How to Ping a Server

If you’re an IT auditor or security analyst and you don’t know how to ping a server, then I have some words for you:

LEARN HOW!

So let’s do it.

I’m assuming most of my readers already know how to do this. If so, please answer the poll question at the bottom. If not, please read on, then answer the poll question. Thanks!

Why Ping?

You can use ping for a number of reasons, but for this post, I’m limiting the reason to determining whether a server (or PC or network device, such as a router) is up and running.

How to ping

In Windows, to ping a device, you must open the command prompt. In most Windows operating systems, just click Start, Run, type cmd and press Enter. Since my computer account is ITauditSecurity, I get this prompt:

Ping a Server in Command Prompt

You can either ping a device by IP address or name (this post deals with version 4 IP addresses; version 6 is different; today, most IP addresses are still version 4 and will probably be that way for several more years).

If the server has an IP address of 192.168.22.50 and the server’s name is server1, you can ping it by IP address (red box) or name (white box) as follows.

Ping by IP or Name

Can’t Ping?

If you can’t reach the device, you’ll get a message like those shown below (see green boxes).

Can't ping server

You might receive this kind of a response due to a number of reasons–here’s just a few:

  • The asset is not up and running.
  • A network device is not allowing you to reach the asset due to a network problem or by design (i.e., your ping request was dropped or blocked). The asset may indeed be alive and well, but “hidden”.
  • Your ping command was incorrect (wrong server name or IP address, or a command syntax error).

Regardless of the reason, the important thing is that you need to ask a subject matter expert (SME) why you couldn’t reach the device. If it was not due to your own error, the reason could give you a better understanding of the network or the device you are trying to ping–which might shed light on your audit or research you are performing.

Ping a Web Site

You can also ping a web site, like google.com. Just type ping google.com and press Enter.

Admin Account?

My astute readers may have noticed that the first 2 images above show that the ITauditSecurity account is an administrator account (see the blue banner at the top of those images). As I have noted before on this blog, I do not use an administrator account for everyday usage and strongly suggest you don’t either (see Log in as Root or Administrator?).

I created these images on my admin account because I did not want to reveal the account name I use for my non-admin account (if your account reflects your name, you’re giving that away freely to every web site you visit). But then I logged out and blogged this post under my non-admin account.

Poll

About these ads

4 Comments

Filed under Audit, How to..., Poll, Security, Technology

4 responses to “How to Ping a Server

  1. “If you’re an IT auditor or security analyst and you don’t know how to ping a server, then I have some words for you…”

    I’d have some words for a security analyst who doesn’t know how to ping – and they wouldn’t be “learn how”… :-) It would be more along the lines of “GTFO”…

  2. Richard,
    Of course I’m being nice. But I’ve met some analysts like that, no joke.

    Your last name adds a funny chuckle to our discussion….

    Thanks for your comment!

  3. Wo Da

    What you should have shed light upon are the various replies possible and their explanation (not only destination unreachable). Also you are suppose to change you admin account name to something else to be more secure because as it is there is a route to you. Thanks.

    • Wo,
      Changing your admin account doesn’t affect pings, but changing the name of that account is never a bad idea, as it helps detect and prevent attacks that use the default account name. You can always configure your firewall to reject pings, but more importantly, the other ports are still open. You’d want to stealth those ports more so than the port that allow ping replies.

      What I tried to address in the above post is how to tell if a server or device is up during an audit. Typically, companies don’t turn off ping replies inside a company for many reasons.

      In this post, I wasn’t addressing security at all.

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s