ICMP port number

Can someone tell me which port number is used by ICMP.
I am not sure if it is part of IP or UDP or TCP or a separate protocol by itself.

Thanks
jskfanAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pete LongTechnical ConsultantCommented:
ICMP is a protocol not a port  :)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Pete LongTechnical ConsultantCommented:
its protocol number 1
0
Miguel Angel Perez MuñozCommented:
IP and TCP are differents protocols.

IP is equal to Network protocols on OSI model and TCP is equal to Transport protocol on OSI model.
0
Amazon Web Services

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

galemanyCommented:
ICMP is at same level as TCP or UDP and all of them belong to IP. That means that any of these frames has its own header plus a common (IP) header. The port number is in the TCP header and UDP header, but not in the ICMP header

0
warddhoogheCommented:
Tech details can be found here http://www.faqs.org/rfcs/rfc792.html
0
Don JohnstonInstructorCommented:
ICMP is at same level as TCP or UDP and all of them belong to IP.

Technically, ICMP is a layer 3 protocol. But that can cause some confusion since IP is a layer 3 protocol and ICMP is seen to "run" on top of IP. Which is why some people consider it a layer 4 protocol. The way I explain it is to think of ICMP as a layer 3.5 protocol... with the emphasis on "3".  :-)

But as has already been said (for IPv4), ICMP is protocol 1 (TCP is 6, UDP is 17, etc.).

And within ICMP, type 0 is echo reply, type 3 is destination unreachable, type 8 is echo request, etc.
0
jskfanAuthor Commented:
if you want to block just ICMP by itself , which port number should you use ?
I know that in some firewall application, you just need to check ICMP and it will be blocked, but behind the scene which port number is selected ?
0
galemanyCommented:
There is no port behind the scene. Ports are used by TCP and UDP just to be allow a single machine  to maintain several client-server dialogs. ICMP is a level 3, 3.5 or 4 protocol but it's neither TCP nor UDP so, no port  
0
Don JohnstonInstructorCommented:
if you want to block just ICMP by itself , which port number should you use ?

You don't block a port. You block the protocol. For example:

access-list 101 deny icmp any any echo
access-list 101 deny icmp any any echo-reply
0
masheikCommented:
If you still have confusion ,look into the icmp Header,

http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol

which do not contain anything about ports.
0
jskfanAuthor Commented:
Ok...
If you block HTTP , you are blocking port 80

which means  you cannot telnet to port 80.

Let 's say you want to block ICMP, you can use:
access-list 101 deny icmp any any echo
access-list 101 deny icmp any any echo-reply

is ACL here blocking ports or does application filtering [it takes ICMP as an application] ??
0
galemanyCommented:

If you block HTTP , you are blocking port 80 YES

which means  you cannot telnet to port 80. Yes, you cannot

Let 's say you want to block ICMP, you can use:
access-list 101 deny icmp any any echo
access-list 101 deny icmp any any echo-reply

When you are using a Cisco router, yes

is ACL here blocking ports or does application filtering [it takes ICMP as an application] ??

It is not blocking any port. It detects the protocol of a frame and, if it is an ICMP message and the type is 8 (echo-request) or 0 (echo-reply) it is blocked. But these 8 and 0 are not ports, they are ICMP message types. ICMP doesn't play with ports.

From your questions, I can understand that you are referring to Windows Firewall, right? ICMP is neither an application nor a port based protocol. That's why there is an specific checkbox for it in Windows Firewall.

When you want to block TCP port 80, the firewall must first chech if it is an IP packet, then if there is inside a TCP frame and then if port is 80

In the same way, when you want to block an ICMP message type 0 (echo-reply), the firewall must first check also if it is an IP packet, then if there is an ICMP message inside and, finally, if this ICMP message is type 0.

It's similar, but not the same concept.
0
jskfanAuthor Commented:
Excellent
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
TCP/IP

From novice to tech pro — start learning today.