See also: Network | Protocol | Internet Protocol
Acronym for: Internet Control Message Protocol
Allows computers on a network to share error, control messages and other information by sending certain types of packets to one another. ICMP messages are often seen as a security risk by incompetent network administrators and are often blocked by firewalls. However, a great number of ICMP messages must go thru in order to have a functional network, e.g. path MTU discovery depend on ICMP messages type 3 (destination unreachable) and code 4 (fragmentation needed and DF set) to get back to the machine sending packets being too big in order to funtion. Another often blocked are ICMP Echo Request messages, used by ping. ping is a command that can test wether a remote machine is up or not. By itself it poses no security problem (although as with any kind of traffic the bandwidth used can lead do denial of service) but it can be a tool for network discovery and the machine discovered attacked. Also, some IP stacks used to crash on some malformed packets. A decent, up to date [[operating system]) helps in that case as can do traffic normalization.
However, depending on twarting network discovery for security is believing in security through obscurity.
- RFC 792 – the RFC specifying ICMP
- Wikipedia entry on ICMP
TakeDown.NET -> “ICMP”