Thursday, March 24, 2011


This is also a very simple tool. It sends an ICMP Netmask (ICMP type 17) request to the target, and in the answer (ICMP type 18) we should find the subnet mask of the target. This way we can get more information about the IP addressing structure at the target. Usually most of the firewalls are filtering these messages, but even if they don't the hosts replies many times with /32.

We can print the result in many different ways, most of the options are related to the representation. Here are a couple of examples:

netmask -b - bit view
netmask -c - CIDR view
netmask -s - standard view
netmask -r - range view

root@bt:~# netmask -b
11000000 10101000 00000001 00000001 / 11111111 11111111 11111111 11111111

root@bt:~#netmask -c

root@bt:~# netmask -s

root@bt:~# netmask -r     (1)
Látszik, hogy a routerem is /32-t ad vissza annak ellenére hogy /24 a subnet mask.

No comments: