The Story About PING


#1

Everyone loves ping. It's simple. It's utilitarian. And it does exactly what the sonar inspired name implies. Ping tells you if a remote computer is responding to network requests.


This is a companion discussion topic for the original blog entry at: http://www.codinghorror.com/blog/2007/01/the-story-about-ping.html

#2

Yes, it is a very simple, but useful function. I sometimes ping Google to find out if there is some problem with the Internet connection. Another useful, complementary utility is “tracert” (Windows) which gives more details about routing.


#3

ping and the corisponding protocol it is based upon, is blocked on campus.

they use something else to test avalibility.


#4

Mike was brilliant, if a bit idiosyncratic. I had the pleasure and honor of working with him early in my career. I remember watching in awe as he implemented a virtual memory object system, entirely in C, so that we could fit our large CAD models into a PDP-11’s address space (64K (not M) bytes of data and 64K bytes of program). It took him maybe a day or two.

We used it to compute this object: http://www.cs.utah.edu/gdc/pics/images/bulkhead1.gif, and I’m pretty sure, this more complex one, too: http://www.cs.utah.edu/gdc/pics/images/blades.gif

Mike was a hacker, in the best sense of the word. He may have written code quickly, but it was never dirty. Our world is poorer without him.


#5

Interesting that you ping www.yahoo.com in your screenshot. For some reason, that’s my habit when testing an internet connection. I always ping yahoo. I wonder how much ping traffic they get.


#6

I think it’s because ping predates Google… and Yahoo was around much earlier.


#7

As an interesting side-note is that traceruoute (which is a “relative” of ping :)) on linux uses UDP, not ICMP by default. Here are some links about this topic: http://hype-free.blogspot.com/2006/10/traceroute-on-windows-and-linux.html


#8

From a linguistic perspective, of course, hardly a day goes by when I don’t ping someone to get their insight/opinion/schedule on something, or to remind them about something. I am guessing that a fair percentage of people where I work who say “I’ll ping so-and-so” don’t know exactly where this comes from.


#9

I always do this to troubleshoot connectivity at a wifi spot, etc:

ping 4.2.2.2 (easy to remember and doesn’t need DNS)
ping www.google.com (to test DNS)
telnet www.google.com 80 (to test HTTP outbound and DNS)

It takes 5-10 seconds, and you know that everything should be working after that. It’s also incremental in nature in terms of the stack, so you’ll know what the issue is based on how far you’ve made it with those three tests.


#10

Here’s my tip.

Use ping -t (host) to repeatedly ping a server while it’s restarting, rebooting, etc.

You’ll know it’s back up when it is responding to pings…


#11

The arcade classic Pong was called Ping in the UK, as “pong” here is slang for a noxious odour :slight_smile:


#12

Do you know that ping can be used to tunnel TCP traffic? Here is a link: http://www.cs.uit.no/~daniels/PingTunnel


#13

If ‘ping’ works on your local Windows network, and you’ve not enabled file sharing or otherwise opened TCP port 445 (e.g. through Group Policy), it may be a sign that Windows Firewall is not enabled. In its default configuration, Windows Firewall rejects ICMP Echo Request packets.

Ping itself probably isn’t harmful - although it gives attackers an indication that a host is alive - but leaving your computers open to attack definitely is. You may think you’re secure but if you have any users with laptops that they take home or to customer sites, it’s quite possible for them to get infected off-site then infect everyone else when they bring the laptop back to the office (or onto the VPN). Don’t trust any other machines - use a software firewall.


#14

I find it sad nobody mentioned the “ping of death”. If you flood pinged windows (95?) machines, they would become unresponsive and then either BSOD (blue screen of death) or reboot, I don’t remember which.


#15

Actually, the “ping of death” was not a flood of ICMP Echos. It’s simply one ICMP Echo with over 65536 bytes in the payload directed at a host. Remember, 64 bytes is the default. The packet would be fragmented in order to be transmitted to the destination due to its size being larger than the MTU. The receiving host would attempt to reconstruct the overly large packet from the fragments and overflow a buffer causing itself to panic/hang/need rebooting/reboot.


#16

The “Story About Ping” book review originally appeared in
Slashdot back in 1999:

http://books.slashdot.org/article.pl?sid=99/01/31/1246212

I know, because I wrote it. It’s been lifted and reposted elsewhere since then – always without attribution of course.


#17

Categorical blocking of all ICMP is something that ignorant security paranoid people do. It drops out “ping” too.

At the same time they break TCP Path-MTU, and when IPv6 comes into true use, they break their entire network.

In many web-site cases the published one/two IP addresses for the site are actually handled by a “load-balancer switch”, which diverts incoming TCP connection flows to real back-end servers. At the same time they don’t (at all) support ICMP redirecting - which may cause surprising effects with TCP Path-MTU.
(All the world can carry full-size ethernet frames of 1500 bytes each? Yeah, right… Consider PPPoE, and realize that present world is by default running with “don’t fragment” bit set…)

traceroute can use ICMP too, but original UNIX traceroute used UDP, thus all its UNIX descendants use that by default, while some can use also ICMP.


#19

I was wondering, if my kid brother was on the xbox 360 online all day and one day I got tired of it, but he was smart enough to check to see if everythings plugged in, is there a way that I could ping the xbox on the network to make it lag bad or time out or something?


#20

The ping screenshot shown isn’t the real Mike Muuss ping!

http://ftp.arl.mil/~mike/ping.html is Mike’s ping page, showing the output of his version of ping.


#22

The amazon link on this 18 year old article is obsolete. The current convention arranges reference ids in this order-

https://www.amazon.com/gp/customer-reviews/R2VDKZ4X1F992Q/ref=cm_cr_dp_d_rvw_ttl?ie=UTF8&ASIN=0140502416

I’m not sure if one of those is my own account reference. If so please let me know if you can but replace it with your own to have a working URL.