Network Subnet & Attack Surface Calculator

ANALife Services AuthorityNational Calculator Authority›Network Subnet & Attack Surface Calculator

.calc-container { max-width: 640px; margin: 2rem 0; padding: 1.5rem; background: #fff; border: 1px solid #ddd; border-radius: 8px; box-shadow: 0 1px 3px rgba(0,0,0,0.06); font-family: system-ui, -apple-system, sans-serif; } .calc-container h3 { font-family: Georgia, serif; font-size: 1.15rem; color: #1a1a1a; margin-bottom: 1rem; padding-bottom: 0.5rem; border-bottom: 2px solid var(--ac, #3d5a80); } .calc-row { display: flex; align-items: center; gap: 0.75rem; margin-bottom: 0.75rem; flex-wrap: wrap; } .calc-row label { min-width: 160px; font-size: 0.9rem; color: #333; font-weight: 500; } .calc-row input[type="number"], .calc-row select { flex: 1; min-width: 120px; max-width: 200px; padding: 0.5rem 0.6rem; border: 1px solid #ccc; border-radius: 4px; font-size: 0.9rem; font-family: system-ui, sans-serif; color: #1a1a1a; background: #fafaf8; } .calc-row input:focus, .calc-row select:focus { outline: none; border-color: var(--ac, #3d5a80); box-shadow: 0 0 0 2px rgba(26,74,138,0.12); } .calc-row .unit { font-size: 0.82rem; color: #888; min-width: 30px; } .calc-btn { display: inline-block; margin-top: 0.5rem; padding: 0.55rem 1.5rem; background: var(--ac, #3d5a80); color: #fff; border: none; border-radius: 4px; font-size: 0.9rem; font-weight: 600; cursor: pointer; font-family: system-ui, sans-serif; } .calc-btn:hover { opacity: 0.9; } .calc-result { margin-top: 1.25rem; padding: 1rem 1.25rem; background: #f0f6fc; border-left: 3px solid var(--ac, #3d5a80); border-radius: 0 6px 6px 0; display: none; } .calc-result.visible { display: block; } .calc-result-label { font-size: 0.78rem; text-transform: uppercase; letter-spacing: 0.06em; color: #666; margin-bottom: 0.25rem; } .calc-result-value { font-size: 1.6rem; font-weight: 700; color: var(--ac, #3d5a80); } .calc-result-detail { font-size: 0.85rem; color: #555; margin-top: 0.5rem; line-height: 1.5; } .calc-note { margin-top: 1rem; font-size: 0.8rem; color: #888; font-style: italic; } .calc-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 0.75rem; margin-top: 0.75rem; } .calc-grid-item { padding: 0.6rem 0.8rem; background: #f8f9fa; border-radius: 4px; border: 1px solid #eee; } .calc-grid-item .label { font-size: 0.75rem; color: #888; text-transform: uppercase; letter-spacing: 0.04em; } .calc-grid-item .value { font-size: 1.1rem; font-weight: 600; color: #1a1a1a; } @media (max-width: 720px) { .calc-row { flex-direction: column; align-items: flex-start; gap: 0.3rem; } .calc-row label { min-width: auto; } .calc-row input[type="number"], .calc-row select { max-width: 100%; width: 100%; } .calc-grid { grid-template-columns: 1fr; } } .calc-chart { margin: 1rem 0; text-align: center; } .calc-chart svg { max-width: 100%; height: auto; } .calc-chart-legend { display: flex; flex-wrap: wrap; justify-content: center; gap: 0.6rem 1.2rem; margin-top: 0.6rem; font-size: 0.8rem; color: #555; } .calc-chart-legend span { display: inline-flex; align-items: center; gap: 0.3rem; } .calc-chart-legend i { display: inline-block; width: 10px; height: 10px; border-radius: 2px; font-style: normal; } .calc-related { max-width: 640px; margin: 2rem 0 1rem; padding: 1.25rem 1.5rem; background: #f8f9fa; border: 1px solid #e8e8e8; border-radius: 8px; } .calc-related h3 { font-family: Georgia, serif; font-size: 1rem; color: #1a1a1a; margin: 0 0 0.75rem; padding-bottom: 0.4rem; border-bottom: 2px solid var(--ac, #3d5a80); } .calc-related-list { list-style: none; padding: 0; margin: 0 0 0.75rem; display: grid; grid-template-columns: 1fr 1fr; gap: 0.4rem 1.5rem; } .calc-related-list li a { font-size: 0.88rem; color: var(--ac, #3d5a80); text-decoration: none; } .calc-related-list li a:hover { text-decoration: underline; } .calc-browse-all { margin: 0.5rem 0 0; font-size: 0.9rem; font-weight: 600; } .calc-browse-all a { color: var(--ac, #3d5a80); text-decoration: none; } .calc-browse-all a:hover { text-decoration: underline; } @media (max-width: 720px) { .calc-related-list { grid-template-columns: 1fr; } }

Network Subnet & Attack Surface Calculator

Calculate subnet details (usable hosts, network/broadcast addresses) and estimate your network attack surface score based on exposed ports and services.

CIDR Notation (e.g. 192.168.1.0/24)

Number of Open Ports

Number of Exposed Services (HTTP, SSH, FTP, etc.)

