A Gentle Introduction to Networking: Ping

Posted by Christian.

Occasionally I'll get a nebulous question like "can you explain networking?" I struggle with answering this one. It's not that networking is too hard to explain. Few things are that hard. The real issue is that the topic is so vast, it's hard to know where to begin.

I first learned about networking while playing on a MUD as a child. There's precious little else that gets a pre-teen boy to learn something besides the promise of video games. If you can't be bothered to click the link, it's essentially a chat room that you can reprogram. Games like these used to be filled with hackers and aspiring hackers. I think you can guess which one I was. Still, folks took pity on me and showed me the ropes.

I'm definitely advocating that you get a rogue-with-a-heart-of-gold hacker type to teach you the rules and how to break them, but I recognize that may be somewhat inaccessible to most of you, so you'll have to settle for me and my videos.

Rather than start you with an overview of networking, I've decided to showcase the ping utility, a small tool that you can use to start exploring your network. And because I'm a bad person, I also talk about how you can use ping to cause a little bit of trouble.

Ping Flooding

A little addendum to the little trick in the video. I lied a bit. While a ping flood technically is still a viable attack in the modern age, almost every network device on the planet has an automatic defense against it. Specifically, when pings start coming in too fast, many operating systems just close the door and ignore them.

This feature is called ICMP flood protection and is enabled by default almost everywhere. If you're lucky, you might find a host that isn't protected, but the odds are about the same as finding a four-leafed clover.

The other bit I glossed over is that the version of ping on most unix systems actually has a -f parameter which specifically starts a flood, sending ping packets out as fast as possible. I omitted it because it's not as much fun as trying to cause trouble by mixing innocent features.

Also, you can't start a ping flood (with either the -i or -f flags) without being the superuser on the system. This is a baked-in feature of ping to keep casuals from making a mess. That means the actual command is:

$ sudo ping -f -s 65500 192.168.1.1

And lastly, just to be absolutely clear, in modern networking you can't cause too much damage trying to ping flood with a single machine...

file_put_contents(/home/askme/web/anchor/errors.log): failed to open stream: Permission denied
The error has been logged in /anchor/errors.log
Uncaught Exception

Uncaught Exception

file_put_contents(/home/askme/web/anchor/errors.log): failed to open stream: Permission denied

Origin

anchor/config/error.php on line 15

Trace

#0 [internal function]: System\Error::native()
#1 /home/askme/web/anchor/config/error.php(15): file_put_contents()
#2 [internal function]: System\Config::{closure}()
#3 /home/askme/web/system/error.php(111): call_user_func()
#4 /home/askme/web/system/error.php(26): System\Error::log()
#5 /home/askme/web/system/error.php(98): System\Error::exception()
#6 [internal function]: System\Error::shutdown()
#7 {main}