Historically ISP have tended to run a simple daemon to handle killing off idle telnet sessions.
To combat this procmurderd is run. Procmurder monitors several parameters:
# # Start with the maximum time a user process is allowed to live. # Then apply rules in order of severity. # # # If the load has risen above 20 something is wrong. # sendmail shuts off at 20, we need to reign things in. # If the load is above 25 become aggresive. # maxidle = 4 * 60 * 60; # 4 hours under any condition if load_average > 20 maxidle = 30 * 60 if load_average > 25 maxidle = 5 * 60 if running_time > maxidle kill the process # # Kill off any user tasks creating a heavy load and have been running for long enough. # if process_load > 20 and seconds_used > 180 if running_time > 30 * 60 kill the process # # Kill off httpds that are creating a load since this is clearly abnormal. # if process is 'httpd' and ( process_load > 20 || seconds_used > 180 ) if running_time > 15 * 60 kill the process # # Shorten the time that a large process can live. # if process_size > 8000 if running_time > ( available_memory > 30000 ? 15 * 60 : 5 * 60 ) kill the process # # Memory limits # if ( available_memory > 16000 ) size_limit = available_memory / 4; else size_limit = 2000; # crisis mode. if process_size > size_limit kill the process # # Child processes of httpd get specific time limits. # time_limit = 2 * 60 if process is "pnserver" time_limit = 5 * 60 if process is "download.cgi" time_limit = 90 * 60 if running_time > time_limit and the process parent is "httpd" kill the process # # Users are not allowed to run daemons. # Children of init (pid 1) are daemons. # if user daemon kill the process