The Internet Control Message Protocol (ICMP)

Introduction to ICMP

There are many security tools (such as firewalls, network intrusion devices and routers) out there that can alert network administrators of any penetrations or attacks that are occurring. But these devices, for the most part, can only detect those cyberthreats coming from the external environment.

What is also needed is some sort of detection system that can alert the network administrator of any unknown or suspicious activity that is occurring from with the various network segments.

This is where the Internet Control Message Protocol (also known as the “ICMP”) comes into play.

A review of the Internet Protocol Suite

Before reviewing all of the technical aspects of the ICMP, it is important to note that this protocol operates and supports network-based activity in what is also known as the “Internet Protocol Suite.” This model consists of the following four layers:

  1. The Application Layer: This is the layer in which various applications create information and data which can be communicated to other applications which reside on the same host, or even an entirely different host. It is this particular layer in which the various networking topologies are theoretically located, such as the Peer-to-Peer and Client Server (as described previously). The higher-level network protocols are also used and supported at this layer, including the following:
    • Simple Mail Transfer Protocol (SMTP)
    • File Transfer Protocol (FTP)
    • Secure Shell (SSH)
    • Hypertext Transfer Protocol (HTTP)
  2. The Transport Layer: This is the layer in which the actual network communications take place between different hosts that reside on the same network segment (such as those found on a LAN) or even an entirely different one (such as those found on a WAN). The most widely used communications protocol used in this layer is the Transmission Control Protocol, or TCP
  3. The Internet Layer: This specific (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Ravi Das (writer/revisions editor). Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/aUESP-lN5Sc/