Internet Control Message Protocol (ICMP)¶
The Internet Control Message Protocol (ICMP), often perceived as a simple network utility for diagnostics and error reporting, presents a surprisingly vast and complex attack surface. Its ubiquitous presence and generally permissive nature through network defences make it an ideal vehicle for a spectrum of offensive operations.
A hierarchical blueprint for weaponising the ICMP protocol to conduct stealthy reconnaissance, establish covert channels, execute disruptive attacks, and evade security controls across modern networks.
- Overview attacks on ICMP
- ICMP Echo sweeping (Ping sweep)
- TTL manipulation for OS fingerprinting
- ICMP-based service discovery
- ICMP tunnelling for data exfiltration & covert channels
- Fragmented ICMP exfiltration techniques
- DNS-over-ICMP (C2) covert channels
- ICMP flood attacks
- ICMP amplification attacks
- Ping of Death (Modern variants)
- NAT/Firewall bypass techniques
- Lateral movement via ICMP
- ICMPv6 router advertisement spoofing
- ICMP side-channel attacks
- IoT/OT device crashes via ICMP
- Cloud metadata service abuse via ICMP
- Adaptive evasion techniques
- Autonomous attack systems
- Forensic evasion techniques
- Security control bypass techniques