0%

ping-history

发表于 分类于

What is ping?

First of all, what exactly is Ping? In the course of doing research, it has been found that it has taken on several distinct meanings. One is that Ping is actually an acronym for the words 'Packet INternet Groper'. Another is that it is in fact not an acronym at all, but a noun that was adopted from a verb that the US Navy that uses to describe what its submarines do when looking for objects under the sea. Their subs send out sonar waves and then wait for a return wave when it bounces off something, such as another sub, whale, ocean floor etc. This, in turn, was adopted from bats and dolphins, who navigate in roughly the same way. This is what a system administrator does when Ping is used. As such, Ping has also evolved into a verb in the computer industry, and it is used in somewhat the same manner of the Navy. (more detail below)

The Ping utility is essentially a system administrator's tool that is used to see if a computer is operating and also to see if network connections are intact. Ping uses the Internet Control Message Protocol (ICMP) Echo function which is detailed in RFC 792. A small packet is sent through the network to a particular IP address. This packet contains 64 bytes - 56 data bytes and 8 bytes of protocol reader information. The computer that sent the packet then waits (or 'listens') for a return packet. If the connections are good and the target computer is up, a good return packet will be received. PING can also tell the user the number of hops that lie between two computers and the amount of time it takes for a packet to make the complete trip. Additionaly, an administrator can use Ping to test out name resolution. If the packet bounces back when sent to the IP address but not when sent to the name, then the system is having a problem matching the name to the IP address. As mentioned previously, Ping has also evloved from a noun/acronym into a verb, for example: "Ping server X to see if it is up" The time it takes for the packet to get to the target computer and back again is known as the round trip time. If this takes an extended period of time, it is indicative that something may be wrong. (Sources: Netlingo site, Windows NT Help Menu, Connected: An Internet Encyclopedia site, Brown Computer Solutions site, Guide to Practical Linux by Mark G. Sobell, FreeBSD Ping Manpage)

The History of Ping - Terry Slattery

Everyone doing networking these days knows about the ping program. What is often not known is how it originated. I happened to be a by-stander and was able to see it being created.

Mike named it after the sound made by sonar. If you've seen the movie The Hunt for Red October, you may recall the scene where Sean Connery, captain of the Red October, issues the command to his chief, "Give me one ping, Vasily." That's basically what the network version of ping does. Is the remote destination reachable?

It was funny a few years ago (like 10 years?) to see people trying to turn PING into an acronym with phrases like Packet INternet Groper. Plausible, but as the MythBusters say, "Myth Busted!"

I happened to be visiting Mike the evening he created ping (he often worked late into the night). He was an incredible software developer, producing high quality software at a rate that was ten times what other developers could create. He had great insight into the right way to solve problems. He and I worked together on the Test TCP (ttcp) program as well (see the comments in the TTCP source).

The Story of the PING Program - Mike Muuss(original version of ping )

Yes, it's true! I'm the author of ping for UNIX. Ping is a little thousand-line hack that I wrote in an evening which practically everyone seems to know about. :-)

I named it after the sound that a sonar makes, inspired by the whole principle of echo-location. In college I'd done a lot of modeling of sonar and radar systems, so the "Cyberspace" analogy seemed very apt. It's exactly the same paradigm applied to a new problem domain: ping uses timed IP/ICMP ECHO_REQUEST and ECHO_REPLY packets to probe the "distance" to the target machine.

My original impetus for writing PING for 4.2a BSD UNIX came from an offhand remark in July 1983 by Dr. Dave Mills while we were attending a DARPA meeting in Norway, in which he described some work that he had done on his "Fuzzball" LSI-11 systems to measure path latency using timed ICMP Echo packets.

In December of 1983 I encountered some odd behavior of the IP network at BRL. Recalling Dr. Mills' comments, I quickly coded up the PING program, which revolved around opening an ICMP style SOCK_RAW AF_INET Berkeley-style socket(). The code compiled just fine, but it didn't work -- there was no kernel support for raw ICMP sockets! Incensed, I coded up the kernel support and had everything working well before sunrise. Not surprisingly, Chuck Kennedy (aka "Kermit") had found and fixed the network hardware before I was able to launch my very first "ping" packet. But I've used it a few times since then. grin If I'd known then that it would be my most famous accomplishment in life, I might have worked on it another day or two and added some more options.

