IP Subnetting – The easy way

Is network subnetting driving you crazy ? Does binary math gives you headaches ? well..fear not, since the time i have delved into networks, i have gone through all the oohs and aaahs and the NAH’s of the logical crescendo , and I present you the easiest way to do subnetting. Generally,3 questions are being addressed when subnetting an IP- IP subnetting made easy - prohack

  1. No of subnets
  2. No of valid hosts and
  3. Host range/block size

We will tackle them one by one. First you need to know about IP addresses and their classes.

Class A includes 0-127 where 0 and 127 are reserved, the default subnet mask for this class is /8 .

Class B includes 128-191 in their first octet, and the default subnet mask for this class is /16

Class C deals with 192-224 in their first octet and the default subnet mask for this class is /24

Also, also, understand a simple concept, subnet masks lying between 8- 15 are A class masks, from 16- 23 are B class and 24-32 are C class masks. Furthermore, a subnet mask can be expressed as this where (N)etwork value and (H)ost values-

Class A : 255.0.0.0   = NNNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH  
Class B : 255.255.0.0 = NNNNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH 
Class C : 255.255.0.0 = NNNNNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH
Class mask value          8        16        24        32

Now once you see it, lets tackle some real life questions. Lets find the no of subnets and valid hosts for 192.168.10.10/18

See this ? its a C class IP address having a mask of B class (as the mask lies between 16-24) now, in order to find the number of subnets, use the following formulae - 

2 ^ (What mask you have been provided – default mask of the IP address given)

putting the values here..

2^(18-16) –>  2^(2) –>  4 subnets

simple : )

Now for calculating the no.of hosts, use the below formulae -

2^(32- what mask you have been provided) –2

Putting values here..

2^(32-18)-2 -> 2^(14)-2 –> 16384-2 –> 16382 hosts

piece of cake ..

now to find the block size, see the provided mask lies between which next default mask value , which in this case is 24 (as 18 is greater than 16 and less than 24) . So ..

Subtract the provided mask with the class mask value which is greater than it.

2^(Next class mask value – provided mask)

which on putting values will be

2^(24-18) –> 2^6 –> 64

So, the block size will be of 64 . So, the IP addresses will be divided into 4 subnets (which we already calculated above) above as -

192.168.0.0 - 192.168.63.255

192.168.64.0 – 192.168.127.255

192.168.128.0 - 192.168.191.255

192.168.192.0 – 192.168.255.255

And the best part, its applicable to all classes : )

 

Happy Subnetting : ]

Chinese Hackers Trojan-ize US Access Card - The curious case of Sykipot Trojan

Chinese Hackers Trojan-ize US Access Card - The curious case of Sykipot Trojan

Researchers at AlientVault have uncovered a new strain of Sykipot Trojan which has been used to compromise the Department of Defense-sanctioned smart cards used to authorise network and building access at many US government agencies, the Trojan has been adapted by Chinese hackers in order to lift credentials from compromised systems in order to access classified military networks. The Trojan inadvertently targets PCs attached to smart card readers running ActivClient, the client application of ActivIdentity, in what's been described as a 'smart card proxy' attack.

Read the full Story at the Register

WiFi Protected Standard vulnerability – Cracked, Bruteforced and Documented

A new critical flaw in Wi-Fi Protected Standard (WPS) has recently been uncovered by Security researcher Stefan Viehböck that leaves wireless routers open to attack. Wifi Protected Setup crackedThe inherent vulnerability lies in the design protocol that splits the 8 digit PIN in two halves which reduces its complexity and henceforth the time required to crack it. Simple permutations and combinations deduce that an 8 digit pin will create 100 million possible combinations and during his testing Stefan found it takes 2 seconds to test each combination, so bruteforcing was not a feasible option.

Unfortunately, after entering the first 4 digits of a pin, the protocol used by WPS confirms if they are correct or not, which means the pairs can be attacked separately. Also, the remaining 4 digits is just a checksum, so if an attacker has the first 4 digits, he just have to try ~1000 combinations to crack it open , which brings it to a total of 11000 different combinations to the correct pin which reduces the attack time into a matter of hours. You can find the documented PDF here and read the awesomeness.

I guess router manufacturers are up for a software fix, till then , I guess we all have to go back to MAC address .

You can also read how to Hack Wifi using Backtrack , How to detect if someone is using your WiFi  or how to detect WiFi hotspots . If you are having an Android, you can also read about how to use your Android for Wardriving.