Common ping command protocols in the Network
Network Protocol Network Firewall Router ICMP is the abbreviation of "Internet Control Message Ptotocol" (Internet Control Message Protocol. It is a sub-Protocol of the TCP/IP protocol family. It is used to transmit control messages between IP hosts and routers. A message control refers to a message of the network itself, such as network connectivity, host accessibility, and routing availability. Although these control messages do not transmit user data, they play an important role in transferring user data.
ICMP is often used in the network. For example, the ping command is often used to check for network failure. The ping process is actually the process of ICMP protocol work. The trancert command for Route tracing is also based on ICMP.
The maximum size of the ICMP packet specified by the operating system cannot exceed 64 KB. This rule is usually used for host attacks. Ping of Death attack. The principle is: if the size of the ICMP data packet exceeds 64 KB, the host will encounter a memory allocation error, resulting in a TCP/IP stack crash, causing the host to crash.
In addition, sending ICMP packets to the target host for a long, continuous, and massive period of time will ultimately paralyze the system. A large number of ICMP Data Packets Cause an ICMP storm, which consumes a lot of CPU resources to process the target host.
Ping.exe principle: Send a certain length of data packet to the specified IP address. According to the Convention, if the specified IP address exists, the same size of data packet will be returned. Of course, if no data packet is returned within a specific period of time, the specified IP address does not exist. Because ping uses the ICMP protocol, some firewall software will block the ICMP protocol, so sometimes the ping result can only be used as a reference. ping failure does not necessarily indicate that the IP address of the other party does not exist.
IPSec Security Policy anti-ping principle: by creating an IPSec Policy to filter all ICMP data packets on the local machine, this can effectively prevent ping, but it also leaves sequelae. The ping Command is closely related to the ICMP protocol. 11 packet formats are included in ICMP applications. The ping command uses the "Echo Request" packet in ICMP.
In some LAN environments with special applications, packet loss may easily occur, affecting users' normal office. Therefore, firewall is recommended.