The folks at Berkeley eagerly took back my kernel modifications and the PING source code, and it's been a standard part of Berkeley UNIX ever since. Since it's free, it has been ported to many systems since then, including Microsoft Windows95 and WindowsNT. You can identify it by the distinctive messages that it prints, which look like this:

PING vapor.arl.army.mil (128.63.240.80): 56 data bytes
64 bytes from 128.63.240.80: icmp_seq=0 time=16 ms
64 bytes from 128.63.240.80: icmp_seq=1 time=9 ms
64 bytes from 128.63.240.80: icmp_seq=2 time=9 ms
64 bytes from 128.63.240.80: icmp_seq=3 time=8 ms
64 bytes from 128.63.240.80: icmp_seq=4 time=8 ms
^C

----vapor.arl.army.mil PING Statistics----

5 packets transmitted, 5 packets received, 0% packet loss round-trip (ms) min/avg/max = 8/10/16

In 1993, ten years after I wrote PING, the USENIX association presented me with a handsome scroll, pronouncing me a Joint recipient of The USENIX Association 1993 Lifetime Achievement Award presented to the Computer Systems Research Group, University of California at Berkeley 1979-1993. ``Presented to honor profound intellectual achievement and unparalleled service to our Community. At the behest of CSRG principals we hereby recognize the following individuals and organizations as CSRG participants, contributors and supporters.'' Wow!

From my point of view PING is not an acronym standing for Packet InterNet Grouper, it's a sonar analogy. However, I've heard second-hand that Dave Mills offered this expansion of the name, so perhaps we're both right. Sheesh, and I thought the government was bad about expanding acronyms! :-)

Phil Dykstra added ICMP Record Route support to PING, but in those early days few routers processed them, making this feature almost useless. The limitation on the number of hops that could be recorded in the IP header precluded this from measuring very long paths.

I was insanely jealous when Van Jacobson of LBL used my kernel ICMP support to write TRACEROUTE, by realizing that he could get ICMP Time-to-Live Exceeded messages when pinging by modulating the IP time to life (TTL) field. I wish I had thought of that! :-) Of course, the real traceroute uses UDP datagrams because routers aren't supposed to generate ICMP error messages for ICMP messages.

The best ping story I've ever heard was told to me at a USENIX conference, where a network administrator with an intermittent Ethernet had linked the ping program to his vocoder program, in essence writing:

ping goodhost | sed -e 's/.*/ping/' | vocoder

He wired the vocoder's output into his office stereo and turned up the volume as loud as he could stand. The computer sat there shouting "Ping, ping, ping..." once a second, and he wandered through the building wiggling Ethernet connectors until the sound stopped. And that's how he found the intermittent failure.

Ruhann(WiggWare:reddit)-Just another Network Engineer

Mike is the author PING for UNIX, a little thousand-line hack that Mike wrote one evening, July 1983, from an idea that came about to measure path latency using timed ICMP Echo packets. PING is NOT an acronym, many believe PING is short for Packet Internet Groper, but this is not the case nor was Mike’s intention.

Mike named PING after the sounds a Sonar makes, due to operational simularities, in that ping uses timed IP/ICMP ECHO_REQUEST and ECHO_REPLY packets to probe the “distance” to the target machine. PING is included in every copy of UNIX® and Microsoft Windows®, putting it into nearly every computer on the planet.

Mike also wrote a number of software packages (including architect of BRL-CAD) and network tools (including TTCP and the concept of the default route or “default gateway”) and contributed to many others (including BIND).

Ping monitoring

PING is one of, if not the, most practical network tool available if used appropriately, especially in regard to dependencies when monitoring a network. For example, if you monitor several performance indicators of a virtual machine, the monitoring should rely on whether or not the host of the virtual machine still responds to PING requests. If it doesn't, all other requests to that machine will fail as well. If configured accordingly, you will receive just one notification for the host when it is down and not dozens of notifications for an unavailable virtual machine. PING can also be very helpful in high availability and failover scenarios because it is a good indicator of whether paths to hosts or to the internet are functioning properly.

death of mike muuss

Copyright 2000 The Baltimore Sun Company All Rights Reserved
The Baltimore Sun

November 25, 2000 Saturday FINAL EDITION

SECTION: LOCAL, Pg. 5B

LENGTH: 695 words

HEADLINE: Michael John Muuss, 42, computer expert whose software had key role in Internet

BYLINE: Michael Stroh

SOURCE: SUN STAFF

BODY: Michael John Muuss, a multi-talented computer wizard who helped lay the foundations for the modern-day Internet, was killed Monday in an automobile accident near his home in Havre de Grace. He was 42.

A graduate of the Johns Hopkins University, Mr. Muuss spent his entire career at the U.S. Army Research Laboratory at Aberdeen Proving Ground, where he established a reputation as an enthusiastic problem-solver who did groundbreaking work in areas ranging from computer networks to graphics.

