Total Pageviews

Thursday, June 13, 2013

Cracking WPA secured networks with Backtrack 5

(this tutorial uses a method that involves WPS)

So for whatever reason, you’re interested in cracking a secured wireless access point. We all know (or may not know) how easy it is to crack WEP encrypted wireless access points, but what about the new WPA encryption? Well this is a little more tricky. Instead of cracking the actual WPA key, We are going to be focused on something called “WPS” This stands for Wi-Fi Protected Setup.



Tools You Will Need:
downloadspage


Step One:

Insert Backtrack DVD and boot off the drive. Google if you don’t know how to do this step

Step Two:

Select  “BackTrack Text – Default Boot Text Mode” and press Enter.
Once you are prompted type “startx” this will get you booted into BT5 GUI. (the default login credentials for BT5 are username: root password: toor

Step Three:

Install Reaver, Reaver is new to Backtrack so as of Backtrack R2 it does not come installed on the Live DVD, but I believe it does in BTR3.
if it doesn’t, follow these simple steps:
1. Make sure you have internet connectivity by going to Applications > Internet > Wicd Network Manager.
2. Select your wireless network and connect to it.
3. Open a terminal window and type “apt-get update” without quotations this will update all the different repositories from apt-get (including Reaver)
4. Now type “apt-get install reaver” without quotations Reaver will now be installed.


Step Four:

we need to get your wireless cards interface name. To do this open up terminal and type “iwconfig”
iwconfig
As you can see from the screen shot above my wireless card is identified by Backtrack as “wlan0″ This is most likely what yours will be unless you are using multiple wireless cards, then it may be a different networking schema.

Step Five:

Now we need to put your wireless card into something called “Monitor Mode” this is just a mode used for the wireless card to be able to survey access points around it and collect and inject packets from the access point. To do this simply type “airmon-ng start wlan0 ” without quotations.
This is going to create ANOTHER interface called “mon0″ (See Screen Shot Below)
monitormode

Step Six:

The next thing we want to do is find the BSSID of the access point we are trying to gain access to. To do this type “airodump-ng mon0″ without quotations, the wireless interface mon0 is going to then complete a survey of all the access points it’s able to see around it.
(See Screen Shot Below)
BSSID

Step Seven:

Now that we have the BSSID and the wireless card in monitor mode we are ready to go.

Step Eight:

Input this command into terminal:
“reaver -i mon0 -b 30:46:9A:7C:BB:8F -vv” without quotations. (Where mon0 is your interface you’re using, and replace “30:46;9A:7C:BB:8F” with the BSSID of the router you’re actually trying to hack.

Step Nine:

After that you’re done and should now be able to access the secured router. See screen shot below for WPS key and WPA passphrase.
WPS  Code

Wednesday, June 12, 2013

Passwords, managers, and security questions

The purpose of this article will be to inform/educate students in good password policies, commonly used password managers, and security questions.
Developing good passwords are important in this day and age. A Decade or so ago people thought using simple easy to remember passwords were ok, which they were, an example of one of these would be “detroittigers” but nowadays, with the ease of cracking or brute forcing passwords, It is vital to ensure you have a strong password, One example of a good password would be: SunShine45AcP%
A good strategy would be to develop a password based on this criteria: 9 – 16 characters, Uppercase and lowercase letters, as well as numbers and special symbols (if the website in question lets you use special symbols.)
Although it may seem hard to develop and remember a password such as this, fear not! Because you can download and use special password management software.  What this software does is allow to you have one “master” password  to unlock your password “vault” which allows you to view your saved passwords.
Image
This is a picture of the Keypass password “vault”
An important thing to note about password managers they require administrator access to run however, keypass allows you to download a version that can be ran from external media (Flash drives, SD cards, and external hard drive disks.) You can also download keypass for your mobile devices (Android store and IOS.)  Some additional features on these password managers may include: The ability to randomly generate a password based on a certain criteria. Almost all of these managers are free to use, and download.
Now for security questions, a good rule of thumb is to never use default security questions (For example, where were you born is a bad example of a security questions because it is relativity easy to figure out your place of birth.) Instead, try to create a good security question, don’t make it extremely personal, but something that is hard to guess about you, but easy to remember.

