What alternative can a tester use if ICMP is disabled when pinging a target?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

What alternative can a tester use if ICMP is disabled when pinging a target?

Explanation:
If ICMP is blocked, you can verify reachability at the transport layer using a TCP ping. This approach sends a TCP SYN to a known open port (like 80 or 443) and watches the reply. A SYN-ACK indicates the host and port are reachable, a RST means the port is closed, and no reply suggests the traffic is filtered or blocked by a firewall. Many networks allow TCP traffic while blocking ICMP, so this provides a practical way to test connectivity when ping via ICMP isn’t possible. UDP ping, HTTP ping, and DNS ping rely on specific services or the behavior of UDP, HTTP, or DNS, which makes them less reliable as generic reachability tests.

If ICMP is blocked, you can verify reachability at the transport layer using a TCP ping. This approach sends a TCP SYN to a known open port (like 80 or 443) and watches the reply. A SYN-ACK indicates the host and port are reachable, a RST means the port is closed, and no reply suggests the traffic is filtered or blocked by a firewall. Many networks allow TCP traffic while blocking ICMP, so this provides a practical way to test connectivity when ping via ICMP isn’t possible. UDP ping, HTTP ping, and DNS ping rely on specific services or the behavior of UDP, HTTP, or DNS, which makes them less reliable as generic reachability tests.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy