I am trying to learn few tools to see what goes under the hood of my compuyrt.I am trying to learn nmap. I am reading a book.I could not understand what is subnet mask.how can a host specification of 192.168.1.5/24 can scan everything between 192.168.1.0 and 192.168.1.255.
Suppose five computers are connected to a computer A via LAN .Computer A has connection to the net.The five other computers can connect to the net via A .But will all these 6 computers (including A) will have the same ip or six diferent ip
Pop out the calculator on your computer and set it to scientific mode.
Set it to decimal and enter then number 255. Now set it to binary mode and you should see what 255 is converted to binary - 11111111.
254 = 11111110
253 = 11111101
252 = 11111100
And so on...
8 binary digits is what is called a byte - both a subnet mask and an IP address are made up of 4 bytes:
Now let's look at the subnet mask in binary:
And let's look at the IP in binary:
Now - each 1 and 0 you see in a binary number is called a bit. So the rule to the subnet mask game is that every place you see a 1 in the subnet mask you are not allowed to change in the IP address, but every place you see a 0 in the subnet mask, you are allowed to create any combination of 1's and 0's in the IP address.
This means - for the above example - 192.168.1.0 and 192.168.1.255 are both valid IPs for this subnet - AND everything in between: (0-255).
If you were to take the subnet mask of:
Then your new IP range for your subnet would be:
192.168.0.0 to 192.168.255.255
Note: any IP address ending in 0 or 255 wouldn't be valid for assignment - but technically they still exist.
Ok - so that's how the subnet mask works! There is also the "Class" of ip address you have. If you look at any IP adress in binary you actually can tell what the Class of the IP address is by where the 1st 0 is.
So in our example:
We can see that the first 0 is the 3rd bit - so A, B, C - this is a Class C IP address...
If the IP address looked like this:
The first 0 would be at the second bit - A, B - this is a Class B address
And an address starting with a 0, would be a class A address.
As you can imagine, a Class A address has more available different IPs than a class B or a Class C, and a class B has more available addresses than a class C.
And that is really all there is to it.
Did that help?