Scribd
Upload
35 views2 pages

ICMP Protocol Guide

ICMP (Internet Control Message Protocol) is used for sending error messages and operational information in network communications, rather than actual data. It has various real-life applications such as ping and traceroute, and its packet structure includes fields for type, code, and checksum. ICMP is stateless and differs from TCP/UDP, which are used for data delivery, but it also poses security risks like DoS attacks and tunneling.

Uploaded by

hmrusama
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
35 views2 pages

ICMP Protocol Guide

ICMP (Internet Control Message Protocol) is used for sending error messages and operational information in network communications, rather than actual data. It has various real-life applications such as ping and traceroute, and its packet structure includes fields for type, code, and checksum. ICMP is stateless and differs from TCP/UDP, which are used for data delivery, but it also poses security risks like DoS attacks and tunneling.

Uploaded by

hmrusama
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

ICMP (Internet Control Message Protocol) Guide

1. What is ICMP?

ICMP (Internet Control Message Protocol) is used by network devices to send error messages and

operational information. It's not for sending actual data, but for reporting issues like unreachable hosts,

timeouts, and diagnostics.

2. Real-Life Uses of ICMP

- Ping: Sends ICMP Echo Request and waits for Echo Reply

- Traceroute: Uses ICMP to find each hop in a network path

- Diagnostics: Checks if a host is reachable and how long it takes

3. ICMP Packet Structure

- Type: Defines the message type (e.g., Echo Request = 8)

- Code: Further defines the meaning within the type

- Checksum: Error-checking field

4. Common ICMP Types and Codes

Type 0, Code 0 - Echo Reply (ping reply)

Type 3, Code 0-15 - Destination Unreachable

Type 5, Code 0-3 - Redirect Message

Type 8, Code 0 - Echo Request (ping request)

Type 11, Code 0 - Time Exceeded (TTL expired)

5. ICMP vs TCP/UDP

ICMP is for control and error messages, while TCP/UDP are for actual data delivery. ICMP is part of the IP

protocol suite and is stateless, unlike TCP which is connection-based.

6. Security Concerns

- ICMP can be misused in Ping floods (DoS attacks)


ICMP (Internet Control Message Protocol) Guide

- ICMP tunneling can bypass firewalls

- ICMP echo requests can help in ping sweeps (finding live devices)

7. ICMP Wireshark Filters

icmp - Show all ICMP traffic

[Link] == 8 - Show Echo Requests (ping)

[Link] == 0 - Show Echo Replies (ping reply)

[Link] == 3 - Show Destination Unreachable

[Link] == 11 - Show Time Exceeded packets

8. Try It Yourself

Run in Terminal:

- ping [Link]

- traceroute [Link]

Use Wireshark filter:

icmp

9. Summary Table

| ICMP Message | Type | Code | Description |

|----------------------|------|------|----------------------------------|

| Echo Request |8 |0 | Sent by 'ping' |

| Echo Reply |0 |0 | Reply to 'ping' |

| Destination Unreachable | 3 | 0-15 | Host/port/network unreachable |

| Redirect |5 | 0-3 | Redirect route |

| Time Exceeded | 11 | 0-1 | TTL expired (used in traceroute) |

You might also like