# How to reverse engineer a subnet

## October 30, 2008

Alright.. Alright! everbody have their own method to reverse engineer a subnet… Here is a technic and way that works for me and might work for you.

Let’s take a random private ip.

IP: 192.168.1.^{95}⁄_{27}

And let’s try to figure out its network range.

In such case, we will take the lowest subnet octect, which here is 224 (remember that a subnet bit of 27 is 255.255.255.224)… let’s therefore convert it into binary.

224 = 11100000 (decimal to binary)

**[tip: a quicker way, would be since we have the bit size of the subnet, 27, we therefore know, we have have 27 bits.. which leaves us on the last octet with 3 bits of 1… which results in 11100000]**

Now to find the increment that defines the IP range, we take the lowest network bit, which going from left to right is the third “1”… which results in 100000.

Now, let’s convert 100000 into decimal to find that network increment.

100000 = 32 (binary to decimal)

So our network range increment is 32. That means we have 30 possible hosts per network + the network IP + the broadcast IP.

To find the network range of our private IP 192.168.1.95, let’s start incrementing by creating the different possible ranges out of the 1.0 network

This gives us

192.168.1.0 - 192.168.1.31 (30 hosts) 192.168.1.32 - 192.168.1.63 192.168.1.64 - 192.168.1.95 —— etc….

Now we can see that our IP is found in the IP range 192.168.1.64 - 192.168.1.95, which gives us the information that the network of the subnet 255.255.255.224 and IP 192.168.1.95 is 192.168.1.64, which broadcast IP is 192.168.1.95.

Till later,