Backup Strategies

As a college student, backups are important, you could say the might even effect your grade! Ever lose an English essay due to a faulty hard drive or Flash Drive? And it was due the next day. What if I told you that there are programs out there that allow you to back up your data, automatically and easily?
Before I go into specific programs and methods, let’s talk about different backup mediums, as well as the pros and cons of them.
Mediums
Hard Drives – Hard drives normally come in two flavors, Internal (as in, the kind in your desktop or laptop computer) and external (the kind that plug into your computer’s USB ports, and sometimes require AC power to operate, although some are small enough to use USB power.) For most people, they buy external hard drives to back up their data, which, is good. However, external hard drives are prone to failure, and should not be your only source of backing up data. There is also several variables for external hard drives such as Read/Write speed, manufacturer, size, and type.
Universal Serial Bus Drives – aka USB or Flash drives are great for short term solutions, although care should be given when using them. (I can’t tell you how many times I forgot I had one in my pants pocket, and then it went through the washing machine.) usb drives come in a variety of sizes, Normally you can easily find a 8GB drive for $20 – 30 on amazon or bestbuy, depending on the brand. I should make a point though, They should Never be relied on for long term use due to the fact that they have a limited Read/Write cycle, I will admit the “shelf life” of usb drives are improving, as technology improves.
Secure Digital Card – aka SD card for short, is primarily used in Digital cameras, and mobile devices (although in mobile devices, it is a Micro version of the SD card, it is the same technology.)  They have almost comparable speeds to flash drives, but are rated by “Classes” so a Class 10 SD card will have better Read/Write speeds then a Class 6, they will also cost more/less. For desktop computers, you normally have to buy a SD card reader to read the cards, most laptops/netbooks have them built in though, which is why it is a great short term solution for backing up your data, Coupled with flash drives makes it even better.
Optical Discs – Although Hard drives, Flash drives, and SD cards offer more storage space then Most optical discs they are less reliable in my opinion. Back in 2004, I used to use CD’s to backup data often, the downsides were slow write speed and low capacity at the time (700mb) But now more modern mediums have surfaced such as Duel Layer DVDs, BluRay Discs, Regular DVDs, etc. I could spend a whole article on just optical discs alone, but I will try to boil it down to the important bits: DVD’s if properly maintained, are a good way to back up your music, movies, games, and documents; this also applies to Bluray, although Bluray discs are still expensive to buy, and the writers/readers are expensive.
Image
From left to right: USB drive, SD card, Micro SD card, External Hard drive (USB Power) External USB drive, (AC power) Optical Discs
Now on to programs; several programs exist for backing up your data to the cloud. Some of the more popular ones are: Dropbox, Evernote, Mozy, and Carbonite.
Programs
Dropbox – Bills itself as a “sync” service, I personally use it to back up my essays, scripts, and articles I write. This application works on Windows, Mac, Linux, Android, Apple IOS, Blackberry and Web Browsers. By default you get 2GB’s of storage space to use, and can easily get up to 18GB if you referral people to sign up for drop box. Upon installation, you specify a folder on your device to use for Dropbox, and anything you put in the folder in then synced with drop box’s servers, and then with any other devices that you have dropbox installed on. You can even share folders with other people, so if you are working on a project, they can get the most up to date version. There is a paid version, if you want more space, they even offer business accounts as well. Plans and more information can be found at their website.    https://www.dropbox.com/
Evernote – Mainly used for note taking and essays. works on IOS, Android, and Windows. This software really isn’t intended for backing up regular data, and would only work good if you like working on your college essays on your mobile devices (I have seen people do that though.) When First installing Evernote, you create your first “Notebook” to keep all of your stuff in. (If you have used Microsoft’s Onenote then you will feel right at home here.) There is a paid version for this application, after some research it appears that the paid version might be worth it. More information can be found here: https://evernote.com/evernote/
Mozy – Mozy offers a home edition of their backup software, It currently runs on Windows and Mac. You get 2GB of storage space, the main feature about this product, in my opinion is that it supports automatic or scheduled backups. (Which means, you can specify and time and date to backup files) You can use your mobile device (IOS and Android, no love for blackberry it seems.) to view files on the go, but not backup anything from those devices. Mozy also offers a cheap plan if you want more storage space you can purchase a paid plan. More information here:
http://mozy.com/home/


Carbonite – Runs on Windows and Mac. Uses Scheduled and automatic backups. US Based customer support. You can try this software for up to 15 days for free. After that you have to buy a paid plan, paid plans vary in pricing, the cheapest plan they have is listed at $59 per computer per year. I would normally say that is pricy but, they allow unlimited storage space, you if you only have one computer, this may be the best option for you. Their website is here: http://www.carbonite.com/
Methods
So far I have given you mediums and programs to back up your data, now we will take about methodology aka when should I? Most people I have talked to while writing this article only back up data when needed (example: I finished writing an essay, so I backed it up to my flash drive.) Which is fine in my opinion, but you can do so much better with automatic backups (Example: telling windows to back up my documents every Sunday at 1 am to my external hard drive.)  Normally you want to do automatic or scheduled backups when you are not using the computer, due to the fact that programs will be slow. I personally backup my laptop every Sunday night, at 11pm.
Some people only do backups on the weekends, and a few people I know backup stuff on the weekdays, you need to find what works for you, also you need to stick with it, and don’t forget to back up your data if you’re not using automatic schemes.
Conclusion
This article informed you of the various mediums you can use for backups, special programs which you can use, and methodology, you should now be able to effectively preserve your digital files.

Viruses, spyware, and annoying ads

This article will cover Viruses, spyware, and advertisements on the internet. The purpose will be to inform and help the user decide on the best anti-virus, anti-spyware, and the best ad blocking solutions.
Viruses
Wikipedia defines a virus as a “a computer program that can replicate itself.” I tend to agree with that statement, Normally Viruses cause stability issues with your system. They can also cause loss of data/theft of data. Some viruses masquerade as legitimate programs, and trick the user into installing them. To combat this, several companies have developed anti-virus programs that scan your computer to detect, quarantine, and remove these threats. I will be listing several commonly used anti-virus programs, as well as best practices when using them. Before I go into detail about the various anti-virus programs, let me explain some concepts and keywords.
Scheduled scans – Allows you to set a day (say once a week, or only on Tuesdays) and a time (4pm, 5am, etc.) for the anti-virus scanner to scan your computer. This will happen automatically at the set time. One thing to note however, your computer may be unusable during the scanning period, so it is recommended that you set the time and day to be when you know you will not be using your computer.
Real time Protection – Real time protection means your computer will check all files being downloaded, or attempting to run automatically, and quarantine them if they meet a set criteria. Almost all Anti-virus scanners support this feature, and it uses virtually no RAM or CPU usage, so it is best to always leave it on.
Excluded Files/Folders – Allows you to specify certain Files and Folders to ignore while scanning. It will not quarantine or delete any files/folders you specify. You may wish to use this option when you have a program that you know is one hundred percent safe, yet your anti-virus scanner removes it. (One example would be using Cain and Able, due to the nature of the program, most Anti-virus programs delete it, but it is safe.)
AV or A/V – Anti-Virus or Antivirus shortened.
Database – In context of anti-virus/spyware scanners, the database is a list of files/folders that are confirmed to be malicious. It is rapidly changing and you will be updating it a lot. Thankfully, most anti-virus programs do this automatically.


