Simple high level explanation: 10.0.0.0/8 (255.255.255.0) is a class A addressing space 172.16.0.0/12 (255.240.0.0) is a class B addressing space 192.168.0.0/16 (255.255.255.0) is a class C addressing space
All of the above are considered PUBLIC ip addresses, they are NOT routed across the internet and should never be. Professionals get confused about PRIVATE verse PUBLIC. PUBLIC are not routed, PRIVATE are bought through the InterNIC (or other companies that sell IP addresses like IBM for example) and therefor are routable. The reason for PUBLIC ip addresses is simple. There were not enough IPv4 (version 4) ip addresses to go around, so they made some public address spaces for people to use at will inside their intranets. They aren't routed because if two different companies have the same 10.x.x.x network addresses, how would the Internet routers know where to send packets? The answer is via NAT (which is another topic). 127.0.0.0 is a little bit different than the above. This was basically a blunder from the old school. 127.0.0.0 was used by the Unix operating system as the loopback network, and has been reserved. They took an entire "class" in order to use as their test bed for loopback and whatever. The mind set at the time (of this decision) was that they would never run out of ips in the 32 bit address space. The internet isn't going to get that large... they were wrong. Side Note: ipv6 = 1 ip address per square foot on planet Earth. Hope this helps -KaTT > > > -----Original Message----- > > > From: Steven M Bloomfield [mailto:[EMAIL PROTECTED]] > > > Subject: help - can someone explain this to me? > > > > > > Hi, > > > I'm webmaster of a large-ish website and yesterday the server > > > went down. It is a Redhat 6.1 Linux server. All my ISP would do > > > was press the 'reset' button - very kind of them (they are NT > > > specialists). > > > Inspecting my log files I found thousands of denied packets, all > > > seem to be within a period of 6 hours. > > > My question is, could such an attack disable my machine and crash > > > it? Can anyone identify what sort of attack it was? > > > > > > Here's a summary below: > > > > > > Denied packets from modem-392.awesome.dialup.pol.co.uk > > > (62.25.129.136). Port https (tcp,eth0,input): 5 packet(s). > > > Total of 5 packet(s). > > > > > > Denied packets from 10.10.71.237. > > > Port netbios-dgm (udp,eth1,input): 69 packet(s). > > > Port netbios-ns (udp,eth1,input): 333 packet(s). > > > Total of 402 packet(s). > > > > > > Denied packets from 10.10.0.4. > > > Port netbios-dgm (udp,eth1,input): 496 packet(s). > > > Port netbios-ns (udp,eth1,input): 2925 packet(s). > > > Total of 3421 packet(s). > > > > > > Denied packets from userSg017.videon.wave.ca (204.112.48.37). > > > Port 500 (udp,eth0,input): 6 packet(s). > > > Total of 6 packet(s). > > > > > > Denied packets from 207.190.199.102. > > > Port https (tcp,eth0,input): 11 packet(s). > > > Total of 11 packet(s). > > > > > > Denied packets from 10.10.32.21. > > > Port netbios-dgm (udp,eth1,input): 338 packet(s). > > > Port netbios-ns (udp,eth1,input): 1742 packet(s). > > > Total of 2080 packet(s). > > > > > > Denied packets from 172.17.0.18. > > > Port 1434 (udp,eth1,input): 2 packet(s). > > > Total of 2 packet(s). > > > > > > Denied packets from 10.10.1.37. > > > Port netbios-dgm (udp,eth1,input): 496 packet(s). > > > Port netbios-ns (udp,eth1,input): 2925 packet(s). > > > Total of 3421 packet(s). > > > > > > Denied packets from 10.10.32.27. > > > Port netbios-dgm (udp,eth1,input): 59 packet(s). > > > Port netbios-ns (udp,eth1,input): 324 packet(s). > > > Total of 383 packet(s). > > > > > > Denied packets from 10.10.32.28. > > > Port netbios-dgm (udp,eth1,input): 107 packet(s). > > > Port netbios-ns (udp,eth1,input): 513 packet(s). > > > Total of 620 packet(s). > > > > > > Denied packets from 10.10.0.1. > > > Port 0 (tcp,eth1,input): 3 packet(s). > > > Total of 3 packet(s). > > > > > > Denied packets from 10.10.0.3. > > > Port bootpc (udp,eth1,input): 19 packet(s). > > > Port netbios-dgm (udp,eth1,input): 475 packet(s). > > > Port netbios-ns (udp,eth1,input): 2259 packet(s). > > > Total of 2753 packet(s). > > > > > > Thanks, > > > > Steve > >-- >Microsoft's Software ist zu 99 % von UNIX abgeschrieben. 1 % dient >dazu, MS zum Rest der Welt inkompatibel zu machen. >Lutz Badenheuer | IT-Consulting, Development, Networksolutions >[EMAIL PROTECTED] | C/C++, Perl, bash | Linux, SCO UNIX, Solaris _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
