Browse Definitions :
Definition

ping strangeness

Ping strangeness is a term used in troubleshooting to describe the incidence of an unusual pattern of ICMP ECHO_REQUEST packets being sent to a specific network node or an unusual number of error messages returning.

Ping (Packet Internet Groper) is a utility program that allows a user or program to verify that a particular IP address exists and can accept requests. Ping can be used as an alternative to the traceroute utility to troubleshoot network connectivity and latency issues. It is faster than traceroute and generates less network traffic.

When a user issues a ping request, the program formats an ICMP ECHO_REQUEST packet and sends it to a designated target address. If the remote IP address is active, it responds with an ICMP ECHO_REPLY packet. Ping then uses the timestamp of the Echo Reply to calculate a round-trip time and gauge response time.

If the target address is unavailable or something else is not working normally, Ping will report an error. Common errors include Destination Unreachable, Unknown Host and Request Timed Out.

When there is an unusual pattern of ICMP ECHO_REPLY packets being sent to the same server in the same time period, or there is an unusual number of error messages, this "strange" pattern is worth investigating. It could be that Ping is being used to carry out a denial of service attack (DoS) or look for attack vectors.

This was last updated in September 2017

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • Web application firewall (WAF)

    A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a ...

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

  • DRAM (dynamic random access memory)

    Dynamic random access memory (DRAM) is a type of semiconductor memory that is typically used for the data or program code needed ...

  • RAID 10 (RAID 1+0)

    RAID 10, also known as RAID 1+0, is a RAID configuration that combines disk mirroring and disk striping to protect data.

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

Close