Anti-Virus Programs
Microsoft Security Essentials – Works on Windows XP,Vista, and Seven, both 32 and 64 bit versions. One thing to note, you must have a valid copy of windows to run this software, it will not work with pirated versions. MSE allows scheduled scans, supports real time protection. It also allows you to send information to Microsoft when it detects suspicious program actions (it helps them build their anti-virus database.) Also a cool thing to note, this program uses very little resources, so it is perfect for laptops/netbooks that don’t have a lot of ram. I have also personally used this application for years, and have never had a problem with it, so I would recommend it. You can download it from here:
http://windows.microsoft.com/en-us/windows/security-essentials-download
AVG Free – AVG only works on windows XP, Vista, and Seven. AVG free supports real time protection, and Scheduled scans. The pro version (Titled AVG Internet Security 2013) Supports more features such as link checking, instant message checking, email scanning, and a tune up utility for your computer. You can try the pro edition for free for 30 days, or buy it for $59.95 Website is here:  http://free.avg.com/us-en/homepage
ClamAV – Clam AV works on Windows XP, Vista, Seven, and various flavors of Unix/Linux. This is a more advanced anti-virus scanner, and it is recommended for experienced computer users, it supports real time scanning, scheduling, built in support for almost all mail file formats, anti-virus database is updated three to four times a day. One other thing to note, it has an interesting feature called “command-line scanner” which allows you to run a scan from the command line. This is really good for computers with very low ram. (Personally I have used it on my Raspberry Pi microcomputer that has only 256 MB of ram.) This program is open-source, and free. Website can be found here:  http://www.clamav.net/lang/en/
Kaspersky – Commercially available anti-virus solution, Works on Windows Vista, Seven, and Eight. It is subscription based, requiring you to pay a certain amount of money every year to continue using it. It supports Scheduled scans, Automatic updates, Technical support (Via Email, Live chat, and phone.) and a feature called rollback, which, if forever reason Kaspersky anti-virus can’t delete a virus on your computer, it will roll it back to the last usable date. It can be bought from amazon, Bestbuy, or their official website here: http://usa.kaspersky.com/store/kaspersky-store
Anti-Spyware
Several people during the course of this project asked me: Why do I need anti-spyware protection When I already have anti-virus protection; To put it simply, Spyware is different from Viruses, traditionally Anti-virus and Anti-spyware programs are separate applications. One interesting thing to note: Most anti-spyware programs do not have real time protection, or automatic scanning, and must be done manually. Scheduled scanning, however, can be used.
Spybot S&D – It runs on Windows XP, Vista, Seven, and Eight. Spybot Search and Destroy is the best spyware scanner out there in my honest opinion. It can scan for spyware, malware, and rootkits; it supports a registry scanner for fixing issues caused by spyware.  It also have a two paid editions, named Home and Professional, which cost money, but offer more features. The website is here:  http://www.safer-networking.org/
Malware Bytes Anti-Malware – Also known for short as “MBAM” it runs on windows XP, Vista, and Seven. It supports scheduled scanning, Advanced malware detection and removal, Email/Forum support, Multilanguage support, Zero day protection, and a myriad of other features. There is a free version and several paid versions, I personally used to use this as my anti spyware/malware solution, but then it got too resource intensive in my opinion. That doesn’t mean it is a bad choice however. For more information on MBAM, the official website is: http://www.malwarebytes.org/
Advertisements and Scripts
For this section I will be listing a good ad blocking tool as well as some utilities that makes you safe online. I want to make two things clear however. 1. Some of these applications may require some advanced knowledge to use effectively, so reading the manual is important. 2. I understand ads are important for people, some websites solely run off of ads to make money, I just don’t agree with them, and believe people have a choice in the matter.
Adblock Plus – also known as Ad-block + or ABP, this is the de-facto Best ad blocker hands down, it installs on almost all web browsers (Firefox, Chrome, Safari, Opera, As well as mobile versions of those browsers.)  To put it simply, it blocks advertisements from displaying in videos and websites. It is updated automatically by whitelists, which can also be configured manually. There is one option that allows unobtrusive ads to be displayed, I would strongly recommend leaving it on.  Their website is http://adblockplus.org Another thing to note, this website should AutoDetect which web browser you are using, so it is a one click download/install.
Noscript – Only for firefox. Noscript blocks javascript, java, flash, and other plugins that are malicious. This plugin requires advanced knowledge to use however, as it blocks everything by default, so you will have to create a whitelist to suit your needs. It can be found here: http://noscript.net/
Ghostery – Runs on almost all web browsers in existence. Works almost identical as Noscript, but with some key differences: It is more user friendly, reading the manual is still highly recommended though. It can also  show you which websites are trying to track you. (For example; online shopping sites.) It can be found here: http://www.ghostery.com/

Sunday, April 15, 2012

useful websites for the cyber security professional

Here is a list of some pretty good websites that I use daily:

http://www.pentest-standard.org/index.php/Main_Page - Penetration testing standard

http://www.exploit-db.com/ - exploit database; thousands (if not millions?) of exploits for various applications

http://www.routerpwn.com/ - router pwn; comprehensive exploit database for routers

http://www.hackforums.net/ - hackfourms (this website is only useful to see what exploits are "patched" so to speak) pretty much, if an unheard of exploit shows up on here. it will be patched within a week I have noticed.

http://thehackernews.com/ - a good website for keeping up to date on latest break ins


Monday, April 9, 2012

Subnetting a Class C network

Why subnetting?
By creating smaller IP networks (instead of having one large network), we can obtain better security, smaller collision and broadcast domains, and greater administrative control of each network. Think of a network like streets in a city. Each house on this network is known by the street and by the address. Think of the addresses on the houses as the hardware addresses of a host. For IP to communicate with a host, the IP address must be known, and the router connected to the network on which this host is located must also know the hardware address of the house.

