Definition Edit

The Internet Control Message Protocol (ICMP) is

[a] protocol that is used to send control messages between hosts on a network. One example of the use of this protocol is when someone tries to send a packet to a host that has been turned off or is no longer available. In this case, the last active network appliance will detect this problem and will send a “host unreachable” ICMP message back to the originating host.[1]

Overview Edit

"ICMP packets can contain diagnostic (ping, traceroute), error (network/host/port unreachable), information (timestamp, address mask request, etc.), or control (source quench, redirect, etc.) messages. Although these messages are generally harmless, there are nevertheless some message types that should be dropped. Some ICMP messages can be used to redirect traffic from a web site. Other messages can leak information about a host that could be helpful to an attacker. ICMP messages are also sometimes used as part of DOS attacks (e.g., flood ping, ping of death)."[2]

References Edit

  1. Law Enforcement Tech Guide for Information Technology Security: How to Assess Risk and Establish Effective Policies, at 190.
  2. Privacy Impact Assessment EINSTEIN Program: Collecting, Analyzing, and Sharing Computer Security Information Across the Federal Civilian Government, at 7.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.