The IP Address

Every computer on a network and the internet needs an address. This address is known as an IP address. Two computers can never have the same address.  An IP Address is a group of 4 eight bit binary numbers represented in decimal. Each number is separated by a period, e.g. 10.1.0.1.  Any machines that are connected to a network will each need a unique address. Two machines cannot use the same address.

The IP address is divided into the network ID and the host ID. The network ID represents what network the machine is on. For two machines to communicate they have to be using the same network ID. The host ID represents a unique number assigned to the machine attached to the end of the network ID. For two machines to communicate they need to Have the same network address. They must, however have different host numbers.

A machine can identify which part of its IP address is the host ID and which part is the network ID by using a set of numbers called a subnet mask.

Subnet Masks

As well as an IP address every machine using TCP/IP needs a subnet mask.  The subnet mask splits the IP address into two parts, allowing the computer to identify which part is the network ID and which part is the host ID.

The subnet mask divides the IP address into two parts by using on (1) and off (0) switches. 1 represents a network ID and 0 represents a host ID.

A computer with an IP address of 10.1.0.1 and a subnet mask of 255.255.0.0 would have a network ID of 10.1 and a host ID of 0.1. This is worked out by converting both numbers into binary.
10            .1           .0.          1
00001010.00000001.00000000.00000001
255           .255.            0.               0
11111111.11111111.00000000.00000000

Using the subnet mask, divide the IP address up by using the 1’s to represent the network ID and the 0’s to represent the host ID.
00001010.00000001.00000000.00000001
11111111.11111111.00000000.00000000.

Using this, we can assume that the network ID is 00001010.00000001 (10.1) and the host ID is 00000000.00000001 (0.1).

A subnet mask doesn’t have to be a full octet. It is possible to use a subnet mask that is only a partial octet.

For example 255.255.240.0: This enables the administrator to create custom subnets to divide a private network into several discrete sub- networks

Bit Notation

An easier way of writing an IP address and its subnet mask is by using the form xxx.xxx.xxx.xxx/bits in the mask.  The address 10.1.0.1 with a subnet mask of 255.255.0.0 can also be written as 10.1.0.1/16.

This form of notation shows the number of Bits in the subnet mask, e.g. /8 represents 11111111.00000000.00000000.00000000 or 255.0.0.0.

/20 would represent 11111111.11111111.11110000.00000000 or 255.255.240.0.

IP Address Classes

When TCP/IP first appeared, IP addresses were placed into different classes A,B,C and D. The subnet mask of the machine would be determined by its IP address class.  To determine what class an IP address is , refer to the first octet of the address, e.g. 100 for 100.23.23.1

To determine what class an IP address is , refer to the first octet of the address, e.g. 100 for 100.23.23.1

Class    Subnet Mask                         Host ID’s
A       255.0.0.0                                   16,777,214
B       255.255.0.0                               65,534
C       255.255.255.0                           254
D       255.255.255.255 (Multicast)     N/A

Of the 32 bits available, the bits required for the network ID can’t be used. In a class B network for example this takes away 16 bits, leaving 16 bits for the host addresses. This can be used to make numbers up to 65536 (2 to the power 16). Host addresses using all 1’s or all 0’s are reserved for special use, hence the figure in the above table of 65534.

You have been assigned the address 134.34.0.0/20, how many hosts will you have?

/20 represents the subnet mask of 11111111.11111111.11110000.00000000 (255.255.240.0)
Therefore the Host ID is 0000.00000000, giving a total of 12 host ID’s to play with.
Therefore  (212)-2=4094. So there are 4092 different host ID’s

Why take off 2?

Two host ID addresses are reserved for every network.
If the host ID contains all 0’s it represents the Network it is on and can’t be used, e.g. 10.1.0.0/24 (00000000) is invalid. This is known as the Network Address.
If the host ID contains all 1’s then this represents every computer in the network. This is known as the Broadcast Address, e.g. 194.34.23.255/24 (11111111) represents every computer in the 194.34.23 network.

Reserved addresses:

If the host part of the address is all zeroes, this looks similar to the subnet mask and is called the Network Address. By convention, this address is not used for any host. If the host part of the address is all ones, this represents not a single host but all hosts on that network. It is termed the broadcast address, and it shouldn’t be used for any host.

