Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [icmp]

ICMP stands for Internet Control Message Protocol. It is primarily used by the operating systems of networked computers to send error messages indicating service status.

ICMP is not normally used by end-users or to send messages. It's main use is in diagnostics and checking that the network is functioning correctly.

ICMP is just one communications protocol on the web. Others include:

  • Transmission Control Protocol (TCP)
  • User Datagram Protocol (UDP)
  • Hypertext Transfer Protocol (HTTP)
  • Post Office Protocol (POP3)
  • File Transfer Protocol (FTP)
  • Internet Message Access Protocol (IMAP)

ICMP on Wikipedia

226 questions
0
votes
1 answer

Why are ICMP packets not captured on the target interface?

I have a network setup as in the picture: The central box is a gateway (Ubuntu 15.10) which relays the packets betwen the various networks (only one is shown on the picture - lan0) and Internet. gateway: I can ping all interfaces and hosts on…
WoJ
  • 3,607
  • 9
  • 49
  • 79
0
votes
1 answer

Reliable UK/EU ICMP Targets for Periodic Routing/Connectivity Tests?

I need to test routing between my United States datacenters and United Kingdom and Mainland Europe ISPs. This is used to distinguish between general transcontinental routing issues and specific application issues and local network issues. In the US,…
Will
  • 1,147
  • 10
  • 26
0
votes
1 answer

Change the order that an IPTABLE CHAIN is read (Using Fail2Ban)

I have some experience using iptables and fail2ban. Both are working as they should, but I would like to optimize the way packets are "DROPed" when IP & port probing occur. Fail2Ban is doing a good job of blocking IPs that are trying to access…
Chris Charles
  • 11
  • 1
  • 4
0
votes
0 answers

Timestamp response behaviors in different tools

I was testing out icmp time stamp response on one of my servers using ping and hping3. Here is result of hping3 # hping3 --icmp-ts x.x.x.x HPING x.x.x.x: icmp mode set, 28 headers + 0 data bytes len=40 ip=x.x.x.x ttl=56 id=45158 icmp_seq=0 rtt=7.2…
JinPangPang
  • 135
  • 6
0
votes
0 answers

ARP/ICMP in a network environment with overlapping IP address

Currently I have lab network setup to mimic customer's network deployment. (According to the customer, they are using VRF over VLAN so that their customer can have overlapping network connecting to the same server host). So abstract away all…
Kun
  • 1
0
votes
1 answer

IPv4 ICMP Codes/Errors for WAN transmissions

Can someone tell me which IPv4 ICMP Codes/Errors i have to unlock as Best Practise for WAN transmission (RedHat und Cisco)?
Andi
  • 11
  • 1
0
votes
2 answers

Test for ICMP/TCP timestamp responses and disable responses

We had a penetration test done on our servers and one of the vulnerabilities they suggested we fix is that the host responded to an ICMP timestamp request with TCP timestamp. I've looked around but can't figure out how to disable it on our webserver…
Tom
  • 419
  • 3
  • 10
  • 20
0
votes
0 answers

Wierd traceroute / ICMP issues on Juniper SRX 210BE

I recently acquired Juniper SRX 210BE; until now I've been using Cisco ASA 5505 but I really want to switch over to Juniper world (big FreeBSD fan and all that). I've got FTTC (fiber to the cabnet) internet feed that goes into a modem that changes…
bart613
  • 548
  • 1
  • 6
  • 15
0
votes
0 answers

What is causing this seemingly excessive ICMP traffic?

This seems to occur when I initiate a connection to an IP that I haven't previously before. Is this a botnet trying to say hi to his friends? As you can see I have an ip filter set in this image, it takes roughly 30-40 seconds for it to rack up…
user40262
  • 1
0
votes
1 answer

Iptables REJECT doesn't let the ftp server list files

I had to comment these 2 lines in my iptables file, because for some reason it was denying ftp listing (it does connect to the ftp server, but it never lists the files and then it just times out): -A INPUT -j REJECT --reject-with…
Andres SK
  • 238
  • 3
  • 7
  • 22
0
votes
1 answer

How can I proxy ICMP requests?

I have a ubuntu server that receives many ping requests from various other servers in the network. I would like to be able to proxy these requests. Using iptable rules I can see how to DROP or ACCEPT the requests but is there a way to redirect…
user548971
  • 259
  • 1
  • 3
  • 10
0
votes
1 answer

ICMP echo-reply packets with a much lower TTL (-190) than ICMP time-exceeded packets

When I ping the last three hops of a traceroute path to facebook.com from my location, the ICMP echo-reply packets I get back all have a TTL of respectively 58, 57 and 56. The hops in question are the 6th, 7th and 8th hops from my machine. On the…
Ricky Robinson
  • 215
  • 1
  • 5
  • 20
0
votes
2 answers

Fragmentation and packet size,using tcpdump

i am trying to understand concept of fragmentation: i have two virtual machines with public ip connected to a switch. tracepath shows packet not going through gateway from vm1: Trying to send icmp with 65507 bytes to vm2. ping -M want -s 65507…
Kevin Parker
  • 757
  • 1
  • 13
  • 32
0
votes
1 answer

Why are there two types of ICMP Redirect?

Wikipedia lists 4 types of ICMP Redirect reasons: 0 Redirect for Network 1 Redirect for Host 2 Redirect for Type of Service and Network 3 Redirect for Type of Service and Host I understand the purpose of ICMP Redirect, but why is there a…
qdii
  • 335
  • 2
  • 8
0
votes
2 answers

How to properly drop ICMP type 3 packets on possible DDoS attack?

Even after running iptables -A INPUT -p icmp -m icmp --icmp-type 3 -j DROP I keep getting ICMP type 3 code 13 packets on tcpdump. when I run tcpdump icmp, I get messages like: 19:41:31.923630 IP NAMESOURCE > MY_NAME: ICMP net IP_SOURCE…
Diogo Melo
  • 162
  • 2
  • 7
1 2 3
15 16