What if a city didn’t have many blocks but just one long street? The mailman would go crazy trying to get the mail delivered to each house correctly because he would have to know the address of every house. It’s the same scenario with IP. By creating smaller networks, we can more effectively get data to each host.

Subnetting a Class C network
So you understand why you want to subnet, but how do you do it? Your goal is to look at an IP address and subnet mask of a host and then determine three things quickly:
  1. The subnet the host is located in
  2. The broadcast address of the subnet
  3. The valid host range of the subnet used to configure hosts

Once the subnet is determined, the broadcast address must be found. Why? Because these are not valid host addresses and cannot be assigned to host configurations. Also, by determining the subnet and broadcast addresses, we can easily determine the host addresses because the valid host range is always the numbers between the subnet address and the broadcast address.

If we use the default subnet mask with a Class C network address, then we already know that three bytes are used to define the network and only one byte is used to define the hosts on each network.

The default Class C mask is: 255.255.255.0. To make smaller networks, called subnetworks, we will borrow bits from the host portion of the mask. Since the Class C mask only uses the last octet for host addressing, we only have 8 bits at our disposal. Therefore, only the following masks can be used with Class C networks (Table A).

Subset zero
Take note that in the table below I do not assume subnet zero. Cisco does teach a subnet zero assumption but they do not test that way. I have chosen to follow the exam.


Table A
MaskBinary# Subnet bits# Host bitsSubnetsHosts
255.255.255.12810000000172126
255.255.255.1921100000026262
255.255.255.2241110000035630
255.255.255.24011110000441414
255.255.255.2481111100053306
255.255.255.2521111110062622
Class C masks

You can see in Table A that the bits that are turned on (1s) are used for subnetting, while the bits that are turned off (0s) are used for addressing of hosts. You can use some easy math to determine the number of subnets and hosts per subnet for each different mask.

To determine the number of subnets, use the 2x-2, where the x exponent is the number of subnet bits in the mask.

To determine the number of hosts, use the 2x-2, where the x exponent is the number of host bits in the mask.

To determine the mask you need for your network, you must first determine your business requirements. Count the number of networks and the number of hosts per network that you need. Then determine the mask by using the equations shown above—and don’t forget to factor for growth.

For example, if you have eight networks and each requires 10 hosts, you would use the Class C mask of 255.255.255.240. Why? Because 240 in binary is 11110000, which means you have four subnet bits and four host bits. Using our math, we’d get the following:
24-2=14 subnets
24-2=14 hosts

Many people find it easy to memorize the Class C information because Class C networks have few bits to manipulate. However, there is an easier way to subnet.

Easy subnetting
Instead of memorizing the entire table (Table A), it’s possible to glance at a host address and quickly determine the necessary information if you’ve memorized key parts of the table. First, you need to know your binary-to-decimal conversion. Memorize the number of bits used with each mask that are shown in Table A. Second, you need to remember the following:
256-192=64
256-224=32
256-240=16
256-248=8
256-252=4

Once you have the two steps memorized, you can begin subnetting. Our first example will use the Class C mask of 255.255.255.192. Ask five simple questions to gather all the facts:
  1. How many subnet bits are used in this mask?
  2. How many host bits are available per subnet?
  3. What are the subnet addresses?
  4. What is the broadcast address of each subnet?
  5. What is the valid host range of each subnet?

You already know how to answer questions one and two. To answer question three, use the formula 256-subnetmask to get the first subnet and your variable. Keep adding this number to itself until you get to the subnet mask value to determine the valid subnets. Once you verify all of the subnets, you can determine the broadcast address by looking at the next subnet’s value. The broadcast address is the number just before the next subnet number. Once you have the subnet number and broadcast address, the valid hosts are the numbers in between.

