Ping is a utility product that you can rely on when your PC is encountered with network issues out of the blue. This simple packet testing agent boasts of an incredible legacy and a successful strategy it often relies on. This blog discusses the modus operandi of Ping.
It was Mike Mmuuss, inspired by David Mills (on using ICMP echo packets) founded Ping for IP network diagnosis and measurements. Now lets us not bother about the history of this guy, we need to bother about only where we stand in the network error troubleshooting.
Ping communicates through Internet Control Message Protocol (ICMP), which is one of the main protocols of the Internet Protocol Suite. This is used by network devices, like routers, to send error messages indicating that a requested service is not available or that a host or router cannot be reached.
The Ping utility at first sends an ICMP echo request in the form of packets (which are clusters of formatted data) to the host it targets and waits for the echo reply. It measures the round-trip time from transmission to reception and reports packet loss and errors. Packet loss happens when some packets in a network fail to reach the host destination. The results from the transmission to reception times are quantified in weightages of minimum, maximum, the mean (average) and standard deviation (the amount of variation) of the mean. Now, let us agree to this format after performing a ping test to example.com from our end. We will have a pinging constraint up to 5 counts.
$ ping -c 5 example.com
PING example.com (184.108.40.206) 56(84) bytes of data.
64 bytes from 220.127.116.11: icmp_seq=1 ttl=53 time=220 ms
64 bytes from 18.104.22.168: icmp_seq=2 ttl=53 time=220 ms
64 bytes from 22.214.171.124: icmp_seq=3 ttl=53 time=220 ms
64 bytes from 126.96.36.199: icmp_seq=4 ttl=53 time=220 ms
64 bytes from 188.8.131.52: icmp_seq=5 ttl=53 time=220 ms
— example.com ping statistics —
5 packets transmitted, 5 received, 0% packet loss, time 4225ms
rtt min/avg/max/mdev = 220.579/220.684/220.770/0.073 ms
Let us update ourselves with some common ping error reports;
H, !N or !P – host, network or protocol unreachable
S – source route failed
U or !W – destination network/host unknown
X – communication administratively prohibited
Many other messages may also pop up, but what we usually get is “host unreachable” or “TTL exceeded in transit” along with the first eight bytes of the original message.
Although, we have given many appraisals to ping utility it has still been considered as a security risk, as merely acknowledging a host’s presence turns it into a potential target.
There is an advanced ping option called Flood Ping, which works by sending speedy requests to determine the response of the network under high-load conditions. This highly sophisticated benchmark tool is a double-edged sword as in the wrong hands it can create havocs like denial-of-service to induce a ping flood. This mostly happens when the attacker attempts to overshoot the victim with ICMP echo requests. No wonder this power utility is restricted to users having administrative privileges. No matter what others say, ping is a utility that anyone checks in when you are in trouble with your network access. It just ensures your packets have reached the destination.