Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Ping, ICMP and TCP Ping

from [jlmb] Network Security [Permanent Link]
Subject: Re: Ping, ICMP and TCP Ping
Date: Sat, 27 Aug 2005 19:33:49 -0500 

zaka rias wrote:

hi,

Im learning protocol tcp/ip and icmp, and as far as i
know that Ping (software) is using ICMP protocol to
transmit packets and PING is identic with ICMP.



Not sure what you meant but this should clear you it up a bit:

DESCRIPTION
       ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram to
elicit an  ICMP  ECHO_RESPONSE from a host or gateway.  ECHO_REQUEST
datagrams (``pings'') have an IP and ICMP header


This comes from a linux ping(8) man page.




I have always wrapped my thinking that ICMP (and Ping
Program) echo/reply was a port 0 thing (like someone
said in
http://forum.sans.org/discus/messages/78/10869.html?1110164175
), and that's wrong.


Well, I believe the post By T. Brian Granier (bgranier) is correct. It's
not about ports, it's about codes and types.

ftp://ftp.rfc-editor.org/in-notes/rfc792.txt




i just wonder if this kind of method called TCP-PING,
when actually TCP-PING isnt using ICMP protocol, and
once more ->  TCP PING 's using port when actually
PING program is not using a port to communicate.


ping(8) does not uses a port to communicate because it's based on ICMP.
TCP-PING method on the other hand works by sending a TCP ack packet to a
specified port, no it DOESN'T use ICMP. I believe this METHOD is called
TCP-PING because it can be used to perform a similar function as ICMP
ping, to determine if a machine is up.

man nmap(1) and read the Ping scanning description, be sure to read the
ACK scan too.



luck
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Windows Server 2000 port lock down, firebird
Next by Date:  Re: Ping, ICMP and TCP Ping, Nikolai Alexandrov
Previous by Thread:  Ping, ICMP and TCP Ping, zaka rias
Next by Thread:  Re: Ping, ICMP and TCP Ping, Nikolai Alexandrov
Indexes:  [Date] [Thread] [Top] [All Lists]