Wednesday, February 23, 2011

Ping Engineering

Ping is networking command available both in Windows and Linux operating systems which is used basically to check the status of the server  or host on the IP network.

According to Wikipedia :
"Ping is a computer network administration utility used to test the reachability of a host on an Internet Protocol (IP) network and to measure the round-trip time for messages sent from the originating host to a destination computer ".


In simple terms , it is used to check for the availability of the host on an IP (Internet Protocol) network which means to check whether a particular host identified by the IP addresss is up and ready to accept connections or not.
Ping was authored by Mike Muuss
Ping uses ICMP (Internet Control Message protocol) echo request packets for pinging the host in the network.
These echo request packets sent are echoed by the particular host pinged. 






Below is the command applicable both for the users of Windows and Linux Systems used to ping the host on the network.
Syntax: 
ping  [-options] host-address


Example : ping www.google.com


















It not only checks for the status in the network of the host but also calculates the round trip time . Round trip time is basically time required for the packet to achieve one round trip . (One round trip in this context means sending of ping packet from the sender to the host and back to the sender . )
It provides minimum , maximum and average round trip times which you can see from the snapshot above.
The round trip time is in milliseconds.
The ping  output above specifies the various IP addresses of the host from where they where echoed back .It also mentions the TTL values (Time to Live) which is the time the packet survives in the network after it was sent. For Windows OS it is 52ms . The size of the packet is of 32 bytes. It also mentions the packets which were transmitted and also the packets which were recieved wiith the loss percentage.
This tool is widely used for administering the network and is a very handy tool when it comes to network troubleshooting.


It has got various options which can be used with ping for effective network and host analysis.


-i TTL : is used to manually specify thge Time to live for each echo request packet sent in the network.
Example : ping -i 56 www.google.com
-n count : Number of echo packets to send. 
Example : ping -n 12 www.google.com
-4 :use IPv4
-6:Use IPv6
-w timeout :timeout in milliseconds to wait for reply.
Example : ping -w 13 www.google.com
-t :used to ping the network until stopped.


There are much more options :
In Linux OS use man ping command
In Windows use ping /?


Ping is a very handy tool for administering the network. 
But is even used for various Denial of Service attacks in the network .


Ping attacks :


1 : Ping Flooding : Ping flooding is a Denial of service attack were the network is flooded with the ping packets which makes the host system down or even the system to crash. This is restricted nowadays by limiting the maximum time to ping.


2 : Ping of death : Is a kind of attack wherein a malformed ping packet is sent to the host . This is done usually by increasing the size of the packet to be sent to the host . Since IPv4 restricts the size  of the ping , usually the ping is fragmented and sent which when assembled at the host results in Buffer overflow at the host causing the system at host to crash.


3 : Smurf attack : Is also used to flood the host with spoofed ping broadcasts causing the system at the host to fail.


There are much more attacks that can be performed with ping.


Ping is indeed a powerful tool.


Ping can be engineered for both good and the bad. It is used for network analysis, troubleshooting and also for various attacks.




For any comments, suggestions mail me at rajeevrvis@gmail.com

No comments: