Yesterday an interviewer asked me what the port number for ping is and which protocol ping uses: TCP or UDP.
After the interview, I searched on the Internet and found different results: someone says ICMP uses port 7, someone says it does not use any port number, on one site I found it uses IP protocol 1, etc.
Can anyone help me with the correct explanation?
I'd like to give you an additional answer especially to this part of the question:
... someone says ICMP uses Port 7
Port 7 (both TCP and UDP) is used for the "echo" service.
If this service is available on a computer, UDP port 7 could be used instead of ICMP to perform a "ping".
However, most modern computers don't have the "echo" service running, so performing "ping" using UDP port 7 instead of ICMP would not work.
And: As the words "instead of ICMP" already indicate, "ping" over UDP port 7 does NOT use ICMP but UDP, which is a completely different protocol!
As others have already stated, in general pings are ICMP-based and have no ports. There is, however, such a thing as TCP Ping where, instead of the typical 3-way TCP handshake, only the first 2 steps are performed and the delay between is measured. Once the measurement has completed, a RST ACK is sent to close the half-open connection. Then the process repeats until the counter/duration is reached or you terminate the process. Using TCP Ping (which I use FREQUENTLY to test for open ports on servers my systems admins work on) you are able to specify destination ports to test (to verify a server is listening on a certain port). The source port is just an ephemeral random port.
If you'd like to see an example of a TCP Ping utility (the one I use on Windows systems), here you go: TCPing. Also, NMAP comes with a utility called NPING which has a flag to allow it to perform TCP based pings too (I use that on macOS and Linux systems).
As a note, some network equipment also has this capability, such as Cisco ASAs using some of the newer operating system versions. The command is: ping tcp <destination IP> <destination port>
Ping use not port but protocol. Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP echo reply. However, as a security consideration, this is often disabled.
Ping on Windows & Linux systems by default use ICMP. A ping Request will be Type 8 & Code 0 A ping Reply will be Type 0 & Code 0
There are other utilities you can use to run a ping like test for TCP/UDP. A common quick test for seeing if a TCP port is open is using the telnet client on Windows. Nmap is a third party utility you can use on Windows and Linux to test open ports.
Traceroute on Windows uses ICMP and Linux actually uses UDP by default.
You can verify this by using wire shark to capture traffic to see how these operating systems use troubleshooting tools.
The question was probably more to test your knowledge on troubleshooting utilities.
