How to defend against Account Takeovers
Learn about account takeover threats, protection strategies, and detection methods to secure your digital accounts and prevent unauthorised access.
Classless Inter-Domain Routing (CIDR) notation is a crucial concept in modern networking, and it plays a vital role in how IP addresses are allocated and utilized.
Introduction to CIDR Notation
CIDR is a method for allocating IP addresses and routing IP packets. It's called "classless" because it breaks down the rigid class-based system that was initially used in IP address allocation, allowing for more granular and efficient use of the available IP address space.
The Need for CIDR
The original method of IP addressing categorized IP addresses into classes (Class A, B, C, D, and E), each with a fixed number of bits for the network and host. This classful system was often inefficient, leading to wasted IP addresses.
CIDR was introduced to overcome these inefficiencies by allowing network addresses to be divided more flexibly. With CIDR, the division between the network and host portions of an IP address can be placed anywhere, not just along the boundaries defined by the classes.
How CIDR Notation Works
CIDR notation combines an IP address with a prefix length, describing how many bits are used for the network portion of the address. The format is:
IP_ADDRESS/PREFIX_LENGTH
- IP_ADDRESS: This is the standard IP address, such as 192.168.1.0.
- PREFIX_LENGTH: This number tells you how many bits are used for the network portion of the address. The remaining bits are used for the host portion.
Here's some examples, Example 1:
192.168.1.0/24
This means that the first 24 bits of the IP address are used for network identification, and the remaining 8 bits are used for host addresses within that network. In traditional subnet masking, this would be equivalent to a subnet mask of 255.255.255.0. The range of usable IP addresses is:
192.168.1.1 to 192.168.1.254
Example 2:
192.168.1.16/28
The /28 tells us that the first 28 bits of the IP address are fixed as the network portion. This leaves 4 bits for host addresses within that network. The usable IP range is:
192.168.1.17 to 192.168.1.30
You'll note that there is one IP address at the very end that isn't included in the usable range, this is the Broadcast Address, in the previous example it would be 192.168.1.31.
A broadcast address is the last address within a network or subnet. It's reserved for sending data to all hosts within that specific network segment. When a packet is sent to the broadcast address, all devices within the corresponding network or subnet receive it.
Benefits of CIDR
- More Efficient IP Allocation: CIDR allows for finer control over IP address allocation, which helps prevent address space waste.
- Simplified Routing: CIDR helps simplify routing by allowing networks to be summarized, or aggregated, into a single routing table entry. This reduces the size of routing tables, making routing more efficient.
- Flexibility: CIDR's classless design allows network administrators to divide networks in a way that best fits their needs, making it adaptable to various network sizes and requirements.
Related Articles
What is an Account Takeover?
An overview of Account Takeover Attacks
Anatomy of a Credential Stuffing Attack
A step-by-step breakdown of how credential stuffing attacks are carried out, from obtaining stolen credentials to bypassing defenses and taking over accounts.
What is Anycast DNS?
An introduction to Anycast DNS
What is an Apex Domain?
A quick description about what an Apex Domain is.
Best Practices for API Key Management and Rotation
Learn the essential best practices for managing and rotating API keys to enhance security, prevent unauthorized access, and minimize the impact of key compromise.