IP addresses are one of the fundamental building blocks of the internet, but could pose a potential security liability, if an attacker were to get ahold of yours. Credit: Rawpixel An IP address is a long string of numbers assigned to every device connected to a network that uses Internet Protocol as the medium for communication; it’s the digital world’s equivalent of the mailing address associated with your home or workplace. The way Internet Protocol works is that information is transmitted over the network in discrete chunks called packets; each packet is mostly made up of whatever data the sender is trying to communicate, but also includes a header, consisting of metadata about that packet. Among other pieces of data stored in the packet header are the IP address of the device that sent the packet and the IP address of device where the packet is heading. Routers and other network infrastructure use this information to make sure the packets get to where they’re supposed to go. How does DNS match domain names to IP addresses? Nobody types IP addresses into a browser search field; we use domain names like Network World, CNN or Twitter. The Domain Name System, or DNS, another part of the Internet protocol suite, makes sure that requests made using domain names reach the correct IP address. You can think of DNS as representing a more user-friendly layer on top of the IP-address infrastructure. However, the IP address remains the fundamental way that internet-connected devices are found, and in some circumstances a domain name can correspond to multiple servers with different IP addresses. What’s the difference between IPv4 and IPv6 addresses? There are two versions of IP addresses: IPv4 and IPv6, and they have different formats, the major difference between them being that it’s possible to create vastly more unique IPv6 addresses (2128) than IPv4 addresses (232). IPv4 addresses are written in four parts separated by dots like this: 45.48.241.198. Each part written in conventional Base 10 numerals represents an eight-bit binary number from 0 to 255. Each of these four numbers separated by dots is written in standard decimal notation. But computers fundamentally deal with numbers in binary (using zeroes and ones, and each of the numbers in an IPv4 address represents an 8-bit binary number, which means that none of them can be higher than 255 (111111 in binary). It’s quite likely that you’ve seen IP addresses like that one before since they’ve been around since 1983. The newer version of the protocol, IPv6, is slowly displacing IPv4, and its addressing looks like this: 2620:cc:8000:1c82:544c:cc2e:f2fa:5a9b Note that instead of four numbers, there are eight, and they’re separated by colons rather than dots. And yes, they are all numbers. There are letters in there because IPv6 addresses are written in hexadecimal (Base 16) notation, which means 16 different symbols are required to uniquely represent Base 10 numbers 1-16. The ones used are numerals 0-9 plus letters A-F. Each of these numbers represents a 16-bit binary number, and the difference between these numbers and the 8-bit components of an IPv4 address is the main reason for IPv6’s existence. IPv4 addresses are 32-bit numbers, and the total number of possible addresses of that length is the 232 mentioned above—about 4.3 billion. That number that seemed sufficient in the early days of the internet, but began to loom as a potential crisis as internet-connected devices multiplied The anxiety that IPv4 addresses were going to run out is what drove the development of IPv6. . IPv6 addresses are 128-bit numbers, which means that there are 2128 possible addresses, a number that we’re not going to bother writing out because it’s 39 digits long, but it’s called 340 undecillion. In practice, IPv4 addresses are still widely used and not that hard to come by. This has to do with how IP addresses are assigned to network-connected devices and how private networks can be created with their own restricted set of IP addresses. How are IP addresses assigned? As the International Assigned Numbers Authority (IANA) puts it, “Both IPv4 and IPv6 addresses are generally assigned in a hierarchical manner,” and IANA is at the top of the hierarchy. IANA assigns blocks of IP addresses to regional internet registries (you can see which address ranges go with which regions here). The regional registries in turn assign smaller blocks to national registries, and so on down the line, with blocks eventually being assigned to individual internet service providers (ISP), which in this context include mobile phone companies. It’s the ISPs that assign specific IP addresses to individual devices, and there are a couple of ways they can do this. What’s the difference between static vs. dynamic IP addresses? A static IP address is one that’s been assigned by an ISP to a device and is guaranteed to remain constant. If your computer’s address is 45.48.241.198, it will stay that way as long as you want it to. Static IP addresses are important for devices that need to be easily found on the internet, like web servers or gaming servers. Generally speaking, an ISP will charge a customer extra for an assigned static IP address. From the perspective of the ISP, which has a limited number of IPv4 addresses to hand out, one downside of leasing a static address is that the address is unavailable to anyone else. But the huge majority of end users only need an address when they’re actually accessing the internet. For those users, ISPs assign dynamic IP addresses, basically handing out a new address to a device every time it connects to the network, and putting that address back into a pool of available addresses when the device disconnects. This technique helps conserve IP addresses. If an ISP has a million customers but only half are online at given time, the ISP doesn’t need a million addresses in its pool. For IPv4 networks, the process of assigning IP addresses dynamically is governed by the Dynamic Host Configuration Protocol, (DHCP), which, among other things, automates most of the process and ensures that no two devices are assigned the same address at the same time. IPv6 was designed to support stateless IP address autoconfiguration (SLAAC), in which a device itself essentially grabs an address from the available pool when it connects to the network. However, there’s also DHCPv6, an updated version of the DHCP protocol that keeps more control in the hands of network providers. What are public vs. private IP addresses? So far, we’ve been talking about IP addresses and potentially running out of them as if there were one set of addresses for the entire planet, with no repeats. But that’s not strictly true. In fact, it’s probably not true for most devices you use in a day-to-day basis and not all of the 4.3 billion IPv4 addresses are available to publicly connected devices. A typical home or corporate network connects to the public internet via a router, and it’s this router that’s assigned an IP address by the ISP. From the perspective of the outside world, all traffic from devices on that local network are coming from that public IP address; but inside the network, each device (including the router) has a local private IP address, usually assigned by the router via DHCP. These addresses are considered private because they’re only used for directing packets within the local, private network, and can’t be seen by anyone outside the network. As result, the same IP address can be used on an infinite number