Here are the answers using 255.255.255.192:
  1. How many subnet bits are used in this mask?
    Answer: 2
    22-2=2 subnets
  2. How many host bits are available per subnet?
    Answer: 6
    26-2=62 hosts per subnet
  3. What are the subnet addresses?
    Answer: 256-192=64 (the first subnet)
    64+64=128 (the second subnet)
    64+128=192. However, although 192 is the subnet mask value, it’s not a valid subnet. The valid subnets are 64 and 128.
  4. What is the broadcast address of each subnet?
    Answer: 64 is the first subnet and 128 is the second subnet. The broadcast address is always the number before the next subnet. The broadcast address of the 64 subnet is 127. The broadcast address of the 128 subnet is 191.
  5. What is the valid host range of each subnet?
    Answer: The valid hosts are the numbers between the subnet number and the mask. For the 64 subnet, the valid host range is 64-126. For the 128 subnet, the valid host range is 129-190.

Let’s do a second example using the Class C mask of 255.255.255.224. Here are the answers:
  1. How many subnet bits are used in this mask?
    Answer: 3 bits or 23-2=6 subnets
  2. How many host bits are available per subnet?
    Answer: 5 bits or 25-2=30 hosts per subnet
  3. What are the subnet addresses?
    Answer: 256-224 =32, 64, 96, 128, 160 and 192 (Six subnets found by continuing to add 32 to itself.)
  4. What is the broadcast address of each subnet?
    Answer: The broadcast address for the 32 subnet is 63. The broadcast address for the 64 subnet is 95. The broadcast address for the 96 subnet is 127. The broadcast address for the 160 subnet is 191. The broadcast address for the 192 subnet is 223 (since 224 is the mask).
  5. What is the valid host range of each subnet?
    Answer: The valid hosts are the numbers in between the subnet and broadcast addresses. For example, the 32 subnet valid hosts are 33-62.

Let’s do a third example using the Class C mask of 255.255.255.240. Here are the answers:
  1. How many subnet bits are used in this mask?
    Answer: 4 bits or 24-2=14 subnets
  2. How many host bits are available per subnet?
    Answer: 4 bits or 24-2=14 hosts per subnet
  3. What are the subnet addresses?
    Answer: 256-240 =16, 32, 48, 64, 80, 96, 112, 128, 144. 160, 176, 192, 208 and 224 (14 subnets found by continuing to add 16 to itself.)
  4. What is the broadcast address of each subnet?
    Answer: Here are some examples of the broadcast address: The broadcast address for the 16 subnet is 31. The broadcast address for the 32 subnet is 47. The broadcast address for the 64 subnet is 79. The broadcast address for the 96 subnet is 111. The broadcast address for the 160 subnet is 175. The broadcast address for the 192 subnet is 207.
  5. What is the valid host range of each subnet?
    Answer: The valid hosts are the numbers in between the subnet and broadcast addresses. The 32 subnet valid hosts are 33-46.

Let’s do a fourth example using the Class C mask of 255.255.255.248. Here are the answers:
  1. How many subnet bits are used in this mask?
    Answer: 5 bits or 25-2=30 subnets
  2. How many host bits are available per subnet?
    Answer: 3 bits or 23-2=6 hosts per subnet
  3. What are the subnet addresses?
    Answer 256-248 =8, 16, 24, 32, 40, 48, and so forth. The last subnet is 240 (30 subnets found by continuing to add 8 to itself).
  4. What is the broadcast address of each subnet?
    Answer: The broadcast address for the 8 subnet is 15. The broadcast address for the 16 subnet is 23. The broadcast address for the 48 subnet is 55.
  5. What is the valid host range of each subnet?
    Answer: The valid hosts are the numbers in between the subnet and broadcast addresses. For example, the 32 subnet valid hosts are 33-38.