"He was an engineer's engineer," said Joseph Pistritto of Belmont, Calif., a longtime friend and former Hopkins classmate. "I doubt there's hardly any week he didn't put in 60 hours."

Mr. Muuss is most widely known in computing circles for being the author of a software program called "Ping."

Written in one evening in 1983, the program is one of the most widely used diagnostic tools for computer networks in the world, with a version of it included in Microsoft Windows.

"It's probably one of the most minor things he ever did in his life, but the one that most people use," Pistritto said.

In the early 1980s, Mr. Muuss' work on computer networks also helped lay the technological foundation that would transform what was then called the ARPANET, an obscure military computer network created in 1969 by the Department of Defense, into the modern-day Internet.

Mr. Muuss' interest in electronics began early. His father, Rolf Muuss of Lutherville, a professor emeritus of education at Goucher College, recalled his son building radios from kits by age 7. He got his first taste of computers as a teen-ager during a visit to the Goucher College computer center and was hooked.

Mr. Muuss exhibited an early knack for programming, quickly creating a tic-tac-toe game despite a lack of formal training. A Monopoly game he wrote as an adolescent was so good that it beat him.

"When he saw that his computer program was superior to himself, he was ecstatic," his father said.

Mr. Muuss' reputation would follow him. His work in computer security landed him a cameo appearance in Clifford Stoll's 1989 hacker classic "The Cuckoo's Egg," a nonfiction thriller about the hunt for an international band of computer criminals.

Mr. Stoll wrote: "When Mike (Muuss) talks, other wizards listen."

In 1990, Mr. Muuss was one of the government's key witnesses in the case against Robert Morris, whose software "worm" in 1988 nearly brought down the Internet.

In recent years, Mr. Muuss' research shifted to computer graphics and animation. He created a program called BRL-CAD that allowed the military to create sophisticated 3-D models. Before, the work was done using punch cards and printouts.

"It was a major breakthrough," said Chuck Kennedy of Belcamp, who had worked with Mr. Muuss in the Army Research Laboratory for almost 20 years. "He could program like you and I use the English language."

Over the years, BRL-CAD has become one of the Army's most-licensed technologies and is used to model everything from tanks to brain tumors.

Mr. Muuss, who was an avid photographer, received many awards for his technological discoveries. In 1999, he was given the Research and Development Achievement Award, the Army's highest civilian award for scientific accomplishment.

Born in Iowa City, Iowa, Mr. Muuss grew up in Lutherville. While at Towson High School, he was enrolled in a program at Johns Hopkins for gifted youth and began taking college courses. He received his bachelor's degree in electrical engineering from Hopkins in 1979, three years after he started.

He died while returning home from a restaurant, when his car was involved in a multivehicle pileup on Interstate 95.

Mr. Kennedy said Mr. Muuss liked to keep a list of things he wanted to accomplish in life and had crossed off most of the items on it.

"When I saw him last, he was working on his next list," Mr. Kennedy said.

Services will be held at 11 a.m. Monday at Divinity Lutheran Church, 1220 Providence Road, Towson.

Besides his father, Mr. Muuss is survived by his wife, the former Susan Pohl of Edgewood; and a sister, Gretchen Frensemeier of Lutherville.

GRAPHIC: Photo(s), Michael John Muuss worked at Aberdeen Proving Ground.

LOAD-DATE: November 25, 2000

The Ping of Death - ouch

Ping isn't very useful on today's internet because most routers and hosts filter it out. But it's still quite useful on local networks; not a month goes by that I'm not pinging something.

A new threat has emerged on the Internet that once again takes the Ping Utility and twists it around for evil ends. This new practice is called smurfing. Smurfing takes a Ping packet and sends it to a network's broadcast address. This is a specially designated address under which under usual circumstances sends a message to all computers attached to it (up to 255). So, a single Ping packet is increased by a factor of 255 and sent out. Only in this case, the return address is doctored so that the packets are sent to the address that the attacker choses. To give one an idea of how this can cripple a system, a 28.8 modem can send out 42 64-byte Ping packets per second. When sent to a broadcast network address, this becomes 10,626 packets or 5.2 Mbits of data per second - enough to bring down a T1. (Remember that a T1 is 1.5 Mbits/sec) Smurf attackers have now devised ways to have more than one broadcast address send out packets at once during an attack. Thus, using the previous example, we must increase by a factor of 50 (say if the attacker choses 50 broadcast addresses) the 10,626 packets, which increases the number of packets per second to 531,300. Boom.