Dino Geek, try to help you

What is ICMP protocol in NMAP?


The Internet Control Message Protocol (ICMP) is an integral part of the Internet Protocol Suite (IPS). It is used by network devices to send error messages and operational information indicating success or failure when communicating with other devices, particularly in cases where a requested service is not available or a host or router couldn’t be reached.

NMAP, or “Network Mapper,” is an open-source network scanner used to discover hosts and services on a computer network, thus creating a “map” of the network. NMAP sends specially crafted packets to the target host(s) and then analyzes their responses, using ICMP in addition to other protocols.

ICMP has several different uses in NMAP. For instance, ICMP echo requests are used for a straightforward “ping” to determine whether a host is up. Otherwise known as a “ping sweep,” this is one of the most basic and fast scans in NMAP’s repertoire. If the system replies with an ICMP echo response, NMAP knows the system is up. However, it is possible for system administrators to block ICMP echo requests/replies, making this type of scan less effective under certain circumstances.

Furthermore, NMAP also uses ICMP in its host discovery phase. An ICMP timestamp request can be sent to each target before starting the scan process. If a timestamp reply is received, the target host is labeled as ‘up’ for further tests.

ICMP can be used in other parts of an NMAP scan as well; for example, NMAP can use an ICMP “Destination Unreachable” message to infer something about the target host’s TCP stack. If the target host sends an ICMP “Destination Unreachable” message in response to a SYN packet that was sent to a closed port, NMAP can use this information to determine that the port is closed.

In a nutshell, ICMP is not only a protocol but also an essential tool and service used by NMAP for network mapping and scanning. The combination of NMAP and ICMP creates powerful strategies for system or network administrators to discover information about their networks.

Sources:

- “RFC 792 – INTERNET CONTROL MESSAGE PROTOCOL” by University of Southern California (https://tools.ietf.org/html/rfc792)
- “Different Scanning Techniques NMAP Part#1” by GeeksforGeeks (https://www.geeksforgeeks.org/different-scanning-techniques-nmap-part-1/),
- “Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning” by Gordon Fyodor Lyon (https://nmap.org/book/man-host-discovery.html)

It’s important to mention that using tools like NMAP for probing networks, especially without permission, may be considered unethical and illegal in some situations, so they should only be used responsibly and for legitimate purposes.


Simply generate articles to optimize your SEO
Simply generate articles to optimize your SEO





DinoGeek offers simple articles on complex technologies

Would you like to be quoted in this article? It's very simple, contact us at dino@eiki.fr

CSS | NodeJS | DNS | DMARC | MAPI | NNTP | htaccess | PHP | HTTPS | Drupal | WEB3 | LLM | Wordpress | TLD | Domain name | IMAP | TCP | NFT | MariaDB | FTP | Zigbee | NMAP | SNMP | SEO | E-Mail | LXC | HTTP | MangoDB | SFTP | RAG | SSH | HTML | ChatGPT API | OSPF | JavaScript | Docker | OpenVZ | ChatGPT | VPS | ZIMBRA | SPF | UDP | Joomla | IPV6 | BGP | Django | Reactjs | DKIM | VMWare | RSYNC | Python | TFTP | Webdav | FAAS | Apache | IPV4 | LDAP | POP3 | SMTP

| Whispers of love (API) | Déclaration d'Amour |






Legal Notice / General Conditions of Use