How to fight a fork bomb ?

Last evening I came across this very elegant fork bomb:

:(){ :|:& };:

I thought I'd try it out ;-)

As it turns out, on my RHEL 5.6 system it does mess up, but rapidly dies out:

[phil@mylinux ~]$ :(){ :|: &}; :
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
-bash: fork: Resource temporarily unavailable
[ repeated many many times ]
[1]+  Done                    : | :


However this modified version does eat my resources for a while!

[phil@mylinux ~]$ :(){ sleep 1 ; :|: &}; :

In a root window I observ the damages:
[root@mylinux ~]# ps -eaf | wc -l
331
[root@mylinux ~]# ps -eaf | wc -l
811
[root@mylinux ~]# ps -eaf | wc -l
2662
[root@mylinux ~]# ps -eaf | wc -l
9072
[root@mylinux ~]# ps -eaf | wc -l
32493

then sometimes I would get:
[root@mylinux ~]# ps -eaf | wc -l
-bash: fork: Resource temporarily unavailable

I thought for a while how to fight this the best and quickest way on a production system

Obvisouly it's cumbersome to type quickly something like:
for I in $(ps -fu phil | awk  ' { print $2} ' ) ; do kill -9 $I; done
and it uses several processes when they're scarce.

then I remembered about 'killall'

killall -u phil       # should send a INT signal to all processes

killall -u phil -s 9  # maybe better in this situation, send the KILL signal !


I tried the command, but some processes are still there !
I think that during the execution of 'killall' some more processes are generated...

In the end I was able to stop all this simply by repeating the command quickly

[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# killall -u phil -s 9
[root@mylinux ~]# ps -eaf | wc -l
296

Good to know. I will be less nervous if it happens on a productive system!