commit: 0d1fe6e052ab857a15a4e479526a535bfb46df16
parent 2a92c4a75ee9aff33bf2fe1b89f6f120654f69b1
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Sun, 18 Apr 2021 21:09:03 +0200
notes/computing-truths: DoSing an operating system
Diffstat:
1 file changed, 3 insertions(+), 0 deletions(-)
diff --git a/notes/computing-truths.txt b/notes/computing-truths.txt
@@ -8,6 +8,9 @@ I would love to be proved wrong or shown doubts on any of this, thanks a lot if
- You can sometimes detect after parsing if a program will or will not end (finite-automata / loop with no end condition)
- You cannot detect for all programs if they will or will not end ("The halting problem")
- Most programs can be made to crash (and under most Operating Systems it's All)
+- You can render an operating system unusable (Denial-of-Service) probably more easily than you think, even with some restrictions:
+ - Easy to fix: Ping of Death, …
+ - Hard to fix: Forkbomb, using up all memory, using up all of a filesystem (be careful with logs), eating the limit of file descriptors/PIDs/… of the current user or root, …
- Cryptography isn't some magic fairy dust to make something secure (it can actually make it worse)
- There is no magic solutions to make something secure, but there is good practices
- You will need actual debugging tools (gdb/lldb, dtrace, ping, tcpdump/wireshark, …), learn them
