The correct title of this article is ping. The initial letter is capitalized because of technical restrictions.
For other uses, see Ping (disambiguation).
ping in a Windows 2000 command window
Ping is a computer network tool used to test whether a particular host is reachable across an IP network. Ping works by sending ICMP "echo request" packets to the target host and listening for ICMP "echo response" replies. Using interval timing and response rate, ping estimates the round-trip time and packet loss rate between hosts
History
Mike Muuss wrote the program in December, 1983, as a tool to troubleshoot odd behavior on an IP network. He named it after the pulses of sound made by a sonar, since its operation is analogous to active sonar in submarines, in which an operator issues a pulse of energy (a network packet) at the target, which then bounces from the target and is received by the operator. Later David L. Mills provided a backronym, "Packet Internet Grouper (Groper)", also by other people "Packed Internet Gopher", after the small rodents.
The usefulness of ping in assisting the "diagnosis" of Internet connectivity issues was impaired from late in 2003, when a number of Internet Service Providers filtered out ICMP Type 8 (echo request) messages at their network boundaries. This was partly due to the increasing use of ping for target reconnaissance, for example by Internet worms such as Welchia that flood the Internet with ping requests in order to locate new hosts to infect. Not only did the availability of ping responses leak information to an attacker, it added to the overall load on networks, causing problems to routers across the Internet.
There are two schools of thought concerning ICMP on the public Internet: those who say it should be largely disabled to enable network 'stealth', and those who say it should be enabled to allow proper Internet diagnostics.
Sample pinging
The following is a sample output of pinging www.google.com under Linux with the iputils version of ping:
$ ping www.google.com
PING www.l.google.com (64.233.183.103) 56(84) bytes of data.
64 bytes from 64.233.183.103: icmp_seq=1 ttl=246 time=22.2 ms
64 bytes from 64.233.183.103: icmp_seq=2 ttl=245 time=25.3 ms
64 bytes from 64.233.183.103: icmp_seq=3 ttl=245 time=22.7 ms
64 bytes from 64.233.183.103: icmp_seq=4 ttl=246 time=25.6 ms
64 bytes from 64.233.183.103: icmp_seq=5 ttl=246 time=25.3 ms
64 bytes from 64.233.183.103: icmp_seq=6 ttl=245 time=25.4 ms
64 bytes from 64.233.183.103: icmp_seq=7 ttl=245 time=25.4 ms
64 bytes from 64.233.183.103: icmp_seq=8 ttl=245 time=21.8 ms
64 bytes from 64.233.183.103: icmp_seq=9 ttl=245 time=25.7 ms
64 bytes from 64.233.183.103: icmp_seq=10 ttl=246 time=21.9 ms
10 packets transmitted, 10 received, 0% packet loss, time 9008ms
rtt min/avg/max/mdev = 21.896/24.187/25.718/1.619 ms
This output shows that www.google.com is a DNS CNAME record for www.l.google.com which then resolves to 64.233.183.103. The output then shows the results of making 10 pings to 64.233.183.103 with the results summarized at the end.
smallest ping time was 21.896 milliseconds
average ping time was 24.187 milliseconds
maximum ping time was 25.718 milliseconds
The following is a sample output of pinging www.google.com under Microsoft Windows XP with its built-in version of ping:
C:\>ping www.google.com
Pinging www.l.google.com [64.233.183.103] with 32 bytes of data:
Reply from 64.233.183.103: bytes=32 time=25ms TTL=245
Reply from 64.233.183.103: bytes=32 time=22ms TTL=245
Reply from 64.233.183.103: bytes=32 time=25ms TTL=246
Reply from 64.233.183.103: bytes=32 time=22ms TTL=246
Ping statistics for 64.233.183.103:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 25ms, Average = 23ms
This output shows that www.google.com is a DNS CNAME record for www.l.google.com which then resolves to 64.233.183.103. The output then shows the results of making 4 pings to 64.233.183.103 with the results summarized automatically at the end.
smallest ping time was 22 milliseconds
average ping time was 23 milliseconds
maximum ping time was 25 milliseconds
Ping of death
Jump to: navigation, search
Ping of Death can also mean Ping of Death (POD)-Bots, a type of computer game bot used in Counter-Strike.
A ping of death (abbreviated "POD") is a type of attack on a computer that involves sending a malformed or otherwise malicious ping to a computer. A ping is normally 64 bytes in size; many computer systems cannot handle a ping larger than the maximum IP packet size which is 65,535 bytes. Sending a ping of this size often crashes the target computer.
This bug has traditionally been relatively easy to exploit. Generally, sending a ping packet of a size such as 65,536 bytes is illegal according to networking protocol, but a packet of such a size can be sent if it is fragmented; when the target computer reassembles the packet, a buffer overflow can occur, which often causes a system crash.
This exploit has affected a wide variety of systems, including Unix, Linux, Mac, Windows, printers, and routers. However most systems since 1997-1998 or so have been fixed, so this bug is mostly historical.
It should be noted that in the recent years a different kind of ping attack has become wide-spread, ping flooding. The idea there is to simply flood the victim with so much ping traffic that normal traffic will fail to reach the system.