So I'm totally computer illiterate. But I'm trying to learn about IP addresses. What are they? What purpose to they serve?

I bring my laptop everywhere with me and connect via wireless. Does my IP address change every time I log into the net from a different location???

they are an ID number for a comp (or router etc) on a network. You mean your IPa of your ISP I presume. If you log in via different wifi point then yes it changes since your comp is connecting via different ISP.

2 types of ISP IPa assignments, static that doesn't change (like always on dsl) and dynamic which does change even from same location (like pppoe, connect on demand internet services).

Your comp has an address of it's own to id it on a network, for instance 192.168.0.1 but if you have more than one comp on your network etc it can vary. Eg my comp is 192.168.1.1, my wifes comp on my lan is 192.168.1.2, my bro's laptop when he connects on my network is 192.168.1.3 and my router is 192.168.1.254. My router then connects to my ISP which has an IPa of it's own assigned by your provider (static or dynamic depends on your isp). When people say IP they usually mean IPa of ISP since this is unique to you (at a given time in case of dynamically assigned by ISP). Another example would be 64.15.152.17 (think that's sciforums).

How do I find out what my IP address is?

WhatIsMyIP.com

Go to google and type in "shields up".

How do I find out what my IP address is?

Win2000 or later

start-run-"cmd" - "ipconfig"

WhatIsMyIP.com

Oh cool, more info about it there too 'eh! Thanks :D

Win2000 or later

start-run-"cmd" - "ipconfig"

So whats the "Subnet Mask"

and

"Default Gateway"?

Also, this gives me a different IP address than this site: http://whatismyip.com/

if you think that was fun then check this out:

Shields up!
https://www.grc.com

If you have a network type ipconfig/all and it will give you all the ipa on the network as well as your comp and gateway (what you connect to internet through).

You can hide your IPa from a lot of places you visit by using proxies/tor networks. It's semi transparent though so it's not completely anonymous and it can be a little slower. Also it's not recommended to visit secure pages like net banking through proxies since your data isn't so secure that way so turn off for that (cut out middle man so to speak).

So whats the "Subnet Mask"

and

"Default Gateway"?

Also, this gives me a different IP address than this site: http://whatismyip.com/

Yup - you got a home "router"?

Gateway is the ip of that router.

The IP is different, because you are NAT'd(Network Address Translation) out - either by your home router and probably again by your ISP. They don't give out full IPs anymore unless you hand them a pile of money. Eventually they pass on a "real" Class A IP address, to all the other devices on the "net" and this is the address things like that webpage pickup.

Well at home I just pick up some random wireless connection that someone has in y neighborhood. So I'm not even sure if they have a router or what the hell is going on.

Right now for example, I'm at work, and again, I think there is just a wireless thingy somewhere in the building.

Yeah I'm just going to sound stupider and stupider as this thread goes on :(

hehehe naughty boy skaught. Why aren't they passworded? Saying that can find most wifi point using netstumbler to find an unsecured point or aircrack to get into a passworded one (wpa and wep). Harder if it's wpa2 mixed with mac address filtering on and they run snort or wireshark etc as can see you even if you did get in.

Well at home I just pick up some random wireless connection that someone has in y neighborhood. So I'm not even sure if they have a router or what the hell is going on.

Right now for example, I'm at work, and again, I think there is just a wireless thingy somewhere in the building.

Yeah I'm just going to sound stupider and stupider as this thread goes on :(

You are Shorty's internet twin - wireless router = magic box.

Amazing. I wish I could just bumble along through life like that, Gonzo style. I can see why you like Thompson so much.

You are Shorty's internet twin - wireless router = magic box.

Amazing. I wish I could just bumble along through life like that, Gonzo style. I can see why you like Thompson so much.

:D Heh... Yeah, I used to keep up on computer technology, but as of about 1998, I lost touch :bawl:

Simple definitions:

IP Number: This is an internet 'address', which is used to route data about. On every packet, there is a 'source' and 'destination' address. Nodes on the Internet know which way to switch packets based on a table they have. Smaller routers learn this table themselves, by looking at the 'source' IP of packets that flow through it. Because a connection is not possible without a valid 'source' IP, this information cannot be faked and is the reason 'hackers' require compromosied machines to operate from.

Subnet mask: There are some special 'ranges' of IPs that are not actualy used on the internet. They are reserved for local area networks (LANs). The subnet mask says what portion of the IP range will be used. So a mask of 255.255.255.0 means that only the last byte is 'changeable'.

Default Gateway: You have to tell your computer the IP address of the device that connects you to the Internet.

A good book to get hold of is SAMS teach yourself TCP/IP in 24 hours (http://www.amazon.co.uk/Sams-Teach-Yourself-TCP-Hours/dp/0672325659). It gives you al this an a lot more on the protocols used.

A good book to get hold of is SAMS teach yourself TCP/IP in 24 hours (http://www.amazon.co.uk/Sams-Teach-Yourself-TCP-Hours/dp/0672325659). It gives you al this an a lot more on the protocols used.

Thanks for the recommend. Sounds like a gripping read!

they are an ID number for a comp (or router etc) on a network. You mean your IPa of your ISP I presume. If you log in via different wifi point then yes it changes since your comp is connecting via different ISP.

2 types of ISP IPa assignments, static that doesn't change (like always on dsl) and dynamic which does change even from same location (like pppoe, connect on demand internet services).

