Ping.pingecho

Ruby
1

Cisco.com don’t normally allow pings so tracroutes and pings won’t get
echo requests.

irb(main):003:0> Ping.pingecho(‘cisco.com’, 10, 80)
=> true

How come this works and ping does not? From irb I see that Ruby’s
ping uses a TCP echo. Also I’ve run tcpdump whilst running ping.echo
and could not determine the port that it uses. What port does Ruby’s
Ping use?

2

john maclean wrote:

Cisco.com don’t normally allow pings so tracroutes and pings won’t get
echo requests.

irb(main):003:0> Ping.pingecho(‘cisco.com’, 10, 80)
=> true

How come this works and ping does not? From irb I see that Ruby’s
ping uses a TCP echo. Also I’ve run tcpdump whilst running ping.echo
and could not determine the port that it uses. What port does Ruby’s
Ping use?

check out:

http://www.noobkit.com/show/ruby/ruby/standard-library/ping/pingecho.html

According to this the ‘echo’ port.

grep’ing ‘echo’ in my /etc/services reveals this is port 7…apparently.
(UDP and TCP).

3

2008/8/29 John Pritchard-williams [email protected]:

and could not determine the port that it uses. What port does Ruby’s


Posted via http://www.ruby-forum.com/.

Thanks for the reply. pinging on the echo port makes sense. However
one can ping a host for service and get a response even if that
service is not actually running on the host.

services = %w{bacula-dir distcc echo fax git hostname http https icmpd
kermit keyserver ldap mbus msexch-routing mysql nmap postgres quake
rsync rwhois shell squid ssh svn telnet traceroute tunnel whoami wins
x11}

wooota = ‘192.168.1.1’

services.each do |x|
p %Q{checking host #{host} for protocol #{x}}
p Socket.getaddrinfo(host, x)
end

I get responses even though I know that these services are not
running on my router. Is this because pingecho sends packets on port 7
regardless of the service that one requests?

4

john maclean wrote:

ping uses a TCP echo. Also I’ve run tcpdump whilst running ping.echo

end

I get responses even though I know that these services are not
running on my router. Is this because pingecho sends packets on port 7
regardless of the service that one requests?

getaddrinfo doesn’t do what you think it does. All it does is resolve
the hostname you give it and translate the english name of the port into
the port number by looking it up in /etc/services (or similar). It
doesn’t actually try to open a TCP connection to that host to determine
if that port is open.

Also, a “TCP ping” is an attempt to determine if a host is up by doing
something like sending it a connection request. If the connection
request is either allowed (SYN/ACK) or denied (RST), you know the host
is up. This is unreliable as many hosts drop connection requests on
ports that are closed, but is a good method of determining if a host is
up if they block ICMP. When you use Ping.pingecho on a host that drops
packets instead of sending RST, be sure to specify a port you know is
open.

5

On Fri, Aug 29, 2008 at 11:01 PM, john maclean [email protected]
wrote:

ping uses a TCP echo. Also I’ve run tcpdump whilst running ping.echo
(UDP and TCP).
service is not actually running on the host.
p Socket.getaddrinfo(host, x)
end

I get responses even though I know that these services are not
running on my router. Is this because pingecho sends packets on port 7
regardless of the service that one requests?

I suspect the zeroth entry doesn’t mean anything, just that the
command ran without error. For example, try
Socket.getaddrinfo(‘0.0.0.0’, ‘smtp’).

Todd