This is one of the best texts on TCP Subnetting I've seen in a while.
Read it CAREFULLY and atleast a couple of times.
If you have any questions, come to alt.hackers.malicious .
All credits here go to LocoHost!

============================================================================

A subnet mask is the mechanism that defines how the host portion of
the IP address is divided into subnetwork addresses and local host
address portions. It has nothing to do with the uniqueness of an IP
address. It is not a prefix to, or suffix of and IP address. It does
nothing to modify the IP address.

Using your example, a subnet mask of 255.255.248.0 would look like
this in binary:

11111111. 255
11111111. 255
11111000. 248
00000000. 0

(this is hard to show because of the word wrapping)

Taking the IP address in your example:

156.15.15.15

and changing each of it's octets into it's binary representation:

10011100. 156
00001111. 15
00001111. 15
00001111. 15

THEN -

ANDing the first set of octets yields:

10011100. 156
AND
11111111. 255
=
10011100. 156

ANDing the second set of octets yields:

00001111. 15
AND
11111111. 255
=
00001111. 15

ANDing the third set of octets yields:

00001111. 15
AND
11111000. 248
=
00001000. 8

ANDing the last set of octets yields:
00001111. 15
AND
00000000. 0
=
00000000. 0

Yielding a subnet address of: 156.15.8.0

This subnet address is said to have eight bits in the subnet field,
which leaves six bits to define hosts. In the last octet, there are
zero binary bits set, yielding 256 possible values (0 through 255).
However, there are only 254 of these addresses that can be used for
hosts on each subnet. This is because the first and last values are
reserved for each subnet. The first is reserved as identifying the
subnet number itself and the last is the broadcast address for that
subnet.

RFCs 760, 791 and 1812 caution against the use of the first and last
subnet, and in some installations, either the last subnet, or the
first and last subnet are unavailable. Whether these subnets are
usable depends on the routing protocols in use on the network and the
IP implementation on the routing devices on the network.

.

On 28 Feb 1999 05:45:48 GMT, skroohead@aol.comFUCKSPAM (Skroohead)
wrote:

>
>well, what i never understood was subnetting, i mean i know how it works,
but
>when you enter an ip into a nuking program for example, how does it know
what
>subnet mask to use? Does it just use 255.255.255.0 as default? or what?

It, the "nuking" program, doesn't need to know. All it needs to do is
attempt a connection. Routers handle the passing of requests and
subsequent replies. Routers "know" the subnetting scheme being used by
the network.

> Are certain IP's  routed to certain subnets by their binary translations?

Yes.

> And if so, could you have an IP on a network, lets say yer subnet mask is
>255.255.248.0, if you had an IP on that network that was (for example),
>156.15.15.15, could there be another  IP on another subnet that is also
>156.15.15.15.,

Subnetting has nothing to do with the use of an IP address - it has an
effect on whether it is "usable" on a particular network (i.e., it
either belongs to the immediate subnet, or can be routed to the proper
network/subnet/node, or gets /dev/nulled because the network is not
reachable).

>and if so, could you (for example) send anonymous mail from an IP
>on a less commonly used subnet, and if the SMTP server doesn't log the
subnets,
>only IP's, could you blame it on somebody else in a different subnet?

As explained earlier, subnetting is the mechanism that defines how the
host portion of the IP address is divided into subnetwork addresses
and local host address portions. It doesn't have an effect on the
information in the packets - it affects where the packets are to be
sent.
V--V

http://www.ahm-home.com/Vampi/

"The idea of of cleaning AHM of retarded lame half witted, fuck witted
lamers is a solid idea."
Joskyn ®

<@CLaWz{WS}> do not become prey lame one

<@ccitt5> I just have to be a prick sometimes... there's no way around it...