![]() ![]() The firewall decreases the TTL value of the message by 1 and the TTL value becomes 0. After receiving the message, the switch decreases the TTL value by 1 and forwards the message to the firewall. The PC sends a second ICMP Echo Request message with the TTL value being 2. After receiving the message, the PC knows the IP address of the first hop. The switch then discards the message and returns an ICMP Time Exceeded message with its IP address as the source address. After receiving the message, the switch decreases the TTL value by 1. The TTL value of the first ICMP Echo Request message is 1. When the Echo Reply messages returned by the destination match the session entry, the firewall will forward these messages.įigure 6-3 Tracert process initiated by a PC When receiving an Echo Request message from the source, the firewall creates a session entry and forwards the message. If the source receives the ICMP Echo Reply messages within a specified period, the destination is reachable. After receiving the messages, the destination replies with ICMP Echo Reply messages. The source sends several consecutive ICMP Echo Request messages to the destination. Ping requires two types of ICMP messages: ICMP Echo Request (Type 8) and ICMP Echo Reply (Type 0). If you have high security requirements, you can permit ICMP messages of only specific types. However, ICMP is also often used by attackers to spy on the network or establish covert channels. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |