Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [icmp]

ICMP stands for Internet Control Message Protocol. It is primarily used by the operating systems of networked computers to send error messages indicating service status.

ICMP is not normally used by end-users or to send messages. It's main use is in diagnostics and checking that the network is functioning correctly.

ICMP is just one communications protocol on the web. Others include:

  • Transmission Control Protocol (TCP)
  • User Datagram Protocol (UDP)
  • Hypertext Transfer Protocol (HTTP)
  • Post Office Protocol (POP3)
  • File Transfer Protocol (FTP)
  • Internet Message Access Protocol (IMAP)

ICMP on Wikipedia

226 questions
8
votes
2 answers

iptables | Types of ICMP: which ones are (potentially) harmful?

I read that certain types¹ of ICMP packets can be harmful. Questions: Which ones and why? How should I layout an iptables ruleset to handle each type of ICMP packet? Should I rate-limit any of these types of ICMP packets? And how? [¹] The types I…
ML--
  • 335
  • 1
  • 4
  • 11
6
votes
1 answer

IPv6 - Allow incoming ICMP echo requests

So, we recently got our /48 prefix from our LIR, and started small-scale deploying it in a lab. What struck me as odd is that sites like http://ipv6-test.com/ insist that you allow incoming ICMP Echo requests. I understand why you should allow…
lightxx
  • 197
  • 1
  • 2
  • 9
6
votes
2 answers

Block ICMP timestamp & timestamp reply with firewalld

OS: CentOS 7.0 Per the results of a security scan, it has been suggested that we block ICMP timestamp & timestamp reply messages using the firewall (CVE-1999-0524). I've used firewalld to set up some basic IP filtering for SSH as well as allowing…
5ELuqLbb85Hk
  • 63
  • 1
  • 1
  • 4
6
votes
2 answers

Packets only get forwarded when tcpdump running on bridge

I ran into the oddest thing when trying to debug a networking issue with OpenStack. I was doing a ping test between virtual machines. The ICMP request packets only made it to the destination host if I did a "tcpdump" on the bridge interface on the…
Lorin Hochstein
  • 5,028
  • 15
  • 56
  • 72
6
votes
4 answers

How to stop a ICMP attack?

We are under a heavy icmp flood attack. Tcpdump shows the result below. Altough we have blocked ICMP with iptables tcpdump still prints icmp packets. I've also attached iptables configuration and "top" result. Is there any thing I can do to…
cumhur onat
  • 163
  • 1
  • 4
6
votes
2 answers

Why 224.0.0.1 traffic is filtered by Linux hosts?

When sending an ICMPv4 echo request to a destination address like 224.0.0.1, it is ignored by Linux hosts receiving the request. The destination MAC address used is 01:00:5e:00:00:01. The only way to have those Linux hosts answering is to set the…
djoproject
  • 157
  • 2
  • 7
6
votes
1 answer

Can't ping EC2 instance after enabling ICMP packets

I followed this guide to allow me to ping my EC2 instance. In my security group I have Custom ICMP Rule - IPv4, Echo Reply, N/A, Anywhere. However it simply doesn't work. If i run ping ec2-X-X-X-X.ap-northeast-1.compute.amazonaws.com, or if I run…
JacksonCounty
  • 151
  • 5
5
votes
1 answer

How long is an (accepted) ICMP redirect observed for, and how can I shorten that time?

If a Linux host receives and accepts an ICMP redirect (accept_redirects=1 on the interface in question), how long is this route being cached for and observed? Can I lower that time? I am asking because I have a number of systems that are poisoned…
Nils Toedtmann
  • 3,342
  • 5
  • 26
  • 36
5
votes
2 answers

Fastest way to scan all hosts that are online

I am looking to find all the hosts that are online in a set of networks. I would like to find all hosts that are online in the entire network of 170.10.. (there are ~64K possible hosts). The network I am trying to scan is an internal local…
P.P
  • 269
  • 2
  • 3
  • 8
5
votes
2 answers

Linux ping command exits early due to ICMP host unreachable

An automated script runs shutdown -r now on a machine, and after a 30s delay, uses ping to determine when the machine is available. I've recently switched the OS from Centos 5 to Oracle Linux 6 and found the behaviour of ping has changed. I use ping…
shuckc
  • 153
  • 1
  • 4
5
votes
1 answer

Nmap ping scan over a VPN tunnel return all hosts alive?

I'm curious as to why running an nmap -sP (ping scan) on a remote subnet linked via a Cisco site-to-site IPSec tunnel returns "host up" status for every IP in the range. [root@xt ~]# nmap -sP 192.168.108.* Starting Nmap 4.11 (…
ewwhite
  • 197,159
  • 92
  • 443
  • 809
5
votes
1 answer

How do you allow ICMP Echo Requests on a Cisco ASA 55xx Router?

I'm very new to managing Cisco equipment, so bear with me. I'm configuring a Cisco ASA 5505 router for my office, and I am reasonably competent enough with the console to configure the basics -- our business needs are not extravagant. Our pings are…
Adam Lassek
  • 492
  • 1
  • 9
  • 18
5
votes
3 answers

ping -f shows problems but regular ping doesn't

I have a strange issue, hosting at Softlayer Washington data center. Test from an EC2 instance to my server at Softlayer :- [root@EC2-box ~]# ping -f -c 100 MY-SL-BOX PING MY-SL-BOX (MY-SL-BOX) 56(84) bytes of…
sajal
  • 602
  • 7
  • 12
5
votes
2 answers

ICMP Reliability

Let's say someone sends a UDP packet, just like a traceroute implementations. The packet has a TTL of 1 in the IP header, causing the first router to discard it and generate an ICMP Time Exceeded reply to the sender. Does the router have any…
John Humphreys
  • 167
  • 6
4
votes
1 answer

ICMP - How to send a timestamp and netmask request?

How can I submit a ICMP request for timestamp and netmask request to a host without using NMAP? Is it possible to generate a terminal / command line request with a tool like hping3 or any native Linux / Windows tool?
user238856
1
2
3
15 16