Ping sweep is a diagnostic technique that identifies active computers on a network by sending ICMP echo requests to IP addresses. It can be used by system administrators to diagnose network problems and by hackers to locate targets. Ping sweep utilities like Fping can send multiple requests to multiple hosts. ICMP packets can be disabled to prevent hacking attempts.
A ping sweep, also called Internet Control Message Protocol (ICMP), is a diagnostic technique used in computing to see which range of Internet Protocol (IP) addresses are in use by live hosts, which are usually computers. It is usually used to indicate where active machines are located on a network, and is sometimes used by a system administrator to diagnose a network problem. Ping sweeps are also used by computer hackers, those trying to break into a network, to see which computers are active so they know where to focus their attacks.
The word ping originates from sonar technology. It is the common way submarines work to detect bodies in the water. A sound packet is sent, and if there is an object in the way, the sound packet returns and is usually detected as a “ping” sound when received.
In computer technology, the single ping is sent using an ICMP echo request. The packet is sent to a specific IP address, and if that address is active, it will send a notification. Ping requests also offer other information, such as how long it took for the signal to get back and whether there was any packet loss. A variety of commands that can be added to the ping request, so it can also return much more information.
Multiple ICMP echo packets are sent to multiple hosts during a ping sweep. If a host is up, it will return the ICMP echo request. The request is a little more complicated than a single ping, and usually specialized versions of the ping utility will be used. One of the best known ping sweep utilities is called Fping. It works differently than a single ping utility, like the one built into all Windows® operating systems.
Unlike a single ping request, Fping can use a list of addresses from a file so the user doesn’t have to manually enter each address. It also works in a round-robin fashion, and once it pings one host, it moves on to the next one without waiting. Fping is meant to be used in a script for ease of use, unlike the single ping request program.
Unfortunately, most of those who use a ping sweep are hackers. They use it to monitor large networks so they know where to focus their efforts. Hackers can also slow down traffic on a network if they continuously ping addresses. Many network systems have ways to block this type of traffic, but the simplest way is to disable ICMP packets. If a system administrator needs to perform a ping sweep, they could simply re-enable ICMP packets temporarily. Ping sweeps are considered an older and slower technology and are not used as much as they used to be.
Protect your devices with Threat Protection by NordVPN