The IT Law Wiki

Internet Control Message Protocol

32,081pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

The Internet Control Message Protocol (ICMP) is

[a] protocol that is used to send control messages between hosts on a network. One example of the use of this protocol is when someone tries to send a packet to a host that has been turned off or is no longer available. In this case, the last active network appliance will detect this problem and will send a “host unreachable” ICMP message back to the originating host.[1]

Overview Edit

"ICMP packets can contain diagnostic (ping, traceroute), error (network/host/port unreachable), information (timestamp, address mask request, etc.), or control (source quench, redirect, etc.) messages. Although these messages are generally harmless, there are nevertheless some message types that should be dropped. Some ICMP messages can be used to redirect traffic from a web site. Other messages can leak information about a host that could be helpful to an attacker. ICMP messages are also sometimes used as part of DOS attacks (e.g., flood ping, ping of death)."[2]

References Edit

  1. Law Enforcement Tech Guide for Information Technology Security: How to Assess Risk and Establish Effective Policies, at 190.
  2. Privacy Impact Assessment EINSTEIN Program: Collecting, Analyzing, and Sharing Computer Security Information Across the Federal Civilian Government, at 7.

Also on Fandom

Random Wiki