|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: RE: Discovering network subnets
nobody
nowhere.com
Date: Sun Aug 21 2005 - 17:43:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Nope. According to your example, you have defined two networks:
10.0.0.0/23
10.0.1.0/23
10.0.{0,1}.255 would be the broadcast address for each one
10.0.{0,1}.0 would <still> be the network address itself - not a host address
There's only one valid application/use of .0 as a host address - check http://www.ietf.org/rfc/rfc3021.txt?number=3021 - which also includes a lot if interesting pointers to other RFCs and addressing rules for IPv4.
Considering the answers Hannibal got, I tend to think the packet to .0 got translated by a route connected to that network to an L2 broadcast - and more than one host received it and replied to it. So actually those open ports could come from one, two, or three different hosts.
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]