ICMP port number?

RZetlin · 08-26-2005, 12:44 AM

Does ICMP have a port number? If so, what is it?

keatron · 08-26-2005, 12:55 AM

ICMP does not have a port abstraction.

RZetlin · 08-26-2005, 06:09 AM

Quote:

Originally Posted by keatron

ICMP does not have a port abstraction.

Then how does it send out it's signals?

nogen · 08-27-2005, 01:39 PM

im not currently studing for net+ however i think it doesnt send signals out... it is ust a protocol for error handling....... from what i read...... maybe somoene can shed some light on this.

johnnynodough · 08-27-2005, 06:10 PM

ICMP (ping, trace)is a layer 3 protocol suite within the TCP/IP suite, doesnt test any layer 4 or above functions, therefore, it has no TCP/UDP layer 4 port number. The sub protocols within it do. You can block echo replies by closing port 7. That is how you get to be not pinged on the net.

johnnynodough · 08-27-2005, 06:15 PM

Quote:

Originally Posted by RZetlin

Quote:

Originally Posted by keatron

ICMP does not have a port abstraction.

Then how does it send out it's signals?

By using ICMP echo requests. Which do function on port 7.

comm3c · 02-04-2007, 08:18 PM

This is complete bollocks. First, ICMP does not use a port since it does not have a place for a port. It is encapsulated with an IP datagram only. You will find the port option only on UDP and TCP datagrams. To block ICMP echo, you would explicitly block the type and code.

People who do think that ICMP somehow uses port 7 (the old echo service where it would echo every character you sent to it) should not be in networking and should be shot.

If you do not agree with what I have said, look at the structure of an IP datagram and of an ICMP datagram. The ICMP is encapsulated in the IP datagram and then the IP datagram into whatever the particular media needs to form the frame.

sprkymrk · 02-04-2007, 09:20 PM

Quote:

Originally Posted by comm3c

This is complete bollocks. First, ICMP does not use a port since it does not have a place for a port. It is encapsulated with an IP datagram only. You will find the port option only on UDP and TCP datagrams. To block ICMP echo, you would explicitly block the type and code.

People who do think that ICMP somehow uses port 7 (the old echo service where it would echo every character you sent to it) should not be in networking and should be shot.

If you do not agree with what I have said, look at the structure of an IP datagram and of an ICMP datagram. The ICMP is encapsulated in the IP datagram and then the IP datagram into whatever the particular media needs to form the frame.

Chill out. You can make your point w/o putting people down.

To the OP:
Check out RFC 792.
http://www.faqs.org/rfcs/rfc792.html

Quote:

ICMP, uses the basic support of IP as if it were a higher
level protocol, however, ICMP is actually an integral part of IP, and
must be implemented by every IP module

Remember what a port really is used for - a service listening on a host. Logical ends of a conversation. Sometimes called sockets or listener or whatever. One way to think about it is since there is no ICMP service running on a host it has no listening port.

I also found this thread on the firewall-wizards list with your exact same question and about 20 replies that basically said (in a nice way) the ICMP is a protocol like TCP and UDP are protocols, and not a service needing a port number. Scroll down and you'll see the topic "ICMP Well-Known Port":
https://honor.icsalabs.com/pipermail...read.html#6507

Johnny 5 · 02-05-2007, 01:07 AM

No, ICMP does not use ports.

However, it does have various ICMP types, the most common being echo reply (type 0), echo request (type

, and Destination Unreachable (type 3). Because of the numbers, you'll often hear "it's trying to connect on port 0", when actually it's an echo reply packet.

More info:

http://en.wikipedia.org/wiki/Interne...ssage_Protocol

saba.khan · 03-24-2007, 04:58 AM

If ping is blocked how will u check if a node is up and running in a different building?

sprkymrk · 03-24-2007, 12:37 PM

Quote:

Originally Posted by saba.khan

If ping is blocked how will u check if a node is up and running in a different building?

Most admins will block ICMP at the border router or firewall to keep out inquisitive n'er-do-wells. ICMP will remain open on the internal LAN. At least that's the way I do it. My internal LAN spans 3 class C subnets across dozens of buildings on over 300 acres and you can ping any host on the network from any other host on the network. Outsiders cannot ping past my firewall though.

jhoop2002 · 02-27-2008, 06:51 PM

I am auditing the firewall settings for my network. What should they look like to handle icmp??

A little information -
1. we want to ping external sites (really just to test the connection)
2. we also do our own domain hosting, email, websites, etc.
4. we do have multiple internet connections
3. we have a cisco pix firewall

Right now the setting is
- permit icmp any any

Initially I'm thinking that is to open and should be restricted. But I'm trying to figure out how to restrict it without closing something I need. Any help would be appreciated.

ThePistonDoctor · 02-27-2008, 07:36 PM

Try this....don't quote me though - I'm an amateur at best

http://www.velocityreviews.com/forum...interface.html

jhoop2002 · 02-27-2008, 08:05 PM

well, that looks pretty good. At this stage I'm not worried about the command line arguments, but more or less services I should block allow.

So in that link, the guy is basically denying all incomming icmp requests except those that are responses to requests that orginated in his local subnet?

ladeegeek · 05-12-2010, 12:50 AM

layer 3, IP - identifies what layer 4-ish protocol is being carried in the packet.

TCP at layer 3 is identified with port/protocol # 6
UDP is 17
ICMP is 1

Protocol Numbers

hth,
LG