What is Internet Control Message Protocol ICMP?

Understanding Internet Control Message Protocol ICMP

Provides a means to send error messages and a way to probe the network to determine network availability. ICMP is a network layer protocol in the Internet Protocol Suite used for diagnostic and control functions such as error reporting, reachability testing, and congestion control. It enables tools like ping and traceroute but can also be exploited for network reconnaissance and denial-of-service attacks. ICMP security considerations are addressed in standards like NIST SP 800-41 for firewall security and RFC 5927 for ICMP attacks. Organizations secure ICMP through firewall filtering, rate limiting, monitoring for suspicious patterns, and disabling unnecessary ICMP types. For example, a network security team might configure perimeter firewalls to block most incoming ICMP message types while allowing only specific types like destination unreachable, implementing rate limiting to prevent ping floods and closely monitoring ICMP traffic for signs of reconnaissance. Related terms: Ping, Traceroute, Network reconnaissance, IP protocol, Packet filtering, Smurf attack, ICMP tunneling.