Hello! I’m trying to ping
some lemmy instances to understand which one is the faster, so I’m just using the ping command:
$ ping lemmy.ml
PING lemmy.ml (54.36.178.108) 56(84) bytes of data.
64 bytes from lemmy.ml (54.36.178.108): icmp_seq=1 ttl=49 time=24.4 ms
ping lemmy.world
PING lemmy.world (135.181.143.230) 56(84) bytes of data.
64 bytes from static.230.143.181.135.clients.your-server.de (135.181.143.230): icmp_seq=1 ttl=52 time=58.2 ms
but if I try with certain instances:
ping vlemmy.net
PING vlemmy.net (109.78.160.70) 56(84) bytes of data.
it just hangs there, forever. if I try to ctrl+C it, it displays
^C
--- vlemmy.net ping statistics ---
13 packets transmitted, 0 received, 100% packet loss, time 12267ms
why does this happens? I can perfectly visit vlemmy.net from my browser so I really can’t understand whay is this happening
what advantages can derive from this?
ICMP is one vector of a distributed denial of service attack. Also, even if not denying the service, it puts load on the network interfaces / routers of that server - everything behind the first firewall / router layer that would otherwise block the ICMP requests.
okay I get it, thanks!
Prevents some types of port scanning normally. Don’t know about other advantages
honestly, not much… other than warm and fuzzies for the person doing the blocking. ICMP sweeps are quick and cheap, so it stops a host from being found easily, but there are other ways to find abhost that are just as easy and cheap.
Adding to the other answers, there isa bunch of server software that comes preconfigured to ignore ICMP.