No announcement yet.

Checking for Live Systems - Pinging

  • Filter
  • Time
  • Show
Clear All
new posts

  • Checking for Live Systems - Pinging

    A common scanning method of checking for live systems is pinging, or performing a ping sweep. Pinging is the process of using the ping command to detect whether a system is live as well as gain information about the connection quality of the connection between two systems. Ping (Packet InterNet Groper) is a computer network administrator tool used to test the reacability of of a host and to determine the RTT (Round Trip Time) amongst other things. You should allready know this tool. The ping tool uses an ICMP (Internet Control Message Protocol) message, which is why this technique is also called ICMP scanning.
    The process works by using one system to send and ICMP ECHO request to the target system and if this system is alive, and accepts ICMP messages, it will respond by sending back an ICMP ECHO reply.
    If such a reply has been received the target system is confirmed to be up and alive.
    Consider pinging IP addresses instead of DNS names because not receiving a reply from the target host might indicade a DNS problem, rather than the host not being alive.
    Ofcourse this task is also doable with the Nmap tool.
    Pinging more than one host at once is what is called a ping sweep because you use this technique to scan or sweep a range of IP addresses, looking for hosts that are alive.
    Ping sweeps are incredibly effective in that they can build an inventory of target systems quickly. Remark that many firewalls block ICMP traffic so ICMP scanning might not be possible from outside the target network. IDS alerts and IPS blocking this type of sweep also has to be taken into consideration.
    Certified Security Geek