Gather Information About a Target Website using Ping Command Line Utility

Ping is a network administration utility used to test the reachability of a host on an IP network and measure the round-trip time for messages sent from the originating host to a destination computer. The ping command sends an ICMP echo request to the target host and waits for an ICMP response. During this request-response process, ping measures the time from transmission to reception, known as round-trip time, and records any loss of packets. The ping command assists in obtaining domain information and the IP address of the target website.

Open the Command Prompt window. Type ping www.certifiedhacker.com and press Enter to find its IP address. The displayed response should be similar to the one shown in the screenshot.

Note the target domain’s IP address in the result above (here, 162.241.216.11). You also obtain information on Ping Statistics such as packets sent, packets received, packets lost, and approximate round-trip time.

In the Command Prompt window, type ping www.certifiedhacker.com -f -l 1500 and press Enter.

The response, Packet needs to be fragmented but DF set, means that the frame is too large to be on the network and needs to be fragmented. The packet was not sent as we used the -f switch with the ping command, and the ping command returned this error.

In the Command Prompt window, type ping www.certifiedhacker.com -f -l 1300 and press Enter.

Observe that the maximum packet size is less than 1500 bytes and more than 1300 bytes.

Now, try different values until you find the maximum frame size. For instance, ping www.certifiedhacker.com -f -l 1473 replies with Packet needs to be fragmented but DF set, and ping www.certifiedhacker.com -f -l 1472 replies with a successful ping. It indicates that 1472 bytes are the maximum frame size on this machine’s network.

Now, discover what happens when TTL (Time to Live) expires. Every frame on the network has TTL defined. If TTL reaches 0, the router discards the packet. This mechanism prevents the loss of packets

In the Command Prompt window, type ping www.certifiedhacker.com -i 3 and press Enter. This option sets the time to live (-i) value as 3.

Reply from 192.168.100.6: TTL expired in transit means that the router (192.168.100.6, you will have some other IP address) discarded the frame because its TTL has expired (reached 0).

The IP address 192.168.100.6 might vary when you perform this task.

Minimize the command prompt shown above and launch a new command prompt. Type ping www.certifiedhacker.com -i 2 -n 1 and press Enter. Here, we set the TTL value to 2 and the -n value to 1 to check the life span of the packet.

Type ping www.certifiedhacker.com -i 3 -n 1. This sets the TTL value to 3.

Observe that there is a reply coming from the IP address 162.241.216.11, and there is no packet loss.

Now, change the time to live value to 4 by typing, ping www.certifiedhacker.com -i 4 -n 1 and press Enter.

Repeat the above step until you reach the IP address for www.certifiedhacker.com (in this case, 162.241.216.11).

Find the hop value by trying different TTL value to reach www.certifiedhacker.com.

On successfully finding the TTL value it will imply that the reply is received from the destination host (162.241.216.11).

This concludes the demonstration of gathering information about a target website using Ping command-line utility (such as the IP address of the target website, hop count to the target, and value of maximum frame size allowed on the target network).