Tuesday, March 25, 2008

INTERNET PING SERVICE

Ping is a computer network tool used to test whether a particular host is reachable across an IP network; it is also used to self test the network interface card of the computer. It works by sending ICMP “echo request” packets to the target host and listening for ICMP “echo response” replies. Ping estimates the round-trip time, generally in milliseconds, and records any packet loss, and prints a statistical summary when finished.

The word ping is also frequently used as a verb or noun, where it can refer directly to the round-trip time, the act of running a ping program or measuring the round-trip time. It is also used in colloquial slang to mean a 'pinging' sound, referring often to the sound made by an elastic band or any similar noise.

Mike Muuss wrote the program in December, 1983, as a tool to troubleshoot odd behavior on an IP network. He named it after the pulses of sound made by a sonar, since its operation is analogous to active sonar in submarines, in which an operator issues a pulse of energy (a network packet) at the target, which then bounces from the target and is received by the operator. Later David L. Mills provided a backronym, "Packet InterNet Grouper (Groper)" (sometimes also defined as "Packet Inter-Network Groper).

The usefulness of ping in assisting the "diagnosis" of Internet connectivity issues was impaired from late in 2003, when a number of Internet Service Providers filtered out ICMP Type 8 (echo request) messages at their network boundaries.

This was partly due to the increasing use of ping for target reconnaissance, for example by Internet worms such as Welchia that flood the Internet with ping requests in order to locate new hosts to infect. Not only did the availability of ping responses leak information to an attacker, it added to the overall load on networks, causing problems for routers across the Internet.

Although RFC 1122 prescribes that any host must accept an echo-request and issue an echo-reply in return, one finds that this standard is frequently not followed on the public Internet. Notably, Windows XP SP1 will not respond to an echo request on the public Internet in the default configuration.

Proponents of not honoring echo requests say that this practice increases network security. However, attackers can still send network packets to a machine, regardless of whether it responds to a ping. Those who insist that the standard be followed say that not honoring ping interferes with network diagnostics.

No comments: