In the modern world, every device has its own IP address. it serves as a defining point in the network space. Generalized and important information about the IP address is the basis of system administration. Basic knowledge in this area is necessary for the simplest configuration of networks in different environments.
This review contains information about the purpose and structure of the IP address, as well as about security in IP networks, the main threats and the most reliable methods of protection against them.
What is an IP address?
IP address (Internet Protocol) – a digital identifier that is assigned to each device operating on the basis of the TCP/IP protocol stack in a public or local network. The existence of the Internet or any internal IP network is impossible without an IP address.
IP address structure
Below, we will consider the structure of the IP address using the example of the Internet protocol IPv4.
An IPv4 IP address has a 32-bit (4 bytes) structure. It is divided into 4 parts, which are called an octet (each of the parts consists of 8 bits (1 byte). Each bit of the IP address is a digit of the binary system.
Example of an address (IPv4) in binary form: 11000000.10101000.00110010.00000001.
When converting an octet from binary to decimal, one value is obtained (a number from 0 to 255).
IP address in decimal form: 192.168.50.1.
Subnet Mask
Subnet mask is a 32-bit string divided into 4 octets. Using a subnet mask, devices distinguish parts of an IP address. Each octet of the IP address is correlated to the octet of the subnet mask when establishing a connection.
In a standard home network, the subnet mask has the default format: 255.255.255.0.
In this example, the IP address mask is represented in decimal form and contains the following numbers:
- "255" – responsible for network identification.
- "0" – responsible for specifying the destination node.
IP address classes
Class A. The initial octet is responsible for identifying the network. It allows for 127 unique networks. The highest bit in these addresses is always 0. The remaining 3 octets are used to denote nodes (the maximum number of nodes is 17 million for each network).
Class B. It is possible to create 16384 networks (65,000 nodes can be placed on each network). The first two octets refer to the network ID. The last two octets refer to the node ID. The first bits of the IP address are 10.
Class C. The first three octets are responsible for identifying the network (they allow the creation of 2 million networks). The initial bits of the IP address are 110. The last octet is used to identify nodes (the maximum number of nodes is 254 per network).
Class D. In such networks, the broadcast distribution of messages to several nodes is used. The IP address record starts with bits 1110.
Class E. The first bits are always 11110. IP addresses are reserved for future use.
The IP address in the class architecture of network addressing includes two parts:
- Node ID – responsible for the designation of the node (router, server or another TCP/IP device).
- Network ID identifies the network containing the connected nodes.
TCP/IP
TCP/IP is a model consisting of a stack of protocols necessary for data transmission over the network (the main protocols are TCP and IP, but there is a wide range of other options). Any network with IP addressing is built on the basis of TCP/IP.
TCP/IP Levels:
- Physical. At this level, physical data transfer is carried out using Ethernet or WI-FI protocols.
- Network (Internet). Routing (the movement of packages between devices) is carried out here. Besides, at this level is the IP address system. The network layer combines protocols: IP, ICMP, IGMP.
-
Transport. Here are the protocols that perform data transfer:
-
TCP – by pre-establishing a connection to the network, this protocol ensures the guaranteed information transfer.
-
UDP – sends messages without performing a "handshake". On the one hand, this increases the data transfer rate, on the other hand – creates the risk of losing individual packages.
-
- Application. Combines all high-level protocols interacting with system applications (including SNMP, Telnet, SMTP, FTP).
Network location of IP addresses
External or public IP addresses are unique IP addresses that are assigned by certain organizations. A device with an external IP address is visible to other users on the Internet. External IP addresses are required to access the Internet, as well as establish interaction with other nodes through a public network.
Gray or internal IP addresses are private IP addresses that are assigned to devices on the local network (they are not visible on the Internet). All devices connected, for example, to a Wi-FI router are combined into one network (they all have gray IP addresses).
| Public IP addresses | Private IP addresses |
| Paid. | Free. |
| Assigned by the Internet provider. | Assigned by the router to a specific device. |
| Global (external) level | Local (internal) level |
| Can be found out by a search query like: "What is my IP". | Can be found in the internal settings of the device. |
| They are used for Internet connections outside of a private network. | They are used to communicate with other devices on a private network. |
| It is a unique numeric code (this code is not used by other devices). | It is not a unique numeric code (this code can be used on other private networks by other devices). |
| Any number that is not in the range of private IP addresses can be used. |
10.0.0.0 — 10.255.255.255 172.16.0.0 — 172.31.255.255 192.168.0.0 — 192.168.255.255 |
| Example: 8.8.8.8. | Example: 10.11.12.13 |
Assigning IP addresses
Static assignment
Access to devices that should be made at a single address is carried out using a Static IP address. The static IP address is assigned manually. It does not change when reconnecting to the network.
Dynamic assignment
Next, we will consider DHCP (Dynamic Host Configuration Protocol). All TCP/IP stack parameters are automatically set on the device when it is connected to the network via this protocol. A dynamic IP address is assigned to the node. When reconnecting the device, the assigned IP address changes to another one. The range of IP addresses is specified on the DHCP server.
