Network Security Assessment by Chris McNab The unconfirmed error reports are from readers. They have not yet been approved or disproved by the author or editor and represent solely the opinion of the reader. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem ?page-number?: reader question or request for clarification This page was updated September 15, 2004. UNCONFIRMED errors and comments from readers: {41} Example 4-2; The NMAP output indicates there are 3 networks (as stated on page 42) but there appears to be an error with the subnet masks and the legitimacy of the networks. abc.co.uk has addresses from 62.2.15.8 to 62.2.15.15 (8 addresses) smallco.net has addresses from 62.2.15.16 to 62.2.15.19 (4 addresses) example.org has addresses from 62.2.15.20 to 62.2.15.35 (16 addresses) The last range seems to be the issue because the subnet does not fall on a normal start address for 16 addresses. These would normally be 62.2.15.0, 62.2.15.16 and then 62.2.15.32 etc. If you do the binary for the first and last addresses in the stated range it is as follows (last octect only). .20 = .00010100 .35 = .00100011 Therefore shouldn't the subnet mask be 11000000 or 192 (decimal)? If I'm right and the last octect of the subnet mask is .192 this would mean the this network should have 64 addresses which could only fall on 62.2.15.0, .64, .128 etc. None of these tie in with the .20 starting address stated. (193) 3rd paragraph; commands are issued across the control channel to determine which dynamic high ports (above 1024) are used to transfer and receive data. "above 1024" should be "1024 and over" becase 1024 is a non-privileged port.