Security Basics mailing list archives
Re: CIDR Explanation
From: "Bob Radvanovsky" <rsradvan () unixworks net>
Date: Tue, 21 Sep 2004 07:08:33 -0500
Actually, it's pretty simple, if you understand binary math. The concept of an IP address octet is 000 thru 255 (or "FF"); each address consists of 4 octets total for IPv4 (much more for IPv6; in fact, the "IP address" resembles something similar to that of a MAC address). So...re-capping: IPv4 IP address consists of 4 octets: 000.000.000.000 thru 255.255.255.255. OK so far? Now... CIDR takes the subnet mask, which is what is *allowed* through a given/partitioned subnet and converts it to a meaningful representation; in this case, the CIDR is a decimal translation of an added binary representation of the subnet mask. Confused? OK, let's say that you have 16 IP addresses in your local subnet (through your local ISP, or whathaveyou). What kind of subnet do you think you have? Realistically, you have 14 USABLE addresses, since IP #0 (1st address) represents the subnetted "network", and IP #15 (16th address) represents the broadcast for that subnet. 16 minus 255 comes to: 239 (which is the broadcast for the previous subnet) PLUS 1, equalling 240. So...your subnet mask would be 255.255.255.240. Now...convert that to binary. 255 is equal to 8 "1's": 11111111, with the 1st "1" representing 128, and the 8th "1" representing 1. Remember: in binary you work right to left, starting with 1, then 2, then 4, and so on and so forth. The largest binary number that you'll have for each octet is 128. Add every number up (128+64+32+16+8+4+2+1) and that equals 255. Now...if 255 is "8", then we would have (binary ON positions form converted into a meaningful decimal context of 8.8.8.4. In this case 240 = 128 + 64 + 32 + 16, so that's the 4th-leftmost "1's" that are ON, with the remaining "1's" OFF. Your octet would look like this: 11110000 (or "4"). Add 'em up, and you have "28". Your CIDR for subnet mask "255.255.255.240" is "/28". Did you understand that? Pretty simple, huh? And to demonstrate how this work (so you can compare it against a CIDR table), look here: http://www.rjsmith.com/CIDR-Table.html. Nicely done, and publicly available. Send me email if any questions. Enjoy! Bob Radvanovsky [/unixworks] rsradvan(at)unixworks(dot)com "knowledge squared is information shared." ----- Original Message ----- From: "ka55ad" <ka55ad () gmail com> To: <security-basics () securityfocus com> Sent: Monday, September 20, 2004 8:39 AM Subject: CIDR Explanation
Hi List, I am hoping that somebody might be able to help me out or point me in the right direction. For the life of me I can't seem to get a good grasp on CIDR notation. I see a lot of CIDR addresses every day, but I have trouble figuring out the IP addresses on the fly. I am not a complete newbie - I am quite familiar with the OSI model, TCP handshakes, etc but this one area stumps me. I am particularly interested in it because I am going to be setting up a snort box soon as well as an IP chains firewall to segregate parts of the network. I would much rather use CIDR since it can be much quicker at times, but I don't want to use it right now due to my lack of knowledge which can cause security issues. Can anybody offer advice/help? Thanks. --------------------------------------------------------------------------
-
Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills
of
a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html --------------------------------------------------------------------------
-- --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- CIDR Explanation ka55ad (Sep 21)
- RE: CIDR Explanation David Gillett (Sep 21)
- Re: CIDR Explanation Bob Radvanovsky (Sep 21)
- Re: CIDR Explanation Alexandros Papadopoulos (Sep 23)
- <Possible follow-ups>
- RE: CIDR Explanation BĂ©noni MARTIN (Sep 21)
- RE: CIDR Explanation Andrew Shore (Sep 21)
- RE: CIDR Explanation Bowes, Ronald (EST) (Sep 21)
- RE: CIDR Explanation David Gillett (Sep 21)
- CIDR Explanation - A good web site to teach you. Chad Thomsen (Sep 23)
- RE: CIDR Explanation David Gillett (Sep 21)
- Re: CIDR Explanation Ed Spencer (Sep 21)
- RE: CIDR Explanation Mike (Sep 21)
- Re: CIDR Explanation Travis Schack (Sep 21)
- RE: CIDR Explanation Bowes, Ronald (EST) (Sep 22)
(Thread continues...)