ICMP port number?

RZetlinRZetlin Inactive Imported Users Posts: 155
edited May 26 in Network+
Does ICMP have a port number? If so, what is it?

Comments

  • keatronkeatron Security Tinkerer Member Posts: 1,213 ■■■■■■□□□□
  • RZetlinRZetlin Inactive Imported Users Posts: 155
    keatron wrote:
    ICMP does not have a port abstraction.

    Then how does it send out it's signals?
  • nogennogen Inactive Imported Users Posts: 14 ■□□□□□□□□□
    im not currently studing for net+ however i think it doesnt send signals out... it is ust a protocol for error handling....... from what i read...... maybe somoene can shed some light on this.
  • johnnynodoughjohnnynodough Member Posts: 634
    ICMP (ping, trace)is a layer 3 protocol suite within the TCP/IP suite, doesnt test any layer 4 or above functions, therefore, it has no TCP/UDP layer 4 port number. The sub protocols within it do. You can block echo replies by closing port 7. That is how you get to be not pinged on the net.
    Go Hawks - 7 and 2

    2 games againts San Fran coming up, oh yeah baby, why even play? just put then in the win category and call it good :p
  • johnnynodoughjohnnynodough Member Posts: 634
    RZetlin wrote:
    keatron wrote:
    ICMP does not have a port abstraction.

    Then how does it send out it's signals?

    By using ICMP echo requests. Which do function on port 7.
    Go Hawks - 7 and 2

    2 games againts San Fran coming up, oh yeah baby, why even play? just put then in the win category and call it good :p
  • comm3ccomm3c Member Posts: 1 ■□□□□□□□□□
    This is complete bollocks. First, ICMP does not use a port since it does not have a place for a port. It is encapsulated with an IP datagram only. You will find the port option only on UDP and TCP datagrams. To block ICMP echo, you would explicitly block the type and code.

    People who do think that ICMP somehow uses port 7 (the old echo service where it would echo every character you sent to it) should not be in networking and should be shot.

    If you do not agree with what I have said, look at the structure of an IP datagram and of an ICMP datagram. The ICMP is encapsulated in the IP datagram and then the IP datagram into whatever the particular media needs to form the frame.
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    comm3c wrote:
    This is complete bollocks. First, ICMP does not use a port since it does not have a place for a port. It is encapsulated with an IP datagram only. You will find the port option only on UDP and TCP datagrams. To block ICMP echo, you would explicitly block the type and code.

    People who do think that ICMP somehow uses port 7 (the old echo service where it would echo every character you sent to it) should not be in networking and should be shot.

    If you do not agree with what I have said, look at the structure of an IP datagram and of an ICMP datagram. The ICMP is encapsulated in the IP datagram and then the IP datagram into whatever the particular media needs to form the frame.

    Chill out. You can make your point w/o putting people down.

    To the OP:
    Check out RFC 792.
    http://www.faqs.org/rfcs/rfc792.html
    ICMP, uses the basic support of IP as if it were a higher
    level protocol, however, ICMP is actually an integral part of IP, and
    must be implemented by every IP module

    Remember what a port really is used for - a service listening on a host. Logical ends of a conversation. Sometimes called sockets or listener or whatever. One way to think about it is since there is no ICMP service running on a host it has no listening port.

    I also found this thread on the firewall-wizards list with your exact same question and about 20 replies that basically said (in a nice way) the ICMP is a protocol like TCP and UDP are protocols, and not a service needing a port number. Scroll down and you'll see the topic "ICMP Well-Known Port":
    https://honor.icsalabs.com/pipermail/firewall-wizards/1999-September/thread.html#6507
    All things are possible, only believe.
  • Johnny 5Johnny 5 Member Posts: 24 ■□□□□□□□□□
    No, ICMP does not use ports.

    However, it does have various ICMP types, the most common being echo reply (type 0), echo request (type icon_cool.gif, and Destination Unreachable (type 3). Because of the numbers, you'll often hear "it's trying to connect on port 0", when actually it's an echo reply packet.

    More info:

    http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
  • saba.khansaba.khan Member Posts: 2 ■□□□□□□□□□
    If ping is blocked how will u check if a node is up and running in a different building?
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    saba.khan wrote:
    If ping is blocked how will u check if a node is up and running in a different building?

    Most admins will block ICMP at the border router or firewall to keep out inquisitive n'er-do-wells. ICMP will remain open on the internal LAN. At least that's the way I do it. My internal LAN spans 3 class C subnets across dozens of buildings on over 300 acres and you can ping any host on the network from any other host on the network. Outsiders cannot ping past my firewall though.
    All things are possible, only believe.
  • jhoop2002jhoop2002 Member Posts: 2 ■□□□□□□□□□
    I am auditing the firewall settings for my network. What should they look like to handle icmp??

    A little information -
    1. we want to ping external sites (really just to test the connection)
    2. we also do our own domain hosting, email, websites, etc.
    4. we do have multiple internet connections
    3. we have a cisco pix firewall

    Right now the setting is
    - permit icmp any any

    Initially I'm thinking that is to open and should be restricted. But I'm trying to figure out how to restrict it without closing something I need. Any help would be appreciated.
  • ThePistonDoctorThePistonDoctor Member Posts: 62 ■■□□□□□□□□
  • jhoop2002jhoop2002 Member Posts: 2 ■□□□□□□□□□
    well, that looks pretty good. At this stage I'm not worried about the command line arguments, but more or less services I should block allow.

    So in that link, the guy is basically denying all incomming icmp requests except those that are responses to requests that orginated in his local subnet?
  • ladeegeekladeegeek Member Posts: 1 ■□□□□□□□□□
    layer 3, IP - identifies what layer 4-ish protocol is being carried in the packet.

    TCP at layer 3 is identified with port/protocol # 6
    UDP is 17
    ICMP is 1

    Protocol Numbers

    hth,
    LG
This discussion has been closed.