[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] OFF TOPIC - CHINESE CYBER ATTACK
- Subject: Re: [cobalt-users] OFF TOPIC - CHINESE CYBER ATTACK
- From: "Rodolfo J. Paiz" <rpaiz@xxxxxxxxxxxxxx>
- Date: Fri Apr 20 06:18:22 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
At 4/20/01 02:06 PM -0400, you wrote:
Sorry to keep this thread alive, but could you clarify please? I always start
going dyslectic when dealing with netmasks.
If one wanted to block say for example the range : 202.93.0.0 - 202.93.3.255,
how would that be inputted? Would it be the same?
202.93.0.0/255.255.0.0
No.
IP numbers and masks work like this:
Decimal: 202 . 93 . 0 . 0
Binary: 11001010 . 01011101 . 00000000 . 00000000
Netmasks work like this:
Decimal: 255 . 255 . 0 . 0
Binary: 11111111 . 11111111 . 00000000 . 00000000
Those binary bits that have 1's in them denote the network; the remaining
bits name hosts within the network. You'll note that there are exactly 16
ones (1's) in this netmask, which is why this is equivalent to writing
202.93.0.0/16.
In this way, 202.93.0.0/255.255.0.0 extends from 202.93.0.0 to
202.93.255.255 (the bits describing the network are always constant --
that's why it's the same network).
To block from 202.93.0.0 to 202.93.3.255, I think you can block:
202.93.0.0/24
202.93.1.0/24
202.93.2.0/24
202.93.3.0/24
or
202.93.0.0/23
202.93.2.0/23
or
202.93.0.0/22
As far as I know, these three are equivalent in terms of describing the IP
addresses. Note that these are *not* the same networks... hopefully the
previous explanation should show you why.
--
Rodolfo J. Paiz
rpaiz@xxxxxxxxxxxxxx