May 20, 2005

Canberra experience

I hit the town last weekend to celebrate M's sister's 18th. Being her 18th clubbing was a must. The night went well first, though the music was crap, queues were long (but pizza was good), toilets required hazmat suits and everywhere were usual collection of punks, bro, and what-nots trying to pickup. Before you know it though, it was time for me and M to leave, and as usual when we leave, things start to go wrong:
  1. I got an egg thrown at me by a gutless wench. We had stopped at a set of lights waiting to cross the street. The aforementioned wench was sitting in a run down car looking at me funny. I paid her no mind at first. Then when the lights turned green and her car took off, I felt a hard impact on my throat and then saw yellow/white splatter between my feet. Took me a second to realised what happened and appreciate my luck. I turned and yelled at her as she ran away laughing like a mad witch after a night of eating children and sleeping with newts.
  2. M's brother was punched by a gutless son-of-a-bitch from behind. Said SOB picked the fight, and while M's brother chose to stand his ground then walk away, Canberra is so boring the SOB decided to keep it up. Him and his friends were promptly kicked out by security, but then loitered outside waiting for M's brother to punish him further for getting in their friend's fist's way.
Both events are pathetic and contemptible. Its almost like these people want organised crime but are too stupid to well, get organised. I can't express how disappointed I am at night life at our capital city. It blows donkey balls. Really. It must be the only capital city in the world that blows so hard.

Must be all the politicians.

Speaking of politicians, the design of Canberra is a apt reflection of politicians and bureaucracy in general. Winding roads, round abouts.. sound familiar? That's bureaucracy. Going around in circles... Oh, you can't see much at any one point, there is always something in the way...

One other thing: power lines. Nearly all of it is underground. Like politics. All the power is underground, friends-of-friends, cloak-and-dagger. Seedy business.

Any ways, good night my not-so-royal-readers-and-random-pass-bys,
Steve

May 10, 2005

Defusing a bash forkbomb in netbsd

What happened...
Some one posted on atomicmpc about forkbomb. This lead to me googling forkbombs and arriving at an article that looked at how forkbombs affected modern linux distributions and *BSD. I quote:
I'll admit that I held my breath for a few seconds as I keyed the script into my NetBSD laptop, and then ran it. I was pleasantly surprised when the attack had no effect, confirming that I wasn't losing my mind after all -- limits had been put in place to prevent a normal user from crippling the entire system. Exactly as one would expect.
Naturally I wanted to test this. I have a netbsd box running on an old ibook with the following uname -a:
NetBSD eva00 1.6.2 NetBSD 1.6.2 (GENERIC) #0: Tue Feb 10 23:52:52 UTC 2004 autobuild@tgm.netbsd.org:/autobuild/netbsd-1-6-PATCH
002/macppc/OBJ/autobuild/
netbsd-1-6-PATCH002/src/sys/arch/macppc/compile/
GENERIC macppc
Quickly I typed up a cheap bash forkbomb that's not even as cool as
:(){ :|:&};: -
#!/bin/sh
$0 &
exec $0
Merrily I executed the script in my normal account over SSH... and watched as things slowed down to a crawl. SSH timed out, and local login from the keyboard generated a delay of about 60 seconds from keystroke to echo. Normally one would reboot and install quotas, but this box had good uptime! I wanted to keep it so I set my self the slightly harder task of defusing the fork bomb.

How it was done
I knew I had to some how stop the processes, not kill them because killing them will simply free up resource which would immediately be taken over. ni suggested to use SIGSTOP. To my knowledge POSIX defines a set of signals which can be send to processes. One of these is SIGSTOP which can not be caught or ignored. It causes the process in question to stop. Yes it surprised me too.

So now we know how to halt it and bob's our uncle right? Not yet. The problem was there were over 400 bash processes happily consuming what little resources there were and given the 60 second delay its silly to try and manually halt every one of them. In the absence of killall I devised the following:
ps ax | grep bash | grep -v grep | awk '{print $1}' | xargs kill -STOP
Which worked! After I spent about an hour typing it in. Then the STOP was replaced with -9 and ran again to kill the processes and reclaim my resources. A problem with the above is that it had a large collateral damage. A better script would have been:
ps axu user | grep bash | grep -v grep | awk `{print $2}' | xargs kill -STOP
So next time...
Implement user process quotas!

Cheers,
Steve