Subnetting 101
From WikiHack
Contents |
Forward
Now take it easy on me guys/gals. I've never really written out a how to like this before. I promise I'll get a lot better as I post more stuff. Also, I'm not claiming to know all about subnetting and such. This is just how I learned to do subnetting. Reading all those books and such just confused when trying to learn this. It took my boss 5 minutes to explain all this to me and it just clicked. So sorry to all those if I get something wrong in here. If there is something that you can add please do so.Also 'Anding' IPs and Subnetting I could add in but hopefully everyone knows how to do that.
Subnetting 101
For those of you that are new to the world of hacking or have been in the game for a longtime. We all should now all aspects of computer hacking. Meaning, what does what on networks and how do they work. One thing that I see a lot of people not understanding is IP addresses and Subnetting. Where do they come from? What do they do? I'm going to go into subnetting with the hopes that it gives a little explanation behind the numbers you see in everyday networks. Let's start off with an IP address. An IP address is basically your home address within a network. IP addresses in hacking are like crack to a pheno. It's one of those luxuries in which all hackers want to obtain to scan and find holes with their favorite Port scanners ( X-scan, NMAP, Superscan , SSS, SolarWinds, etc.). With an IP address there is always a subnet mask. The subnet mask basically shows what 'Classfull' IP Range the IP is from. We will get into 'Classfull' and 'Classless' IPs here shortly. Just want to make sure that people have an understanding of general terms they will see all the time in our world.
All IPs come in octets of 8 bits. An example of what I'm talking about is your IP address. Each octet is built up of binary numbers or also known as on/off, true/false switches. In networking 1=ON and 0=OFF. Each octet holds a number of 255. For an example: 255.255.255.0. Now in each octet there are 8 bits. Each bit represents a number. Almost like decimal equating. But this works a little differently. There is no thousandths spot in the decimal and so on.
IP to Binary Conversion
BINARY CONVERSION -> 11111111. 11111111. 11111111. 00000000 = 255.255.255.0
In the binary above. In the first octet, you see all the ones? Each 1 represents a number which will all add up to equal 255. Starting from left to right. The numbers are 128 64 32 16 8 4 2 1. The repeats for each octet. Now back in the older days, networks were setup by 'Classfull' IP addresses. The 4 main classes that were used were:
Class A 0 - 126 IP Range Subnet = 255.0.0.0 Class B 128-191 IP Range Subnet = 255.255.0.0 Class C 192-223 IP Range Subnet = 255.255.255.0 Class D 224-238 IP Range (multi casting) Subnet = 255.255.255.255
There is a Class E as well but it was basically for experimental addressing. Now classfull addressing is still used in RIPv1 and IGRP. But we aren't going to go into that at all. The problem with Classfull addressing was, even though it was simple to see what subnet an IP would have. It didn't really limit the IP range itself. For example. If you had an IP address of 64.76.123.98, from what we see above it was a Class A IP. But, whoever has that class had all the IPs from 64.0.0.0. Networks were HUGE with no limitations!!! So these days most networks us Classless IPs. A classless IP are done with CIDRs. You have all seen them the ip comes with a little '/##' at the end ( 216.68.141.206/30). That CIDR tells you how many bits were taken to give you the subnet of the IP range. I'm going to list all the CIDRs you will most likely come acrossed in networking with the subnet and the amount of IPs you get with each CIDR. These are standard acrossed the board in any networking you will do with IP addressing.
Number of IPs CIDR Subnet Mask
4 /30 255.255.255.252 8 /29 255.255.255.248 16 /28 255.255.255.240 32 /27 255.255.255.224 64 /26 255.255.255.192 128 /25 255.255.255.64 256 /24 255.255.254.0
It keeps going on as you can see the pattern above. Now the thing about subnetting is knowing what to do, right? Well if you look above, the one I memorized which really helped me understand all this was the /29 CIDR. As you see the number of IPs always doubled each step down the table. Did you notice what the subnet did each step? Compare the difference in the subnets each step to the number of IPs each step. Each step subtracted the number of IPs from the subnet. So /29 was .248 in the last octet. The next CIDR is a /28 and the subnet of .240. HMMMM, a difference of 8. Then you have the next CIDR /27 with a subnet of .224. HMMMM what's the difference between /28 and a /27? 16. So I think you should get the idea of that part.
So now let's take a look at an IP address with a CIDR of let's say /27. You're in the middle of class/work and you're asked what IP range you would have if your IP was 66.66.66.66/27. Well we know that a /27 is 32 IP addresses from the chart above right? Well you simply just add the # of IPS till you get in your range. Always remember that 0 does count when doing IPS. Each group of ranges is symbolized by the number of IPs from the CIDR/Subnet. So in this case the IP ranges are going to be 32. So:
66.66.66.0 - 66.66.66.31 (32 ips) = 1st IP Range 66.66.66.32 - 66.66.66.63 (32 ips) = 2nd IP Range 66.66.66.64 - 66.66.66.95 (32 ips) = 3rd IP range
Well if you look at the 3rd IP range is where our group would fall. So the workable IP range you would be in with an IP address of 66.66.66.66/27 is 66.66.66.64 - 66.66.66.95 with all of these IPs having the subnet of 255.255.255.240.
Hopefully this helps out. If you have questions just let me know.
By: narbawlz
