Whenever we connect to the Internet or any other network for that matter, the IP address and its accessability from the outside world differ depending on the type of connection we use. We will take an example of a scenario where we are connected to the internet using a dial up modem and gather useful information about the local host
Most of the time, when you connect to your ISP, you are assigned a dynamic IP address by the DHCP server of the Internet Service Provider (or ISP) which (normally) changes every time your reconnect. In a dial up network, the CPE (consumer premises equipment) at the end user side is a dial up modem and the user directly connects a phone line into his modem (which is a small piece of hardware). The modem might be external (connected via a serial port to the PC), internal (PCI card on the PCI slot of the motherboard) or might also be directly on the motherboard.
The user then users a dial up networking connection and dials a pre defined local number belonging to the ISP to connect to a host machine or point of presence owned by an ISP in the local area. This host acts as an interface between telephone lines connected to end users and the Internet, and is capable of handling hundreds or even thousands of simultaneous connections.
Let us take an example of some IP address parameters that we receive while connected to the ISP, running an ipconfig at the command prompt we get the output below
C:\>ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:IP Address. . . . . . . . . . . . : 103.236.4.17
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Default Gateway . . . . . . . . . : 103.236.4.1
Calculating the Class, IP Address, Subnet Mask, Network Mask is very simple and straight forward. The IP address and subnet mask is specified in the output clearly
To find out the class that it belongs to, we need to find out that the range that the IP address belongs to from the table below
Class Range
A 0.0.0.0 to 127.255.255.255
B 128.0.0.0 to 191.255.255.255
C 192.0.0.0 to 223.255.255.255
D 224.0.0.0 to 239.255.255.255
E 240.0.0.0 to 247.255.255.255
We can easily see that the IP address 103.236.4.17 belongs to class A. The default Network Mask is 255.0.0.0 and we know the subnet mask is 255.255.254.0. According to the netmask value, the first octet is reserved for usage by the Network ID, while the last octet is reserved for the host ID, we can break down the third octet based on the subnet mask of 254 for the 3rd octet
103.236.4.17 (IP address)
255.255.254.0 (subnet mask)
11111111.11111111.1111111 0.00000000 (subnet mask in binary)
The range of the hosts in the network can be generated from the IP address 103.236.00000100.0 where the first host would be 103.236.4.1 and the last host would be 103.236.5.254. The formula below can also be used,
2^n – 2 where n is the number of host bits
In our case the number of host bits are 9,
2^9 – 2 = 512 – 2 = 510 (the -2 is required because the IP addresses 103.236.4.255 and 103.236.5.255 are excluded which represent broadcast addresses)
We can get the same information from a useful utility [Windows NT IPConfig Utility (wntipcfg.exe)]. In earlier versions of Windows, Windows 95/98/ME, etc the same utility is winipcfg
The information that we can gather about our hosts when connected to private or public networks helps us in understanding where we are with respect to the rest of the network and also gives us a blueprint of how the network diagram evolves which helps in consulting assignments and security audits.
Comments