Taking a Closer Look on IPv6 and Portable Executable Files

These were other materials that I learned during my investigation. Pointing these out here for my own benefit, for whenever I need to return to in the future.

When reading out netscan results, most were not in the IPv4 format but rather in IPv6. After some researching I learned I was looking at the link-local IPv6 addresses (LAN) because of the “FE80” denotation, the first 10 bits within a IPv6 address. This introduced me to telling the difference of examining a local address and a global address (for the public). Additionally I learned that IPv6 does not require submasking because it has enough bits to point out a network and the host within that network. Of course the network and host bits can be configured to have more or less bits as stated by a prefixed number beside this address. Typically the first half of bits identifies the network and the rest may identify the host in that network. The host segment is represented as the interface ID seen below. Notice that the interface ID is used in the link-local address.




This investigation also helped to clarify the difference between executable (.exe) and portable executable (PE) files. Where executable files are a subset of PE files while PE files include ".exe", ".dll" and ".ocx" files. PE files are necessary information for the operating system to run executable code. A “.exe” file denotes the main entry point for execution within a program such as “Main” in C#.

Comments

Popular posts from this blog

Kali Linux Fundamentals and Transforming Data

Memory Analysis Practice