Unorganized notes, for now.
Sixteen digit hexadecimal SIP address with subnet and ports.
0123-4567-89AB-CDEF.XXXX.YYYYY
0: The type marker.
123: The country marker.
45: The region or state marker.
67: The state or region district.
89AB: Cities or other major areas within a district.
CDEF: Individual locations.
XXXX: Numeric identifier for an individual station, terminal, or device within a location.
YYYYY: A specific access port for a station.
The Type Marker is a global classification marker that immediately distinguishes the type of traffic (and, to a certain extent, its priority).
0: SplitBit Administrative. Used for administrative and maintenance purposes.
1: Government. Used for government purposes.
2-4: Major Commercial.
5-9: Minor Commercial.
A-E: Residential.
F: Public Access Terminals and other public-usage property.
The lowest country marker is 100 – the United States. Sorry, other countries.
Generally begins at 10, with higher numbers reserved for special purpose
Again, generally begins at 10, with higher numbers reserved for special purpose
Usually starts at 1000, with higher numbers reserved for special purposes.
The most diverse marker, and most commonly filled from 0000 up.
Controls the location of items within a subnet.
Ports are five digit identifiers for specific entry points to a system. Typically, a system sets up a firewall to block all ports except for a specific series of allowed ports. Programs usually use specific ports to operate - for example, a web server traditionally keeps port 80 open for browser traffic, and keeps port 443 open for more secure traffic.
A Splitbit memory address is a sixteen-digit hexadecimal, formatted as 01234567:89ABCDEF, that records the specific location of a file in memory. Files that are fragmented have multiple memory addresses, denoting the multiple pieces of the file that must be accessed. Each individual address is responsible for one megabyte of data. A file ten megabytes long might be found at addresses 00000001:000BDC75 through 00000001:000BDC7E, for example, if stored contiguously.
The offset is another hexadecimal number following the address, which for the purposes of Splitbit is used to indicate how many megabytes of data follow the initial address (0001 would be just the address itself; 0010 would be 16 megabytes total; and so forth.)
This means that a file allocation table might have the following entry:
Filename | Extension | Fragments | Addresses |
---|---|---|---|
“Hardware schematic - Gem1250” | “cad” | 0001 | 00000003:00010301:0020 |
This tells us that a file named Hardware schematic - Gem1250.cad exists at address 3:10301 and takes up hex20 megabytes (32 megabytes, converted from hex to decimal.)
In an attempt to lock down on unregistered usage, most networks deny access unless the user is connecting from a machine with an approved Machine Serial Number (MSN), or require MSN data in order to connect. Depending on the level of security, the MSN may not necessarily need to be legitimate or verifiable. MSNs are formatted as 24 digits of hex code, as follows:
AAAA:BBBB:CCCC:DDDD-HHHH
A: Usually set to the manufacturer's ID; for example, all Verizon routers come with the unique MSN prefix of 1305.
B: Again, this is usually manufacturer-specific, and typically refers to a production plant or facility that made the hardware, and/or a particular model of hardware.
C: Depending on the manufacturer, this may note a particular day's output, or a particular model, or a particular production line.
D: Randomized during production, but usually tracked in a manufacturing computer that can tell you when a particular unit has been made.
H: A hex-code that is made from a hash of all previous numbers.
MSNs serve as a machine identity tag that allows information to be routed appropriately - and allows hackers to route information to them by assuming the MSN of a legitimate user.
A network DNS server usually assigns SIDs to its component computers and keeps track of them all within a routing table. This usually looks something like this.
MSN | SID | User ID |
---|---|---|
AAAA:BBBB:CCCC:DDDD-HHHH | 0123-4567-89AB-CDEF.XXXX | WM1742/caseyjones |
AAAA:BBBB:CCCC:DDDD-HHHH | 0123-4567-89AB-CDEF.XXXX | WM1742/arobins |
Routing logs are what allow every user's activities to be monitored and scrutinized in depth if someone wishes.
When you are ready to launch an attack on a target system, you choose what to use, what systems to route your attack through, and coordinate attacks from your system. Ideally you use multiple compromised networks to launch your attack and route these attacks through difficult-to-trace paths through which log files can be later cleared.
Free and open proxies allow you to use their services without any special work, but may not be honest.