Subnet on a Network

Get the latest on wired & wireless, talk network setups, get help with connectivity problems, web hosts, etc.
Post Reply
User avatar
SecureITGroup
Hacker in Training
Posts: 54
Joined: Sat Oct 04, 2003 2:15 am
Contact:

Subnet on a Network

Post by SecureITGroup » Fri Dec 20, 2013 9:24 pm

Two part question
Network A
Say for instance you have a network configured in this way
Static IP Address's area are ranging from 192.168.0.1 - 192.168.0.254
Subnet Mask is set to 255.255.255.0
Is it correct that we can have 254 nodes on this configuration?

Second Part
Network B
We have a wireless router on the first examples network.
However the router is configured to hand out ip's using dhcp from 172.168.1.1 - 172.168.1.254
The subnet Mask is also set to 255.255.255.0
Is it correct we can also have 254 nodes on this network?

Part Three
since a router works at level three of the osi layer can I capture traffic on network "A"

psilocybin
Sargeant at Arms
Posts: 191
Joined: Tue Feb 17, 2009 5:27 am

Re: Subnet on a Network

Post by psilocybin » Sat Dec 21, 2013 5:04 am

Is it correct that we can have 254 nodes on this configuration?
ignoring router IP's, sure.
Is it correct we can also have 254 nodes on this network?
same as above.
since a router works at level three of the osi layer can I capture traffic on network "A"
you mean from network B? no. routers break apart broadcast domains, meaning that anything locally broadcast on the wireless subnet gets stopped at the router, and that packets addressed to a host on network A must go through the router first. sniffing within a subnet works by either listening promiscuously to data being sent within a collision domain but addressed to the intended recipient (by MAC address), or by poisoning the ARP cache (in the case where all collision domains are separated by a switch) to achieve a man-in-the-middle attack. routers preclude all of that.

User avatar
SecureITGroup
Hacker in Training
Posts: 54
Joined: Sat Oct 04, 2003 2:15 am
Contact:

Re: Subnet on a Network

Post by SecureITGroup » Sat Dec 21, 2013 7:38 am

you did assume correct I was referring to capturing traffic on router B/Network "B" but my next question is since I am a node on network B (subnetted in a poor fashion for multiple nodes) cant I find my way onto network A because Router B is acting as a bridge between the two networks? If i do a trace rt to google.com using router "b" wouldnt it show router "a" ip since it is the gateway? From there can I run angry IP scanner and see what ips are active on Network "A"?

psilocybin
Sargeant at Arms
Posts: 191
Joined: Tue Feb 17, 2009 5:27 am

Re: Subnet on a Network

Post by psilocybin » Sat Dec 21, 2013 3:34 pm

to be clear, my last answer was only pertaining to packet capture. now you're asking about scanning and routing, which is a more active process. now, with that in mind, remember that all my next answers come with the major caveat that they are entirely dependent upon the configuration of the network (routers and switches). I assume everything is behaving like a "normal" configuration, where nothing is explicitly disallowed etc.
since I am a node on network B (subnetted in a poor fashion for multiple nodes) cant I find my way onto network A because Router B is acting as a bridge between the two networks?
yes. that is the function of a router: to route packets transmitted from a host on one subnet to another host on another subnet. don't mistake that for meaning that someone on net B can sniff someone on net A; sniffing only applies to the local collision domain (or if you do ARP poisoning, the local broadcast domain).
If i do a trace rt to google.com using router "b" wouldnt it show router "a" ip since it is the gateway?
yes. router A will be responsible for one hop of routing the packets to google.com, so it will show up in traceroute.
From there can I run angry IP scanner and see what ips are active on Network "A"?
I assume angry IP just sweeps scanning packets over every possible IP in the subnet? the default answer is yes, that will work, but it depends entirely upon the configuration of the network. many routers are configured to not allow ICMP within the hosts on its network, so if you're using ICMP (ping sweep), it might not work. furthermore, if the router ACL is set to only allow certain hosts to only talk to certain other hosts on its network, then you probably won't see shit (even with something like a SYN scan) unless you happen to be one of those hosts, and then you'll only see those hosts that the router allows you to see. hell, depending on how the VLANs are set up, it's possible you won't even see anything else on your local subnet with a scan (which would mean that you're on a VLAN that has an entire subnet being used for one host. unlikely but possible).

tl:dr; depends.

Post Reply