is a denial of service attack, wherein a process continually replicates itself and creates large number of child processes, until the system experiences resource starvation. As a result, the victim system slows down and crashes.





A basic implementation of a Rabbit Virus is an infinite loop which repeatedly creates processes. This attack consumes lots of CPU cycles and Operating System resources.

In Unix like Operating Systems, Rabbit Virus is implemented by running fork in an infinite loop. In Microsoft Windows, it can be implemented by creating a new process inside an infinite loop.

A Rabbit Virus, once started, proves difficult to be stopped. The problem is, in the time taken between finding the processes to terminate and actually terminating them, lots of new processes generate.



Countermeasures

Nowadays, most of the Operating Systems take measures to prevent this type of attack. In the Operating Systems process table, at least one slot is reserved so that fork bomb cannot use up the whole process table, making it impossible to launch another process which can kill the other processes.

In modern Unix like Operating Systems, the entire system can even limit the total number of process a single user can create. This is achieved by ulimit command.



So, stay safe, prevent your system from attacks!

No comments:

Post a Comment