A ping sweep (also known as an ICMP sweep) is a basic
network scanning technique used to determine which of a range of
IP addresses map to live
hosts (computers). Whereas a single
ping will tell you whether one specified host
computer exists on the network, a ping sweep consists of
ICMP (Internet Control Message Protocol) ECHO requests sent to multiple hosts. If a given address is live, it will return an ICMP ECHO reply. Ping sweeps are among the older and slower methods used to scan a network.
There are a number of tools that can be used to do a ping sweep, such as fping, gping, and nmap for UNIX systems, and the Pinger software from Rhino9 and Ping Sweep from SolarWinds for Windows systems. Both Pinger and Ping Sweep send multiple packets at the same time and allow the user to resolve host names and save output to a file.
To disable ping sweeps on a network, administrators can block ICMP ECHO requests from outside sources. However, ICMP TIMESTAMP and Address Mask Requests can be used in a similar manner.
This was last updated in February 2002
Dig Deeper
-
Backing up to local disk or tape can protect against the accidental destruction of a file but will do nothing to protect you when your facility suffers fire or flooding. Remote backup provides a better solution. This tip looks at two possibilities for remote backup: Choosing an outsourced remote backup service, or using software to do your own backups to an offsite facility.
-
Learn how attackers are using the widespread deployment of low-cost VoIP to leverage phishing attacks.
-
Is the government listening to your VoIP traffic? Can other companies spy on your WAN? It may sound like a paranoid conspiracy theory, but it's not that far out, technologically speaking. In this tip, Tom Lancaster looks at just how exposed your WAN traffic may be.
-
People who read this also read...
-
Resources from around the Web