new icmpping versus regular Windows ping ?

Discussion in 'other software & services' started by Czerno, Dec 15, 2004.

Thread Status:
Not open for further replies.
  1. Czerno

    Czerno Guest

    Hi ! Apologies for my question not directly related to Port Explorer, but, I downloaded an ICMP "ping" utility for windows according to a recommendation of these forums recently and have been using it. I reckon you DiamondCS folk and fans are very helpful and kind to newbies...

    My question is how exactly does it differ from the version of "ping" built-in to Windows ? Both use ICMP (AFAIU), maybe different ICMP service numbers ?

    The external ping utility does work in cases where the regular windows one doesn't, and in some cases it's the opposite. I'd like to grasp what each do differently... Please someone explain this to me !


    TIA

    --
    Czerno
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Czerno, As this is not a Port Explorer support issue. I have moved the thread to a more appropriate forum where it should get more attention.

    Than you. Pilli
     
  3. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    What ICMP ping utility are you using? Are you a hacker trying to send unsolicited ICMP pings to other people's computers? If you ICMP ping me, I've got a powerful firewall here to block you out. :mad:
    What are you using that ICMP ping utility for anyway, hacker guy?
     
  4. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    If both use ICMP then there is no difference - ICMP Pings use the Echo Request and Echo Return types which are defined in RFC 792.
    What do you mean by "doesn't work"? Does it time out, give an "Unknown host" message (only applicable to domain names, not IP addresses) or something else?
     
  5. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    There are many legitimate uses for ping utilities. I use PingPlotter to check latency and packet loss when my broadband connection seems slow or I think there is a problem with my current DNS servers.

    Nick
     
  6. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
  7. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i just downloaded, but havent installed Tesseract from http://www.snapfiles.com/get/tesseract.html
    is pingplotter a better option? thanks
     
  8. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    The developer of Tesseract wrote many nice apps. I used that one a long time ago. PingPlotter is popular at my ISP's forum at DSLReports.

    Nick
     
  9. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thanks, Nick. i'll have alook at the link. :cool:
     
  10. Czerno

    Czerno Guest

    Thank you, Paranoid ! Yes both the downloaded ping utility & the proggie built-in Windows bith use ICMP, however that does not mean they use the same ICMP service types. They definitely do not work the same on (moderately complex) combination of LAN/WAN, and furthermore one tends to give results when the other fails en-route, and vice versa.

    What you are saying re. ICMP echo request/return, is that what the built-in windows 2000 "ping" uses ? I'm sure I read that Windows pings differently from Unix...

    I wish I could provide a link to the external ping program I am referring to, unfortunately I did not record the source URL - I found it advertised on these fora however. AFAIU this "icmpping" makes use of the Windows "icmp.dll" , whereas the builtin "ping" does not... It might also use other ICMP service type requests than the other ping.

    Cheers

    --
    Czerno
     
  11. Czerno

    Czerno Guest

    Edit : am I stupid!!! This identifies itself as :

    "DiamondCS ICMP Ping v1.0 (www.diamondcs.com.au)"

    --
    Czerno
     
  12. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    There's not much scope for using other ICMP types aside from Echo Request/Replys. However some "Ping" utilities (like HPing) do offer the option of crafted TCP/UDP packets so it is quite likely that your other Ping utility is using these instead.
    Ping is a standard mechanism and should vary little (if at all) from OS to OS. Traceroute/tracert is another matter - Windows and Unix do implement this differently.
    Icmp.dll allows programs to create their own packets, bypassing Windows' TCP/IP stack (so it could be used to create abnormal packets for testing, for example). It is not restricted to the ICMP protocol despite its name AFAIK.
     
  13. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    All right guys, what's the difference between a Traceroute and a normal ICMP ping?
    They say ICMP ping attacks always come from port 8. But these days I've been getting some weird traceroutes coming from port 11 from China, I wonder if this is some sort of hacking attempt or new trojan?
    Traceroutes are also called ICMP in my firewall.

    Here's an example of one of those traceroute packets from China:
    Type: 11 ( Time-to-live exceeded from router)


    What are these Traceroutes?
     
  14. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Traceroute sends ICMP packets to from point A to point B across a network or the internet(example- your computer to www.wilders.org) to trace the path data takes to reach the destination. The computer sends out an ICMP packet with a time to live set at 0 so it expires upon receipt. The first router in route of the destination replys back with an ICMP Time Exceeded message. The time taken to complete this back & forth communication lets the computer know the distance between itself and the first router hop in the route. The TTL is incremented enough to be passed on to the second router in the route & then the third, ect...

    Type 11 ICMP packets (different than port 11) are the Time Exceeded messages your router would send out if someone did a traceroute to your router's IP address.
    Normally these packets are harmless but traceroute can be used in flooding attacks that could cause a Windows box to completely freeze up.

    Bored to death yet? ;)
     
  15. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
  16. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    "I'm always interested Mr P." I did notice that tool a while back looking for a utility to experiment with,
    it may have been at SnapFiles. Nice of you to provide one that's both free and compatible with most window versions.
    SoftPerfect Network Scanner homepage....http://www.softperfect.com/products/networkscanner/.

    One that looks similair, located on your following link but function limited by the new sp2 is SuperScan v4.0.
    Several other programs written by Robin Keir (listed at the bottom) have found a new home there.
    Foundstone offer's a few other nice utilities I noticed too....knew about these BTW. ;)

    Now I'm not gonna b able to keep up with all these cool utilities you keep dropping on the forum :D Mr.P,
    but I ran across this link which I haven't had the time to fully check out....maybe some more helpful tools?
    http://www.cerias.purdue.edu/tools_and_resources/hotlist/details.php?id=22.

    I'll keep my eye's open n thanks! :ninja:

    GF
     
Loading...
Thread Status:
Not open for further replies.