Internet Control Message Protocol
(also ICMP protocol)
Internet Control Message Protocol definition
The Internet Control Message Protocol (ICMP) is a network layer protocol primarily used for diagnostic purposes and error detection issues in network communications. Usually, the ICMP protocol is used in various network devices, like routers. ICMP’s role is to recognize and determine if data reaches its intended destination on time. Also, it’s crucial for testing and various error-reporting issues. Nevertheless, it can be used in (DDoS) attacks, such as ICMP flood attacks, where attackers can bombard the target network with ICMP traffic and cause network congestion and various service disruptions.
See also: anti-malware, ransomware
Common ICMP usage scenarios:
Message redirection: ICMP can redirect messages to a host to inform about a more efficient route to a specific or desired destination. That can significantly improve data transmission efficiency and allows hosts to update their routing tables.
Unreachable messages: Also known as “Destination Unreachable.” When the message can’t reach the desired destination, “Destination Unreachable messages” are sent by routers to hosts to inform them about the hindrance of the operation. These occur when network congestion, firewall blocking, or non-existent route issues occur.
Echo Request and Echo Reply messages: These messages are used for testing the latency (round-trip-time) and reachability between network devices. Popular tools, like the “ping” utility, sends Internet Control Message Protocol an Echo request message to a desired IP address and waits for Echo Reply messages.
Time Exceeded messages: These messages help identify the issues in network routing or finding network loops. The messages are generated when the TTL value drops to zero or exceeds a specific hop limit.