ping sweep (ICMP sweep)

A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers). Whereas a single ping will tell you whether one specified host computer exists on the network, a ping sweep consists of ICMP (Internet Control Message Protocol) ECHO requests sent to multiple hosts. If a given address is live, it will return an ICMP ECHO reply. Ping sweeps are among the older and slower methods used to scan a network.

There are a number of tools that can be used to do a ping sweep, such as fping, gping, and nmap for UNIX systems, and the Pinger software from Rhino9 and Ping Sweep from SolarWinds for Windows systems. Both Pinger and Ping Sweep send multiple packets at the same time and allow the user to resolve host names and save output to a file.

To disable ping sweeps on a network, administrators can block ICMP ECHO requests from outside sources. However, ICMP TIMESTAMP and Address Mask Requests can be used in a similar manner.

This was last updated in September 2005

Continue Reading About ping sweep (ICMP sweep)

Dig Deeper on Campus area network