SDL Episode27

From Paul's Security Weekly
Jump to: navigation, search

Secure Digital Life #27

Recorded August 8, 2017 at G-Unit Studios in Rhode Island!

Episode Audio

Coming Soon!

Hosts

  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Russell Beauchemin
    Cybersecurity & Network Security Program Advisor and Director of Instructional Support & Learning Innovation at Roger Williams University.
  • Adventures in Subnetting

    What is a subnet mask?

    32 bit field in 4 octets Each 8 bit octet acts as a MASK for the IP address to allow layer 3 devices to determine the "network segment" of the address.

    Review what is layer 3?

    The network layer represents the "network" to which an address belongs. Changing networks requires you to have a layer 3 device between the two segments (routing) Layer 3 devices do not care about the "host" part of an address, only the network portion

    Why?

    A layer 3 device must make a determination on the handling of a packet based on it's network It can: Forward the packet to another device Accept the packet because it is connected to that network /dev/null the packet (blackhole, drop, etc.) because it doesn't know anything about that network.

    A brief description of routing

    Routing tables contain paths to "other networks" which are not directly connected to the current layer 3 device


    So, for instance: When we see 172.16.32.55 mask 255.255.255.0? When a mask bit is turned on, I know, I know. It means the corresponding bit in the IP address is a part of the network segment. When a mask bit is turned off, it means the corresponding bit in the IP address is a part of the host segment.

    Remember 255 is the largest number in 8 bits so when you see 255 it means that whole octet is part of the network In the example the network is 172.16.32.0 The last octet has all the bits turned off (0) so the 55 is host 55 in the network 172.16.32.0

    Things to understand

    If any part of the network IP changes, you have changed networks segments and are now in the layer 3 world. So long as all the network bits match, you are still in the layer 2 world

    so 172.16.32.0 255.255.255.0 and 172.16.33.0 255.255.255.0 are different networks and would have to be routed 172.16.32.5 255.255.255.0 and 172.16.32.55 255.255.255.0 are in the same network and do not need routing

    Remember, layer 2 and layer 3 are NOT the same thing and these masks are critical in the determination of which network segment(s) are involved.