of private networks without causing confusion. In fact, there are blocks of IP addresses specifically set aside for use on these private networks. (For small home networks, addresses starting with 192.168 are quite common.) The job of the router is to alter the origin and destination IP addresses in each packet’s headers as needed as it passes between the private network and the public internet, a process known as network address translation, or NAT. There are several methods for doing this. One common way is to associate each device on the internal network with a network port that is listed in the packet header. That port information determines the final destinations of incoming packets that have all been addressed to the public-facing IP address assigned to the router. This discussion is specific to IPv4 addresses, and the boom in local networks has been in a big factor in staving off a total IPv4 address drought even as network-connected devices multiply in every home. IPv6 addresses, on the other hand, are so plentiful that it’s assumed that these kinds of private networks will be unnecessary after universal IPv6 adoption. However, if you want to set up a private internal IPv6 network that connects to the internet via IPv4, there are also private IPv6 address ranges you can use. What is my IP address? Since you’re reading this on a networked device, you might wonder what your own IP address is. There are many websites, such as whatismyipaddress.com, that will tell you. However, if, like most people, you have your device connected to a local network, the result you’ll get back from these sites is the public-facing IP address assigned to your router. To find your private IP address on your local network, you’ll need to dig into your device’s network settings. Lifehacker lays out the steps you’ll need to follow on Windows, macOS, iOS, and Android. Can someone else find out my IP address? If you’re surfing the web, you’re revealing your IP address to every website or service you visit—after all, they can’t send you data like the contents of a web page you’re visiting if they don’t know where to send it. Your IP address is stored (though not indefinitely) in the server logs of the websites you visit, and if you use interactive features of those sites, like posting a comment on a blog that includes identifying information, that IP address can be connected to you directly. However, those server logs aren’t public, and there are data protection laws that are intended to keep that information private. That said, an attacker who managed to breach a web server could get access to those logs relatively easily. If someone were trying to target you directly there are other techniques they could use to get your IP address, like tapping into your network router or managing to connect to your wireless network. (Email messages used to include the sender’s IP address in the header, though this is largely no longer the case now that web-based services like Gmail dominate the space.) What could someone do with your IP address? You might not think you’re worth a hacker’s effort for this kind of attack. But with more and more people taking their professional lives home to their non-professional-grade residential internet connection, we all need to be more wary. An attacker could use your IP address to send you personalized spam, execute a targeted DDoS attack, or spoof your address and masquerade as you as they conduct their nefarious activities. And because most public email addresses can help narrow someone’s location down to at least a city, an IP address can be part of an adversary’s OPSEC techniques as they attempt to piece together personally identifying information about you. How to hide your IP address with a VPN Your IP address can reveal a lot about you. It will tell anyone your approximate geographic location, for instance, and there are plenty of reasons that you might want to mask that. One way to do so is by using a virtual private network or VPN. A VPN service can establish an encrypted tunnel across the public internet from your device to a private network hosted by the VPN provider. It’s sort of like connecting to your home network, except the network router may be halfway across the world. To external sites, your IP address will be the one assigned to your VPN host. IP addresses may not offer much by way of privacy, but VPNs offer a clever way to get around that. VPN tunnels can also be created from the originating device and terminating on the destination device if each is equipped with compatible VPN software. Many enterprises support VPN gateways that create tunnels between themselves and remote devices that have compatible VPN software. What are subnetting and subnet masks? IP addresses are hierarchical. In general, the numbers to the left tell you what network the device with that IP address is on, whereas the numbers to the right identify the specific device. However, the Internet Protocol doesn’t define where the dividing line is. In addition, some of the bits in an address may be used to identify a subnetwork, or subnet. Routers determine what parts of an IP address refer to networks, subnets, and devices by use of a subnet mask. In IPv4, a network mask is an 8-bit number like a standard IP address, though with all of its ones on the left and all of its zeroes on the right; in essence, the dividing line between the ones and zeroes defines the divide within an IP address in the address space the subnet mask refers to. The nitty-gritty here is fairly detailed and involves binary bitwise operations. IPv6, subnetting is much simpler, and mostly involves just slicing digits off of addresses to denote a range of subnetted addresses. An important thing to keep in mind that is that subnet information isn’t contained in packet headers or known by the source and destination devices. Instead, it’s used by routers and other infrastructure that use the IP addresses into determine how to deliver packets to the right devices on the right physical networks. Through subnetting, for instance, a network admin could take a sequential block of IP addresses and distribute them across three separate physical subnetworks. The packet doesn’t need to know about those subnetworks; the router will use its lookup tables to figure out where to send the packet when the time comes. Related content how-to Compressing files using the zip command on Linux The zip command lets you compress files to preserve them or back them up, and you can require a password to extract the contents of a zip file. By Sandra Henry-Stocker May 13, 2024 4 mins Linux news High-bandwidth memory nearly sold out until 2026 While it might be tempting to blame Nvidia for the shortage of HBM, it’s not alone in driving high-performance computing and demand for the memory HPC requires. By Andy Patrizio May 13, 2024 3 mins CPUs and Processors High-Performance Computing Data Center opinion NSA, FBI warn of email spoofing threat Email spoofing is acknowledged by experts as a very credible threat. By Sandra Henry-Stocker May 13, 2024 3 mins Linux how-to Download our SASE and SSE enterprise buyer’s guide From the editors of Network World, this enterprise buyer’s guide helps network and security IT staff understand what Secure Access Service Edge (SASE) and Secure Service Edge) SSE can do for their organizations and how to choose the right solut By Neal Weinberg May 13, 2024 1 min SASE Remote Access Security Network Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe