1 00:00:00,450 --> 00:00:06,810 Some network protocols can be used as a way to attack networks and you should understand how they work 2 00:00:07,140 --> 00:00:15,390 to enhance your cybersecurity abilities ICMP is one of the most well-known protocols and is widely used 3 00:00:15,570 --> 00:00:24,240 for network monitoring and discovery ICMP requests also known as pings can be sent to a network host 4 00:00:24,270 --> 00:00:28,410 or range of IP addresses to verify connectivity. 5 00:00:28,410 --> 00:00:35,400 Hackers can maliciously use the ICMP protocol for reconnaissance and denial of service attacks known 6 00:00:35,400 --> 00:00:39,050 as ICMP floods. 7 00:00:39,070 --> 00:00:45,370 So even though the ICMP protocol is very useful for troubleshooting and monitoring to prevent this protocol 8 00:00:45,370 --> 00:00:49,860 from helping attackers it should be blocked on internet adds devices. 9 00:00:51,750 --> 00:00:53,940 Pings can be sent from any network device 10 00:00:56,880 --> 00:01:03,330 by using the command P and then your destination IP address or hostname. 11 00:01:03,330 --> 00:01:06,700 You can verify now were connectivity. 12 00:01:06,840 --> 00:01:12,150 So here for my computer I'm pinging my default gateway routers IP address. 13 00:01:12,430 --> 00:01:21,030 And here I can see that my ping was successful and I received ICMP replies from the destination host. 14 00:01:21,110 --> 00:01:25,950 If you were to ping something that was unreachable on your network you would get request time. 15 00:01:28,400 --> 00:01:35,720 As you can see here the destination IP address I am sending a ICMP request to is not reachable on the 16 00:01:35,720 --> 00:01:36,300 network. 17 00:01:36,380 --> 00:01:44,990 So I'm getting a request timed out so you can see a packet capture of an ICMP request in response. 18 00:01:45,050 --> 00:01:50,870 I have wireshark running filtered to only capture ICMP messages and I'm going to just ping something 19 00:01:50,870 --> 00:01:51,590 on the Internet 20 00:01:56,390 --> 00:02:05,020 beacon see pretty simple my source IP address is sending a ping request to my destination IP and then 21 00:02:05,050 --> 00:02:13,170 they're responding with a Ping reply which is what we're seeing here in our command line output in the 22 00:02:13,170 --> 00:02:15,210 next video we're going to talk about. 23 00:02:15,480 --> 00:02:24,610 R which maps layer to to layer 3 addresses for IP version 4 addresses or doesn't feel right to and the 24 00:02:24,610 --> 00:02:33,490 ICMP video without talking about ICMP version 6 which is used for Layer 2 to layer 3 mappings for IP 25 00:02:33,490 --> 00:02:36,890 version 6 addressing. 26 00:02:36,940 --> 00:02:43,870 So just like learn the next video when hosts need to communicate to other host something not work or 27 00:02:43,870 --> 00:02:52,620 routers they need layer 2 and layer 3 information by default of a host wants to communicate with a network 28 00:02:52,620 --> 00:02:58,770 device it knows what the destination layer 3 address is going to be. 29 00:02:58,920 --> 00:03:04,150 The hard part is how to figure out what the layer 2 addresses for its destination. 30 00:03:05,150 --> 00:03:11,540 Earlier in this course we talked about MAC addresses which are the layer 2 addresses on networking devices 31 00:03:12,050 --> 00:03:13,430 with IP version 6. 32 00:03:13,430 --> 00:03:21,110 This is referenced as being the link layer address and host need to discover their neighbors link layer 33 00:03:21,110 --> 00:03:27,040 addresses so they can communicate with them and that's what brings me back to ICMP. 34 00:03:27,080 --> 00:03:35,300 Version 6 ICMP version 6 messages can be sent between hosts to help discover link layer address saying 35 00:03:35,870 --> 00:03:44,160 among other things you're really not expected to know anything about IP version 6 for the exam but you 36 00:03:44,160 --> 00:03:51,110 should at least know about ICMP version 6 and how it can be used to discover link layer addresses. 37 00:03:53,190 --> 00:04:00,660 OK in the next video you'll learn how IPV for hosts learn the same type of layer to layer 3 mapping 38 00:04:01,380 --> 00:04:04,170 but instead using the ARP network protocol.