What Is ICMP?

The Internet Control Message Protocol is used to diagnose network issues over the Internet.

Common DDoS Attacks
DDoS Attack Tools
DDoS Glossary of Terms


Learning Objectives

After reading this article you will be able to:

  • Define the ICMP
  • Describe how ping and traceroute work

What is the Internet Control Message Protocol (ICMP)?

The Internet Control Message Protocol is an internet layer protocol used by network devices to diagnose network communication issues. ICMP is mainly used to determine whether or not data is reaching its intended destination in a timely manner. Commonly, the ICMP protocol is used on network devices, such as routers.

What Is ICMP Used For?

The primary purpose of ICMP is for error reporting. When two devices connect over the Internet, the ICMP generates errors to share with the sending device in the event that any of the data did not get to its intended destination.

A secondary use of ICMP protocol is to perform network diagnostics; the commonly used terminal utilities traceroute and ping both operate using ICMP. The traceroute utility is used to display the routing path between two Internet devices. The routing path is the actual physical path of connected routers that a request must pass through before it reaches its destination. The journey between one router and another is known as a ‘hop’, and a traceroute also reports the time required for each hop along the way. This can be useful for determining sources of network delay.

The ping utility is a simplified version of traceroute. A ping will test the speed of the connection between two devices and report exactly how long it takes a packet of data to reach its destination and come back to the sender’s device. Although ping does not provide data about routing or hops, it is still a very useful metric for gauging the latency between two devices. The ICMP echo-request and echo-reply messages are commonly used for the purpose of performing a ping. Unfortunately network attacks can exploit this process, creating means of disruption such as the ICMP Flood Attack and the Ping of Death attack.

ICMP Flood Attack: