Menttor
Library
LibraryIP Addressing and Subnetting

IP Addressing and Subnetting

Learn about IP Addressing and Subnetting as part of Ethical Hacking and Penetration Testing

Table of Contents

IP Addressing and Subnetting for Penetration Testers

Understanding IP addressing and subnetting is fundamental for any penetration tester. It allows you to map networks, identify potential targets, and understand network segmentation, which are crucial for reconnaissance and exploitation phases.

What is an IP Address?

An Internet Protocol (IP) address is a unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. It serves two main functions: host or network interface identification and location addressing.

IP addresses are like street addresses for devices on a network.

IP addresses are numerical labels that identify devices on a network, enabling communication. They are essential for locating and addressing specific machines.

There are two main versions of IP addresses: IPv4 and IPv6. IPv4 addresses are 32-bit numbers, typically written in dot-decimal notation (e.g., 192.168.1.1). IPv6 addresses are 128-bit numbers, written in hexadecimal notation (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334). For penetration testing, understanding IPv4 is often the starting point, as it's still widely prevalent.

Understanding IPv4 Address Classes

IPv4 addresses are divided into classes (A, B, C, D, E) based on their first octet. Each class has a different range and is designed for different network sizes.

ClassFirst Octet RangeDefault Subnet MaskNetwork Size
A1-126255.0.0.0Very Large
B128-191255.255.0.0Large
C192-223255.255.255.0Small
D224-239N/AMulticast
E240-255N/AExperimental

As a penetration tester, you'll primarily focus on Class A, B, and C addresses for network scanning and targeting.

What is Subnetting?

Subnetting is the process of dividing a large IP network into smaller, more manageable subnetworks (subnets). This is achieved by borrowing bits from the host portion of an IP address to create a subnet ID. Subnetting is crucial for network efficiency, security, and performance.

Imagine a large office building (a network). Subnetting is like dividing that building into different departments or floors (subnets). Each department has its own internal mail system and phone extensions, making it easier to manage and communicate within that department. This also helps in isolating departments from each other for security reasons. The subnet mask acts like a blueprint, telling you which part of the address identifies the building (network) and which part identifies the specific office or floor (subnet).

📚

Text-based content

Library pages focus on text content

The subnet mask is a 32-bit number that works in conjunction with an IP address to separate the network portion from the host portion. Bits set to '1' in the subnet mask represent the network and subnet portions, while bits set to '0' represent the host portion.

The Importance of Subnetting in Penetration Testing

For penetration testers, understanding subnetting allows for:

  • Network Reconnaissance: Identifying the size and structure of subnets helps in mapping the attack surface.
  • Target Identification: Pinpointing specific IP ranges within subnets for scanning and exploitation.
  • Lateral Movement: Understanding how subnets are connected can facilitate movement within a compromised network.
  • Security Analysis: Recognizing how networks are segmented can reveal security weaknesses or strengths.
What is the primary purpose of a subnet mask?

To separate the network portion from the host portion of an IP address.

Common Subnetting Scenarios

You'll often encounter common subnet masks like /24 (255.255.255.0), /16 (255.255.0.0), and /8 (255.0.0.0). Understanding how to calculate the number of hosts per subnet and the network and broadcast addresses is vital.

Loading diagram...

CIDR Notation

Classless Inter-Domain Routing (CIDR) notation is a more flexible way to represent IP addresses and subnet masks. It uses a forward slash followed by the number of bits used for the network portion (e.g., 192.168.1.0/24). This notation is widely used in modern networking and penetration testing.

What does the number after the '/' in CIDR notation represent?

The number of bits used for the network portion of the IP address.

Learning Resources

IP Addressing and Subnetting Explained(video)

A comprehensive video tutorial explaining the fundamentals of IP addressing and subnetting, including practical examples.

Subnetting Made Easy(tutorial)

An interactive website that provides subnetting calculators and tutorials to help you master subnetting concepts.

Introduction to IP Addressing(blog)

Cloudflare's explanation of IP addressing, covering its purpose, types, and how it works in the internet infrastructure.

IPv4 Address Classes(documentation)

A detailed explanation of IPv4 address classes, their ranges, and default subnet masks.

CIDR Notation Explained(video)

A clear and concise video tutorial that breaks down CIDR notation and its importance in networking.

Subnetting Practice Problems(tutorial)

A collection of practice problems with solutions to help you hone your subnetting skills.

What is a Subnet Mask?(documentation)

TechTarget's definition and explanation of subnet masks, their function, and how they are used.

Understanding IP Subnetting(documentation)

Cisco's official documentation on IP subnetting, providing in-depth technical details and examples.

The Basics of IP Addressing(blog)

Lifewire's accessible explanation of IP addresses, covering what they are and how they are used by everyday users.

Network Fundamentals: IP Addressing(video)

A foundational video on IP addressing, suitable for beginners looking to build a strong understanding.