An ICMP tunnel uses ICMP packets (Echo Request and Reply) to establish a covert channel between two computers (client and proxy). This can for example be set by means of ping messages a tunnel for TCP packets.

Technical details

An ICMP tunnel based on the fact that any data is appended to an echo packet and sent to another computer. This responds in the same way by his response adds another ICMP packet and sends back. The client uses ICMP echo request packets while the proxy echo reply packets are exploited. Theoretically, it would be easier if the proxy would also use echo request packets, so that the implementation would be significantly easier. However, these packages are not necessarily passed on to the client because the client could be behind a router, the ping from outside their network filters, such as in the case of a NAT router.


An ICMP tunnel is often used to bypass firewalls, pass the ICMP packets, or to create an encrypted communication channel between two computers, which is hard to track.