Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Ping Question 500 points!!!!!

Posted on 2005-03-24
6
Medium Priority
?
334 Views
Last Modified: 2013-12-06
Is there any reason you should be able to ping a website and get a reply back? I notice that when you ping Ebay they block ICMP and so you dont get a reply. But then when you ping Google.com you get a reply. Why would Ebay block that or should Google block that? I just want to learn a little about what a ping does, and how much of a security vulnerability it is. Thanks alot.
0
Comment
Question by:LeviDaily
6 Comments
 
LVL 11

Accepted Solution

by:
chad earned 400 total points
ID: 13626689
what would happen if you wrote a small script that would send many pings using a large data packet?
It could overwhelm the webserver for google and could even make it crash... if not it could hinder their bandwidth usable to supply for actual requests.
this is called a "denial of service" attack... aka ping of death
http://www.cert.org/tech_tips/denial_of_service.html
http://whatis.techtarget.com/definition/0,289893,sid9_gci213591,00.html

blocking ICMP is a simple and effective way to prevent this type of attack.  there are other methods of detection that I am sure that yahoo and google use.
0
 
LVL 13

Assisted Solution

by:gpriceee
gpriceee earned 400 total points
ID: 13626712
Some sites block ICMP so you can't discover their addresses so that you can narrow your attacks for denial of servioce or other attacks.
With pings, an attacker can discover information about network topology and some OS information as well.
It's a good idea to deny ICMP at the router and/or firewall.
0
 
LVL 32

Assisted Solution

by:harbor235
harbor235 earned 400 total points
ID: 13626907
The answer to your question is it depends on the security policies of a particular organization. I agree with qpriceee concerning ICMP as a potential DOS enabler, however, it is not a good idea to deny ICMP. Many types of ICMP messages aide in things like PMTU discovery which essential to efficient communications over the internet. I better statement would have been it is a good security practice to deny some types of ICMP messages. Blocking ICMP echo requests (ping) may stop script kiddies however, there are tons more sophisticated exploits I would block first.


harbor235
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Assisted Solution

by:andnicky
andnicky earned 400 total points
ID: 13627768
Security people must sometimes balance their own and users' convenience. Pingability is at least a courtesy to Internet users.  Good security people can rate-limit ICMP, deny some message types as harbor235 suggests or find other ways to resist attacks while retaining a friendly face online.

Cisco, Juniper, D-Link, Novell, Experts-Exchange...pingable.  

Microsoft, Red Hat, Linksys, even Amazon...nope.

then there's www.fbi.gov and www.cia.gov..........and they're not the same!

0
 
LVL 23

Assisted Solution

by:sciwriter
sciwriter earned 400 total points
ID: 13628384
PING is absolutely crucial to the internet.  Everyone on the internet must have an IP, and every IP should be pingable, even if the main ports are blocked.  Although sites can mask and refuse response, they still should be pingable.  The response I got from Ebay is that they are there, but not returning requests.  The ones you need to worry about are the spam servers that come onto the ineternet to send spam, then disappear from existence.
0
 
LVL 2

Author Comment

by:LeviDaily
ID: 13630431
How do you just allow pings, but block requests, like Ebay?
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question