When you want to find the ICMP header, it appears after the IPv4 or IPv6 packet header. You can tell it because it is identified as IP protocol number 1. The complex protocol contains three fields:
- The major component that identifies the ICMP message.
- The minor coding that contains more information about the type field.
- The checksum that helps detect errors introduced during transmission.
After that information, you will see the ICMP data and the original IP header to identify which packets failed. Let’s take a quick look at some of the error messages you are likely to see.
- Parameter problem
- Time exceeded message
- Destination un-reachable
- Redirection message
As you can see, there can be a number of different issues. From time to time, ICMP has been used to execute denial-of-service attacks. Typically, that is done by sending an IP packet larger than the number of bytes allowed by the IP protocol. That process is called pinging. If a server is continuously pinged, that can cause the server to crash. Ping is a utility which uses ICMP messages to report back information on network connectivity and the speed of data relay between a host and a destination computer. It’s one of the few instances where a user can interact directly with ICMP, which typically only functions to allow networked computers to communicate with one another automatically.