Number of Public-Facing IP Addresses

Number of Unpatched Systems

Calculate

function netCalc() { const cidrInput = document.getElementById('net-cidr').value.trim(); const openPorts = parseInt(document.getElementById('net-open-ports').value) || 0; const exposedServices = parseInt(document.getElementById('net-exposed-services').value) || 0; const publicIPs = parseInt(document.getElementById('net-public-ips').value) || 0; const unpatched = parseInt(document.getElementById('net-unpatched').value) || 0; const resultDiv = document.getElementById('net-result');

// --- Parse CIDR --- const cidrRegex = /^(\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})\/(\d{1,2})$/; const match = cidrInput.match(cidrRegex);

if (!match) { resultDiv.style.display = 'block'; resultDiv.innerHTML = '⚠ Invalid CIDR notation. Use format: X.X.X.X/prefix (e.g. 192.168.1.0/24)'; return; }

const o1 = parseInt(match[1]); const o2 = parseInt(match[2]); const o3 = parseInt(match[3]); const o4 = parseInt(match[4]); const prefix = parseInt(match[5]);

if (o1 > 255 || o2 > 255 || o3 > 255 || o4 > 255) { resultDiv.style.display = 'block'; resultDiv.innerHTML = '⚠ Each octet must be between 0 and 255.'; return; } if (prefix 32) { resultDiv.style.display = 'block'; resultDiv.innerHTML = '⚠ Prefix length must be between 0 and 32.'; return; } if (openPorts 65535) { resultDiv.style.display = 'block'; resultDiv.innerHTML = '⚠ Open ports must be between 0 and 65535.'; return; }

// --- Subnet Calculations --- // Convert IP to 32-bit integer const ipInt = (o1 >> 0;

// Network address const networkInt = (ipInt & subnetMaskInt) >>> 0;

// Broadcast address: network OR inverse mask const inverseMask = (~subnetMaskInt) >>> 0; const broadcastInt = (networkInt | inverseMask) >>> 0;

// Total hosts = 2^(32 - prefix) const totalHosts = Math.pow(2, 32 - prefix);

// Usable hosts: /31 and /32 are special cases let usableHosts; if (prefix === 32) { usableHosts = 1; // Single host } else if (prefix === 31) { usableHosts = 2; // Point-to-point link (RFC 3021) } else { usableHosts = totalHosts - 2; // Subtract network and broadcast }

// Convert int back to dotted decimal function intToIP(n) { return [ (n >>> 24) & 0xFF, (n >>> 16) & 0xFF, (n >>> 8) & 0xFF, n & 0xFF ].join('.'); }

const networkAddr = intToIP(networkInt); const broadcastAddr = intToIP(broadcastInt); const subnetMask = intToIP(subnetMaskInt);

// First and last usable host let firstUsable, lastUsable; if (prefix === 32) { firstUsable = intToIP(networkInt); lastUsable = intToIP(networkInt); } else if (prefix === 31) { firstUsable = intToIP(networkInt); lastUsable = intToIP(broadcastInt); } else { firstUsable = intToIP((networkInt + 1) >>> 0); lastUsable = intToIP((broadcastInt - 1) >>> 0); }

// Wildcard mask (inverse of subnet mask) const wildcardMask = intToIP(inverseMask);

// IP class detection function getIPClass(firstOctet) { if (firstOctet >= 1 && firstOctet = 128 && firstOctet = 192 && firstOctet = 224 && firstOctet = 240 && firstOctet = 16 && o2 20) recommendations.push('Reduce open ports — close unused ports to minimize exposure.'); if (exposedServices > 5) recommendations.push('Limit exposed services — disable or firewall unnecessary services.'); if (publicIPs > 5) recommendations.push('Reduce public-facing IPs — use NAT/PAT to hide internal hosts.'); if (unpatched > 0) recommendations.push('Patch unpatched systems immediately — unpatched systems are primary attack vectors.'); if (!isPrivIP) recommendations.push('Consider using RFC 1918 private addressing with NAT for internal networks.'); if (prefix Input IP / CIDR${cidrInput} Subnet Mask${subnetMask} Wildcard Mask${wildcardMask} Network Address${networkAddr} Broadcast Address${prefix >= 31 ? 'N/A (point-to-point)' : broadcastAddr} First Usable Host${firstUsable} Last Usable Host${lastUsable} Total Addresses${totalHosts.toLocaleString()} Usable Hosts${usableHosts.toLocaleString()} IP Class${ipClass} Address Type${isPrivIP ? '🔒 Private (RFC 1918)' : '🌐 Public'} Possible /30 Subnets${typeof subnetsAs30 === 'number' ? subnetsAs30.toLocaleString() : subnetsAs30}

### 🛡 Attack Surface Score

${attackSurface.toFixed(1)} ${riskEmoji} ${riskLevel} Risk

Breakdown: Ports (${(openPorts * 1.5).toFixed(1)}) + Services (${(exposedServices * 3).toFixed(1)}) + Public IPs (${(publicIPs * 5).toFixed(1)}) + Unpatched (${(unpatched * 10).toFixed(1)}) + Subnet Factor (${subnetFactor.toFixed(1)})

### 🔎 Recommendations

${recommendations.map(r => ${r}).join('')}

`; }

#### Formulas Used

Subnet Mask: Set the first prefix bits to 1, remaining bits to 0 in a 32-bit field.

Network Address: IP & SubnetMask (bitwise AND)

Broadcast Address: NetworkAddress | WildcardMask (bitwise OR with inverse mask)

Total Addresses: 2(32 − prefix)

Usable Hosts: 2(32 − prefix) − 2  (subtract network & broadcast; /31 = 2, /32 = 1 per RFC 3021)

Attack Surface Score:

AS = (OpenPorts × 1.5) + (ExposedServices × 3) + (PublicIPs × 5) + (UnpatchedSystems × 10) + (log₂(UsableHosts + 1) × 2)

Risk Thresholds: Low < 30 | Moderate 30–74 | High 75–149 | Critical ≥ 150

#### Assumptions & References

More Calculators

Read Next

Study Time Planner Authority Network America › Life Services Authority › National Calculator Authority .calc-container { max-width: 640px;...

References

Related Authorities

Life Services Authority › Professional Services Authority › Trade Services Authority › United States Authority ›