What Is Ping Check?

The ping check tool is a universal tool used by network administrators and other professionals to verify that two devices on a network can communicate. It works by sending internet control message protocol, or ICMP, requests to a device and waiting for a response from the device. The time it takes for the response to be sent and return is recorded and presented in the form of packet loss. If the remote device is able to respond to ping requests in a timely manner, than it can typically be assumed that there are no network connectivity issues preventing the two devices from communicating.

How Does Ping Checking Work?

A ping works by sending an ICMP echo request packet to the destination. If the destination device receives the ICMP echo request, it should then reply with an echo reply message. The device that sent the echo request will calculate the total amount of time the process took, and it will present the time in milliseconds.

What Causes Ping Checks to Fail?

If a ping does not succeed, the error messages generated can give insight into the issue that is preventing the devices from communicating. If there is a host unreachable message given, this is usually due to firewalls or other networking devices blocking the ICMP traffic. If a host cannot be found message is given, then it can be due to an issue with an incorrect IP address or a network that is completely unknown to the source device.

Ping Check Options

In addition to this basic functionality, there are several command line switches that can be used to enhance the knowledge gained from a ping check. These switches include the ability to change the ping message size, the amount of times the remote device is pinged and the ability to change the IP address that the ping appears to be originating from.

Ping Check Security Flaws

While ping checks are typically used for troubleshooting purposes, they can be used for nefarious reasons as well. Attackers can use ping messages as a venue of attack for computers and networks. The two most popular ping-based attacks are known as the ping of death and ping flooding.

A ping of death, or POD, is an attack that uses a malformed or malicious ping message. A normal ping message is only 32 bytes in size, and older computer systems and hardware are not designed to handle ping messages larger than this size gracefully. With a ping of death, the attacker would send an abnormally large ping message to a computer or hardware device with the intent of causing the device to crash. Newer devices have fixed this exploit; and as a result, this attack method has become more obscure over the years.

As the ping of death has fallen in popularity, a simpler attack called ping flooding has gained traction. With ping flooding, an attacker attempts to overload a network or device by sending it large amounts of ping traffic that it cannot process. When ping traffic reaches this point, normal traffic can no longer access the system being attacked. This is also known as a denial of service, or DoS, attack. In reaction to this threat, many networks no longer accept ICMP messages originating from outside of their network.