IP Versions
IPv4
The first Internet Protocol (IP) IPv4 standard was developed in September 1981. Ipv4 IP address has the form: 192.168.50.1. The IPv4 protocol marked the beginning of the modern Internet.
IPv6
IPv6 format appeared in 1995. The reason for its development was the likelihood of a shortage of addresses for all networks and nodes. IPv6 parameters:
- hexadecimal system,
- the length of an IP address is 128 bits,
- the IP address consists of 16 octets separated by colons.
In its full form, the IPv6 record looks like: 2001:0bd7:0ccf:0006:0000:0000:012f:002d.
Abbreviated form of IPv6: 2001:bd7:ccf:12f:2d.
IPv6 Improvement
It should be noted that this protocol is developing relatively slowly. In 2008, the protocol was successfully tested, and then the first internal implementation took place. IPv6 was launched on June 6, 2012.
By 2020, the share of IPv6 traffic was 30% worldwide. The reason for this was the new technologies offered by providers to their users. The additional costs of replacing providers' equipment with newer ones slows down the IPv6 implementation process.
DNS and IP address
The Domain Name System (DNS) converts the literal values of a domain name into digits of an IP address. For example, to get to the Google search engine site, in the address bar you can specify the domain name "google.com" and that will be enough.
This redirection is performed by the DNS server, whose work is based on information from DNS records.
How to find out the IP address
Using the search query "What is my IP", you can determine the IP address of the device used. More detailed information about the user is provided by services such as Whoer, 2ip, WhiteWhois and many others that pre-check the IP address identifier.
As for the local network, here the address of the device is specified in the operating system settings. You can determine such an IP address in the following ways:
-
Unix/Linux – using the
ifconfigcommand. - iOS – via "Settings". "Wi-Fi" → click the information icon "i" → information in the "DHCP" tab.
-
Windows – via the command line (search →
cmd→ in the window, registeripconfig). - MacOS – "System Settings" → "Network".
- Android – "Settings" → "About phone" → "General Information".
Anonymity and security
User identification by IP
Among many users, there is an assumption that a person can be tracked down by finding out his external IP address. However, it is much more complicated. Only state security agencies can access such personal data, which is securely stored by the provider. Knowing the IP address only makes it possible to determine the approximate geolocation of the user (country and city).
Network device attack
The IP address of the device can be detected and scanned by a hacker for potential security holes (firewalls with weak protection). External ports of the device can also be monitored for vulnerabilities using RDP, SSH, VNC, HTTP programs.
Attacks of network devices are possible over the Internet and a local network. In this case, sometimes using DHCP can help (since the IP address changes when reconnecting, this forces the hacker to search for the IP again and launch an attack).
Fixing the activity by the provider
Network traffic is analyzed by the Internet provider, which takes the place of an intermediary in this algorithm. Such traffic analysis is performed in cases when requests are received from the security agencies. Data transmitted via unencrypted protocols (for example, HTTP, FTP) is analyzed quickly and easily. Using secure options (SSH, HTTPS, SFTP) allows transmitting information only about the address or domain of the destination server.
Methods to protect an IP address
The IP address can be hidden by proxies, TOR networks or VPN. Their use anonymizes the user's activity on the network, which is protection against the threats discussed earlier.
The principle of operation of the TOR network is that user traffic is redirected through several intermediary servers and after that goes to the Internet. Due to the fact that the user's public IP address is constantly changing, it is impossible to track traffic. To get started with the TOR network, you need to download the official Tor Browser, an important feature of which is that it blocks identifying trackers of Internet resources.
Proxy and VPN work by a similar analogy. It is worth noting that VPN technology is considered the best option for ensuring connection security, since unlike a proxy, it encrypts data on the way from the user to the intermediary server.
How to change the IP address
Local Network
The IP address is changed through the operating system settings. Next, using the example of Linux and Windows operating systems, we will consider two ways to change the network identifier.
Linux
Using the ifconfig console command, you need to view the list of connected network interfaces.
After this, you need to select the network interface and remember its name. To assign another IP address, you should enter the following command:
sudo ifconfig eth0 192.168.0.1 netmask 255.255.255.0
-
eth0– name of the network interface; -
168.0.1– assigned IP address; -
255.255.0– subnet mask.
Windows
First you need to open the "Control Panel" and go to the path: "Network and Sharing Center" → "Change adapter settings".
By going to the properties of the required network interface, a window will appear in front of you in which you need to open the properties of the component "Internet Protocol version 4 (TCP/IPv4)". The last step is to assign a static IP address in the "General" section, entering all the necessary information.
Global Network
To change the network ID, it will be enough to restart the router, since many providers use dynamic IP address assignment.
If an external IP is assigned, then you should use:
- Proxy,
- VPN.
In extreme cases, you can contact the provider by making a request to the IP address at the nearest branch or by calling the hotline phone number.
Conclusion
Every system administrator should know the most common and important information about IP addressing, which is the basis of the Internet and any IP/TCP network. This knowledge is necessary for building networks in both home and corporate environments.
To prevent an attacker from gaining access to personal information, it is always necessary to keep in mind the security of the network and its reliable configuration.
Specialists of our company are ready to help you purchase the server and select the necessary server configuration for any required task.
