Re: CIDR Explanation
From: Bob Radvanovsky (rsradvan_at_unixworks.net)
Date: 09/21/04
- Previous message: Mike: "RE: CIDR Explanation"
- In reply to: ka55ad: "CIDR Explanation"
- Next in thread: Bénoni MARTIN: "RE: CIDR Explanation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "ka55ad" <ka55ad@gmail.com>, <security-basics@securityfocus.com> Date: Tue, 21 Sep 2004 07:08:33 -0500
Actually, it's pretty simple, if you understand binary math. The concept of
an IP address octet is 000 thru 255 (or "FF"); each address consists of 4
octets total for IPv4 (much more for IPv6; in fact, the "IP address"
resembles something similar to that of a MAC address). So...re-capping:
IPv4 IP address consists of 4 octets: 000.000.000.000 thru 255.255.255.255.
OK so far?
Now... CIDR takes the subnet mask, which is what is *allowed* through a
given/partitioned subnet and converts it to a meaningful representation; in
this case, the CIDR is a decimal translation of an added binary
representation of the subnet mask. Confused?
OK, let's say that you have 16 IP addresses in your local subnet (through
your local ISP, or whathaveyou). What kind of subnet do you think you have?
Realistically, you have 14 USABLE addresses, since IP #0 (1st address)
represents the subnetted "network", and IP #15 (16th address) represents the
broadcast for that subnet. 16 minus 255 comes to: 239 (which is the
broadcast for the previous subnet) PLUS 1, equalling 240. So...your subnet
mask would be 255.255.255.240.
Now...convert that to binary. 255 is equal to 8 "1's": 11111111, with the
1st "1" representing 128, and the 8th "1" representing 1. Remember: in
binary you work right to left, starting with 1, then 2, then 4, and so on
and so forth. The largest binary number that you'll have for each octet is
128. Add every number up (128+64+32+16+8+4+2+1) and that equals 255.
Now...if 255 is "8", then we would have (binary ON positions form converted
into a meaningful decimal context of 8.8.8.4. In this case 240 = 128 + 64 +
32 + 16, so that's the 4th-leftmost "1's" that are ON, with the remaining
"1's" OFF. Your octet would look like this: 11110000 (or "4"). Add 'em up,
and you have "28". Your CIDR for subnet mask "255.255.255.240" is "/28".
Did you understand that? Pretty simple, huh? And to demonstrate how this
work (so you can compare it against a CIDR table), look here:
http://www.rjsmith.com/CIDR-Table.html. Nicely done, and publicly
available.
Send me email if any questions. Enjoy!
Bob Radvanovsky [/unixworks]
rsradvan(at)unixworks(dot)com
"knowledge squared is information shared."
----- Original Message -----
From: "ka55ad" <ka55ad@gmail.com>
To: <security-basics@securityfocus.com>
Sent: Monday, September 20, 2004 8:39 AM
Subject: CIDR Explanation
> Hi List,
>
> I am hoping that somebody might be able to help me out or point
> me in the right direction. For the life of me I can't seem to get a
> good grasp on CIDR notation. I see a lot of CIDR addresses every day,
> but I have trouble figuring out the IP addresses on the fly. I am not
> a complete newbie - I am quite familiar with the OSI model, TCP
> handshakes, etc but this one area stumps me.
>
> I am particularly interested in it because I am going to be
> setting up a snort box soon as well as an IP chains firewall to
> segregate parts of the network. I would much rather use CIDR since it
> can be much quicker at times, but I don't want to use it right now due
> to my lack of knowledge which can cause security issues. Can anybody
> offer advice/help? Thanks.
>
> --------------------------------------------------------------------------
-
> Computer Forensics Training at the InfoSec Institute. All of our class
sizes
> are guaranteed to be 12 students or less to facilitate one-on-one
> interaction with one of our expert instructors. Gain the in-demand skills
of
> a certified computer examiner, learn to recover trace data left behind by
> fraud, theft, and cybercrime perpetrators. Discover the source of computer
> crime and abuse so that it never happens again.
>
> http://www.infosecinstitute.com/courses/computer_forensics_training.html
> --------------------------------------------------------------------------
-- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
- Previous message: Mike: "RE: CIDR Explanation"
- In reply to: ka55ad: "CIDR Explanation"
- Next in thread: Bénoni MARTIN: "RE: CIDR Explanation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