Although these days you can have any subnet mask, classes are still used when a subnet mask isn’t given. There are  a number of private address ranges available for use in internal networks. These addresses will never be seen on the internet. As internet routers will not pass packets that originate from these addresses.

Class A : 10.0.0.0 – 10.255.255.255
Class B : 172.16.0.0 – 172.31.255.255
Class C : 192.168.0.0 – 192.168.255.255

Custom Subnet Masks

Imagine a scenario where you have been assigned the address range 193.28.34.0 for your company’s network. You need to have 14 separate networks each with ten computers in.

193.28.34.0 is a class C address which means you have 254 hosts but only the one network (the 193.28.34) network.

Considering that you only need 10 hosts and not 254 we can take some of the host ID’s and turn them into Network ID’s. You can do that by creating a custom subnet mask…

We have the 8 host digits to play with. This equates to (28)-2=254 addresses. However we only need 140. Some of the host ID’s can be used as network ID’s.

Routers

Routers are network devices that are used to connect separate networks and to enable network traffic to pass between the networks.  We have seen that machines on separate networks cannot pass data between themselves without assistance.  A router or default gateway passes data to addresses that are not on the senders network.

With the help of a router computers on both networks would be able to communicate. The router is physically connected to both networks and has two IP addresses.

When a client wants to send a packet out on the network it checks the network ID of the destination machine. If it is different from its own it would send the packet to its default gateway.

Routers can communicate with other routers so that network packets can be passed to their correct destinations.

A network packet travelling out on the internet may pass through several routers before reaching its target. Each router forwards the packet on to the next router until it either reaches or fails to reach its destination.

Hackers turn back the clock with Telnet attacks

The 40-year old protocol is increasingly being used by hackers, according to Akamai

A new report from Akamai Technologies shows that hackers appear to be increasingly using the Telnet remote access protocol to attack corporate servers over mobile networks.

Akamai, which specializes in managing content and Web traffic, issues quarterly reports on Internet traffic trends. The latest report, which covers the third quarter of 2010, shows that 10 percent of attacks that came from mobile networks are directed at Port 23, which Telnet uses. That marks a somewhat unusual spike for the aging protocol.

12 "White Hat" hackers you should know

Telnet is a remote access tool used to log into remote servers, but it has been gradually replaced by SSH, also known as Secure Shell. Administrators are generally advised to disable Telnet if the protocol is not used to prevent attacks targeting it, but some forget.

Although those attacks originated from mobile networks, Akamai said it did not appear that mobile devices were the source.

"As noted previously, we believe that the observed attack traffic that is originating from known mobile networks is likely being generated by infected PC-type clients connecting to wireless networks through mobile broadband technologies and not by infected smartphones or similar mobile devices," according to the report.

Including all types of attack traffic sources, about 17 percent of attacks were directed at Telnet. Port 23 was "overwhelmingly the top targeted port for attacks" in Egypt, Peru and Turkey, Akamai said.

Worst moments in network security history

"It is not clear if there is a common thread that connects these three countries, nor whether these observed attacks were brute-force login attempts or some other botnet-related traffic," the report said.

Akamai found that Port 445, which is a commonly used port for Microsoft products, was the most targeted one, although the attacks declined. The attacks peaked more than a year ago due to Conficker, a worm that rapidly spread and targeted the port.

"While the percentages are still fairly significant, this decline may signal ongoing efforts by network service providers to identify and isolate infected systems, as well as ongoing efforts to patch and/or upgrade infected systems," the report said.

Port 445 attacks were responsible for much of the attack traffic in Brazil, Germany, Italy, Russia, Taiwan and the US. In China, however, attacks against SSH, which runs on Port 22, were more common than those against Port 445, Akamai said.

Top Dangerous attack in the history of the Cyberspace::

Robert Tappan Morris and the Morris Worm (1988):

Creator of the first computer worm transmitted through the Internet, Morris, a student at Cornell Univeristy in the USA, claimed it his progeny was not aimed to harm but was made for the innocuous intent to determine the vastness of the cyberspace.
Things went pear-shaped when a the worm encountered a critical error and morphed into a virus which replicated rapidly and began infecting other computers resulting in denial of service. The damage? 6000 computers were reportedly affected causing an estimated $10-$100 million dollars in repair bills.
While this event could be pinned as being an unfortunate accident, it no doubt played a part in inspiring the calamitous distributed denial-of-service (DdoS) type of attacks we see today.

