Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [icmp]

ICMP stands for Internet Control Message Protocol. It is primarily used by the operating systems of networked computers to send error messages indicating service status.

ICMP is not normally used by end-users or to send messages. It's main use is in diagnostics and checking that the network is functioning correctly.

ICMP is just one communications protocol on the web. Others include:

  • Transmission Control Protocol (TCP)
  • User Datagram Protocol (UDP)
  • Hypertext Transfer Protocol (HTTP)
  • Post Office Protocol (POP3)
  • File Transfer Protocol (FTP)
  • Internet Message Access Protocol (IMAP)

ICMP on Wikipedia

226 questions
0
votes
1 answer

ICMP time exceeded in-transit

In the last few days my server suffers an attack of this kind: (bandwith > 60MBit/s, XXX.XXX.XXX.XXX are multiple IPs) tcpdump -n proto ICMP 17:15:19.267464 IP XXX.XXX.XXX.XXX > my_ip: ICMP time exceeded in-transit, length 36 …
mattia
  • 3
  • 1
  • 2
0
votes
2 answers

Restricting ICMP using iptables

I have the following rule,which i believe will restrict icmp packets to 1/s. :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [7:988] -A INPUT -i lo -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type any -m limit --limit 1/sec -j ACCEPT -A INPUT…
krypto
  • 129
  • 7
0
votes
2 answers

Caculating packet offset

In Wireshark, if I want to write a filter which accepts only ICMP destination unreachable ( type 3 ) messages, the filter is icmp[0] == 3 . How do I count the packet offset of 0 in this instance ? EDIT Based on the above image from Wikipedia, the…
iridescent
  • 135
  • 8
0
votes
0 answers

ICMP ping one way only?

I have 2 W7 hosts (may be others, I haven't checked yet) that are on the network, and can ping the domain controller. They can also ping each other. Yet when I'm on the server, the ping request times out when I attempt to contact their hostnames…
David Liese
  • 145
  • 1
  • 10
0
votes
1 answer

Security zones regarding ICMP Flood Attacks

I found this statement describing ICMP Flood attacks and I am confused about the term "Security Zone" being used in it. " Once the ICMP threshold is reached, the server will stop accepting any further ICMP ECHO requests from all addresses in the…
iridescent
  • 135
  • 8
0
votes
2 answers

Multiple ICMP destination unreachable messages

I'm load testing some web services hosted on IIS7. The web services make network calls to underlying services in response to client requests. The client requests are simple HTTP requests but the requests that emanate from the web service layer start…
Krishter
  • 101
0
votes
1 answer

Ubuntu stops responding to ping from random clients

I got a ubuntu server running redmine from apache. My clients, can access redmine, but stops responding random, and other clients, can browse redmine fine, when the client with the problem cant browse the page. In tcpdump i see the request come in,…
dunston
  • 103
  • 2
0
votes
1 answer

What is causing ping sweep?

I am spotting ping sweeps on our firewall log originating from our Windows 2003 SP2 x64 server. The traffic shows sequential pings sent to private ranges only. Eg: 192.168.1.1 192.168.1.2 192.168.1.3 ... 192.168.255.254 I have run a virus scan on…
Ryan Armstrong
  • 1
  • 1
0
votes
2 answers

freebsd dmesg has a lot of "Limiting icmp unreach response from 1293 to 200 packets/sec"

I has a simple freebsd 9.0 machine.But everytime i start my freebsd and use command dmesg. There aren't any hardware information there but full of "Limiting icmp unreach response from 1293 to 200 packets/sec" there. Does any one there can…
altman
  • 125
  • 1
  • 5
  • 12
0
votes
1 answer

Pros vs Cons of Rate Limiting ICMP

I am configuring Config Server Firewall and here is the default config for ICMP. I have read on the internet that disabling or limiting ICMP can cause huge headaches on your server. However I have also read it can help prevent some times of DDOS. Do…
h00j
  • 388
  • 7
  • 21
0
votes
1 answer

size of packet icmp with netstat TX

I am confused with the size of packet icmp. I just did a simple initial netstat, where for eth0 : TX-OK = 485 after 1 ping message is send, again I see in netstat TX-OK = 488 So, I just want to know how does the TX actually intepret the icmp packet…
sateayam
  • 137
  • 2
  • 8
0
votes
1 answer

What does the C3 portion of 0xC308(BE) mean in an ICMP identifier?

I am using Wireshark to analyze traffic. I know that the 8 refers to the echo (ping) type. I have been unsuccesful with finding information regarding the C3 byte. Identifier (BE): 49928 (0xc308)
somehume
  • 153
  • 1
  • 5
0
votes
2 answers

Linux not sending ICMP with iptables `--reject-with`

Using iptables I am trying to reject packets (I want to return an ICMP message). iptables -A FORWARD [...] -j REJECT --reject-with icmp-port-unreach The packets are dropped but using tcpdump I can see no ICMP. What gives ? Am I doing something…
itq
  • 1
0
votes
3 answers

What are the proper contents of an ICMP message? (Buffer, Don't Fragment, etc..)

I'm creating a Tracert program and am wondering if the value "buffer" used in the Ping payload really matters. Can it be anything, or do routers respond differently based on the contents of the buffer? What about the other parts of an ICMP ping…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
0
votes
1 answer

execute command on icmp request

I'd like to know how/if it is possible to get my linux (ubuntu) box to exec a command (script) on incoming icmp/ping (or other network events) requests? Like e.g. playing a "ping" sound when being pinged, or playing an alert sound on specific source…
nonchip
  • 67
  • 9
1 2 3
15 16