ICMP is a protocol used for error reporting and diagnostics in computer networks. It is part of the Internet Protocol Suite and includes predefined messages for different purposes. Traceroute and ping rely on ICMP messages. ICMP is used to send error messages or diagnostic information between devices or hosts using the Internet Protocol. The maximum size of a packet is dictated by the Maximum Transmission Unit of a particular network link. ICMP Router Discovery Protocol can facilitate automatic network configuration for hosts that support it. Traceroute uses the ICMP message generated when a packet has expired or has exceeded its “time to live.” Ping relies on the ICMP Echo Request message, which can be abused in a “smurf attack.”
The Internet Control Message Protocol (ICMP) is a utility used for error reporting and diagnostic purposes in computer networks. ICMP is part of the Internet Protocol Suite (IP) and consists of predefined messages with different purposes. Most aspects of the Internet Control Message Protocol go unnoticed by end users, but some network tools such as traceroute and ping rely on ICMP messages for their functionality.
At the heart of the Internet and smaller computer networks is a collection of protocols known as the IP Suite. These protocols specify the formats for messages exchanged between network devices and establish rules for how those messages are sent and received. Protocols are also layered, with each layer building on the one below it. The ICMP is part of the second highest layer, the Internet layer. This layer includes the well-known Internet protocol responsible for transmitting individual groups of data, called packets, across one or more networks.
ICMP is used to send error messages or diagnostic information between devices or hosts using the Internet Protocol. ICMP messages are predefined and can be indicated by name or type number. Most of these messages involve different types of error reporting. For example, when a particular host cannot be reached, an ICMP message is often generated indicating the specific problem preventing data delivery. Other types of messages are sent if packets become corrupted or if a router or host in a network is congested.
The maximum size of a packet is not predefined, but is dictated by the Maximum Transmission Unit (MTU) of a particular network link. Different links may have different MTUs, but a packet must be smaller than the smallest MTU along a given path to complete its journey. A technique known as Path MTU Discovery (PMTUD) uses ICMP messages to notify a sender when packets are too large for a particular path segment.
A related protocol known as ICMP Router Discovery Protocol (IRDP) can facilitate automatic network configuration for hosts that support it. IRDP uses two types of Internet Control Message Protocol messages to advertise and discover neighboring routers, i.e. hosts that connect two or more networks. A router that supports IRDP will periodically broadcast an ICMP router advertisement announcing its presence to hosts. Hosts can also send a request message asking all nearby routers to identify themselves.
Some popular network utilities are also based on the Internet Control Message Protocol. One tool, traceroute, uses the ICMP message generated when a packet has expired or has exceeded its “time to live” (TTL). By setting an intentionally low TTL value for a packet, traceroute will receive an ICMP Time Exceeded message from the last router the packet reached before it expired. Repeating this process and increasing the TTL value will, in theory, generate a list of all hosts that packets are traversing.
Another tool called ping relies on the ICMP Echo Request message, which is answered with an ICMP Echo Reply message. Unfortunately, ping can also be abused in a so-called “smurf attack” when a hacker sends out echo requests with spoofed sender information, to which many other machines respond. This can congest a network to the point where no legitimate packets can get through, a situation known as denial of service.
Protect your devices with Threat Protection by NordVPN
