Menu
When I try to ping the broadcast address on my LAN, it shows ICMP replies from only 3 hosts, everytime, even though there many hosts connected to the LAN.
For the broadcast address, I did
$ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:1b:38:09:0b:26
inet addr:172.30.120.152 Bcast:172.30.127.255 Mask:255.255.248.0
inet6 addr: fe80::21b:38ff:fe09:b26/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:831096 errors:0 dropped:0 overruns:0 frame:0
TX packets:13022 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:66620362 (66.6 MB) TX bytes:3099025 (3.0 MB)
Interrupt:21 Base address:0x2000
I used the Bcast addr 172.30.127.255 to ping everyone...
$ping -b 172.30.127.255
WARNING: pinging broadcast address
PING 172.30.127.255 (172.30.127.255) 56(84) bytes of data.
64 bytes from 172.30.120.1: icmp_seq=1 ttl=255 time=0.809 ms
64 bytes from 172.30.120.62: icmp_seq=1 ttl=64 time=1.06 ms (DUP!)
64 bytes from 172.30.120.50: icmp_seq=1 ttl=255 time=3.97 ms (DUP!)
64 bytes from 172.30.120.1: icmp_seq=2 ttl=255 time=0.364 ms
64 bytes from 172.30.120.62: icmp_seq=2 ttl=64 time=0.412 ms (DUP!)
64 bytes from 172.30.120.50: icmp_seq=2 ttl=255 time=1.48 ms (DUP!)
64 bytes from 172.30.120.1: icmp_seq=3 ttl=255 time=0.452 ms
64 bytes from 172.30.120.62: icmp_seq=3 ttl=64 time=0.506 ms (DUP!)
64 bytes from 172.30.120.50: icmp_seq=3 ttl=255 time=1.64 ms (DUP!)
Why is that only 3 hosts respond to my ping. Is this bcast address given by ifconfig not the one to be used? I think this might be the reason why I am not able to carry out an amplification attack on a system on my LAN. I injected ICMP-echo packets with spoofed source address of my friend's host and sent it to this broadcast address, and was disappointed to see that his bandwidth was not affected...
Kindly explain...
760
Some versions of ping support a “broadcast” option, which will send a ping to every possible address on the network, and then list those devices that respond.
It means that your ICMP packet (ping) was silently discarded with no response sent. That might happen for several reasons: Ping is disabled on router or (more likely) end point. Network is congested or misconfigured.
A broadcast ping works by sending an ICMP echo request to the local broadcast address 255.255. 255.255 and then waiting for hosts to reply with an ICMP echo reply.
Some hosts simply don't respond to broadcast pings (for example, Windows is configured by default this way).
66
Because in example some implementations work by sending the broadcast to the preferred interface, not all of them. You need a relay to send to all interfaces. You may consider reading the RFC 919
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