MafiaBoy causes $1 billion dollars in damages (2000):

Another 15 year old that caused mischief in cyber space was Michael Calce a.k.a. MafiaBoy.
In 2000, Calce, now 25, was just a Canadian high school student when decided to unleash a DDoS attack on a number of high-profile commercial websites including Amazon, CNN, eBay and Yahoo!.An industry expert estimated the attacks resulted in a $US1.2 billion dollar damage bill.
He was later apprehended. Because he was still a juvenile, Calce was sentenced in 2001 to eight months in open custody, meaning his movements and actions would be restricted. His online access was also limited by the court.
Calce and since scored gigs as a columnist and recently published a book about his ordeal.

Google China hit by cyber attack (2009):

When Google's Chinese headquarters detected a security breech in mid-December, it opened up a whole can of worms (pun intended) implicating the Chinese Government.
Hackers had gained access to several Google’s corporate servers and intellectual property was stolen.
In a blog, Google said it has “evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinse human rights activists”. As the company dug deeper, they found numerous Gmail of users from US, China and Europe had been routinely been accessed without permission. Those emails belonged to advocates of human rights in China.
All eyes darted towards the Chinse Government, which has been accused of flagrantly disregarding human rights for years.
Google entered the Chinese market with www.google.cn in 2006 and capitulated to China’s stringent Internet censorship regime. The cyber attacks in December 2009 resulted in the company’s re-evaluation of its business in the country.
In March 2010, Google relocated its servers for google.cn to Hong Kong in order to escape China’s Internet filtering policy.

Teen hacks NASA and US Defense Department:
The year was 1999. Jonathan James was 15 at the time but what he did that year secured him a place in the hacker’s hall of fame.
James had managed to penetrate the computers of a US Department of Defense divison and installed a ‘backdoor’ on its servers. This allowed him to intercept thousands of internal emails from different government organisations including ones containing usernames and passwords for various military computers.
Using the stolen information, James was able to steal a piece of NASA software which cost the space exploration agency $41,000 as systems were shutdown for three weeks.
According to NASA, “the software [purported to be worth $1.7 million] supported the International Space Station’s physical environment, including control of the temperature and humidity within the living space.”
James was later caught but received a light sentence due to his young age.
He committed suicide in 2008 after he was accused of conspiring with other hackers to steal credit card information. James denied the allegation in his suicide letter.

Phone lines blocked to win Porsche (1995)
Kevin Poulsen is famous for his work in hacking into the Los Angeles phone system in a bid to win a Ferrari on a radio competiton.
LA KIIS FM was offering a Porsche 944 S2 to the 102th caller. Poulsen guaranteed his success as he took control of the phone network and effectively blocked incoming calls to the radio station’s number.
He won the Porsche but the law caught up to him and he was sentenced to five years in prison.
Poulsen later became the senior editor for IT security publication, Wired News.

Hacker targets Scientology (2008):
In January 2008, a New Jersey teenager along with a gang of hackers launched a DDoS attack that crippled the Church of Scientology website for several days.
The group is dubbed Annoymous and is staunchly against the ‘religion’.
Dmitriy Guzner, who was 19 years old, was charged and convicted for the DDoS attack. The maximum penalty was 10 years prison and a $250,000 fine but he was ultimately sentenced to two years probation and was ordered to pay the Church of Scientology $37,500.
A second man has been charged for the attac

About our Bloggers

About Friendship Circle

Friendship Circle of Michigan is a non-profit organization that provides programs and support to the families of individuals with special needs. In addition to assisting individuals with special needs, Friendship brings together teenage volunteers and children with special needs for hours of fun and friendship. These shared experiences empower the children, our special friends, while enriching the lives of everyone involved.

Friendship Circle International

Since Friendship Circle of Michigan was founded in 1994 Friendship Circle has spread to over 80 cities worldwide. To date Friendship Circle has cultivated friendships between 7,000 special children and close to 11,000 teen volunteers.
To learn more about Friendship Circle visit 

About This Blog

With over 75,000 visitors a month, the Friendship Circle Special Needs Resource blog is one of the biggest special needs blogs in the world. Currently the blog has over 500 articles on special needs topics including: parenting, special education, products, therapy tips, videos and more.

You’ll hear from parents, special educators, therapists, advocates, and those with special needs themselves. Whether you come to learn, share, or give your own opinion join us…. You are among friends.

Post by Madan Kumar Pathak