Let’s do a fifth example using the Class C mask of 255.255.255.252. Here are the answers:
  1. How many subnet bits are used in this mask?
    Answer: 6 bits or 26-2=62 subnets
  2. How many host bits are available per subnet?
    Answer: 2 bits or 22-2=2 hosts per subnet
  3. What are the subnet addresses?
    Answer: 256-252 =4, 8, 12, 16, 20, and so forth. The last subnet is 248 (62 subnets found by continuing to add 4 to itself).
  4. What is the broadcast address of each subnet?
    Answer: The broadcast address for the 4 subnet is 7. The broadcast address for the 8 subnet is 11. The broadcast address for the 12 subnet is 15. The broadcast address for the 20 subnet is 23.
  5. What is the valid host range of each subnet?
    Answer: The valid hosts are the numbers in between the subnet and broadcast addresses. For example, the 16 subnet valid hosts are 17 and 18.

How do I use this information?
Let’s take a look at an example that will highlight how the above information is applied.

A host configuration has an IP configuration of 192.168.10.17 255.255.255.248. What are the subnet, broadcast address, and host range that this host is a member of? The answer is: 256-248=8, 16, 24. This host is in the 16 subnet, the broadcast address of the 16 subnet is 23, and the valid host range is 17-22. Pretty easy!

Here is an explanation of this example: First, I used 256-subnetmask to get the variable and first subnet. Then I kept adding this number to itself until I passed the host address. The subnet is the number before the host address, and the broadcast address is the number right before the next subnet. The valid hosts are the numbers in between the subnet and broadcast address.

Let’s examine a second example. A host configuration has an IP configuration of 192.168.10.37 255.255.255.240. What are the subnet, broadcast address, and host range this host is a member of? The answer is: 256-240=16, 32, 48. This host is in the 32 subnet, the broadcast address of the 32 subnet is 47, and the valid host range is 33-46.

Let’s go through a third example: A host configuration has an IP configuration of 192.168.10.44 255.255.255.224. What are the subnet, broadcast address, and host range this host is a member of? The answer is: 256-224=32, 64. This host is in the 32 subnet, the broadcast address of the 32 subnet is 63, and the valid host range is 33-62.

Here’s a fourth example: A host configuration has an IP configuration of 192.168.10.17 255.255.255.252. What are the subnet, broadcast address, and host range this host is a member of? The answer is: 256-252=4, 8, 12, 16, 20. This host is in the 16 subnet, the broadcast address of the 16 subnet is 19, and the valid host range is 17-18.

Let’s go through a final example. A host configuration has an IP configuration of 192.168.10.88 255.255.255.192. What are the subnet, broadcast address and host range this host is a member of? The answer is: 256-192=64, 128. This host is in the 64 subnet, the broadcast address of the 64 subnet is 127, and the valid host range must be 65-126.

Conclusion
It is important to be able to subnet quickly and efficiently. After studying the examples presented in this Daily Drill Down, you should be familiar with this process with Class C addresses. Practice your subnetting as much as possible, and the process will get easier and easier. In my next Daily Drill Down, I’ll take subnetting a step further and discuss subnetting a Class B network address.



Here is a decent subnet calculator online http://www.subnet-calculator.com/


(source) http://www.techrepublic.com/article/subnetting-a-class-c-network-address/5033672

Friday, January 27, 2012

Intro to networking: OSI model

The OSI, or Open System Interconnection, model defines a networking framework for implementing protocols in seven layers. Control is passed from one layer to the next, starting at the application layer in one station, and proceeding to the bottom layer, over the channel to the next station and back up the hierarchy. Using the OSI model can be important when troubleshooting networking issues, and normally is done from Layer 1 to 7, in order, more experienced network engineers use a “divide and conquer” strategy, which is not recommended for beginners.
Application (Layer 7)
This layer supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at this layer is application-specific. This layer provides application services for file transferse-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer.
Presentation (Layer 6)
This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. The presentation layer works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is sometimes called the syntax layer.
Session (Layer 5)
This layer establishes, manages and terminates connections between applications. The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end. It deals with session and connection coordination.
Transport (Layer 4)
This layer provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. It ensures complete data transfer.
Network (Layer 3)
This layer provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressinginternetworking, error handling,congestion control and packet sequencing.
Data Link (Layer 2)
At this layer, data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization. The data link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sub layer controls how acomputer on the network gains access to the data and permission to transmit it. The LLC layer controls framesynchronization, flow control and error checking.
Physical (Layer 1)
This layer conveys the bit stream - electrical impulse, light or radio signal -- through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier, including defining cables, cards and physical aspects. Fast EthernetRS232, and ATM are protocols with physical layer components.