Your comp has an address of it's own to id it on a network, for instance 192.168.0.1 but if you have more than one comp on your network etc it can vary. Eg my comp is 192.168.1.1, my wifes comp on my lan is 192.168.1.2, my bro's laptop when he connects on my network is 192.168.1.3 and my router is 192.168.1.254. My router then connects to my ISP which has an IPa of it's own assigned by your provider (static or dynamic depends on your isp). When people say IP they usually mean IPa of ISP since this is unique to you (at a given time in case of dynamically assigned by ISP). Another example would be 64.15.152.17 (think that's sciforums).

you are pretty close here...

there is a unique(to the degree that anything man made can be) number for every network interface on the planet... this includes ethernet, even token ring, token bus and older technologies...

it is a 48 bit hexadecimal number that is 'burned' into every network interface... that makes it uniquely addressable as a destination... this is the MAC(Machine Access Code) address...

to bond this layer 2 'address' or 'name', with a layer 3 address so packets can be routed, recursively resolved for name resolution, and encoded and stripped in an orderly fashion to transmit data in a useful fashion... there is a layer 3 'address' or 'name' commonly called and IP(Internet Protocol) address... it is a 32 bit binary number... in the case of IPV4, which is still the lion's share of the internet address scheme, IPV6 is another animal entirely, i'm also certified in IPV6 but we'll avoid that discussion...

in the case of this fellow's network numbers mentioned above -fe 192.168.0.1 - these are reserved private numbers that cannot be used for exposure o the internet, they are not valid IP numbers, they are reserved as "private" by the IEEE stipulations... though they cannot 'talk' to the internet, they can be used for LAN, or private, networks... and then the router that assigned those private numbers to a PC via a thing known as DHCP(Dynamic Host Configuration Protocol) can do a thing called NAT(Network Address Translation) and send packets our on the internet and receive them back, reverse the NAT, and route those packets to the MAC address on the LAN...

the 'real' IP address is given to the DSL, cable, satellite, etc. router or modem via DHCP by the ISP... this makes the entry point to the LAN a valid node on the ISP WAN and the internet...

your IP address is assigned via DHCP in almost all cases these days... if you are in a motel, you 'hop' on a WAP point, etc... DHCP assigned...

the subnet mask is used to mathematically discern, or clarify maybe, the nature of a given IP address... there are two main parts... the 'host' part of the IP address, and the 'network' part of the IP address... the subnet reveals these... also the broadcast and network numbers, just to be thorough, they need not be addressed here...

a gateway is the closet actual 'hop' or device, connecting a given system to the NEXT network... be that the next LAN, or the ISP WAN, or the internet iitself(in truth where the 'internet' actually begins is a fuzzy concept when you get down to it)...

to configure a system properly in IPV4 you need an IP address(dynamically or manually assigned), a subnet mask(also dynamic or manual), and a gateway(or - just how the hell do i get out of here number)...

the need not be real, they can all be private, until the last 'hop' or gateway that actually departs to the internet...

IP math is fascinating stuff... to take an address and determine it's class, it's subnet mask, and VLSM(Variable Length Subnet Mask) makes that much more interesting... almost everyone uses VLSM these days as the IP address pool is tight... most numbers are used out of the IPV4 address space and there's only 32 bits of possibilities there after all... IPV6 is a 128 bit address space... more room to move around a bit, and much more sophisticated also...

this is a decent link to look over this stuff if you are interested... Link... (http://articles.techrepublic.com.com/5100-10878_11-6089187.html)

if you want to really understand this stuff... i would recommend 'TCP/IP Network Administration' by O'Reilly publishing... Link to the book... (http://www.amazon.com/TCP-Network-Administration-OReilly-Networking/dp/0596002971) that is still the best book in print on this topic... (beyond Cisco and SUN certification study materials...)

So whats the "Subnet Mask"

and

"Default Gateway"?

Also, this gives me a different IP address than this site: http://whatismyip.com/

Determining network and host portions of an IP address using a subnet mask
To determine what the network address is for any given IP address, you merely have to convert both octal addresses into binary, and do a bitwise AND operation. An example using an IP address of 156.154.81.56 used with a network mask of 255.255.255.240 follows:

IP Address: 10011100.10011010.01010001.00111000
Subnet mask: 11111111.11111111.11111111.11110000
Bitwise AND -----------------------------------------------
Result: 10011100.10011010.01010001.00110000

As you can see, the network address for the IP address and subnet mask in question is 156.154.81.48. To determine the how many hosts are possible to be on this same subnet, it is a simple operation. Count the number of bits from the right until you get to the first "1" in the binary network address display. That number will be the power you raise 2 to for the calculation of possible number of hosts. You must also subtract two from the result because one address is reserved for broadcast and network addresses. This leaves you with the final algorithm of 2^n-2. In this case there are 4 bits of 0 in the network address, leaving you with 2^4-2 hosts possible, or 14 hosts. This means that your network address is 156.54.81.48, that you have a range of addresses available to hosts from 156.154.81.49 - 156.154.81.62, and that the broadcast address for this network is 156.154.81.63.

Are subnet masks necessary?
Subnet masks are critical to communications on an IP network. Network devices use the IP address targets and defined netmask to determine if the network the host is on is a local subnet, or a remote network. This is important because devices act differently depending on the result. If the subnet is local, the device will send an ARP request to retrieve the MAC or hardware address of the system in question to communicate over the data-link layer. If the address is found to be on a remote network, then the network device routes packets to the gateway in it's routing table that is set to handle that network. If no routing table entry is found matching that network, the packets are routed to the default route. If no default route is defined, the packets are dropped with nowhere left to go.

I will check that out Dr Mabuse I like the sound of it. Not really big on networking but I enjoy most aspects of comps so sounds like interesting reading (and I have run out of books to read, I read a lot and fast).

What's the main deal with IPV6, all I know is IPv6 is 128 bit IPv4 is 32bit long so more address space. I have support turned off at moment and build everything to use IPV4 (slackware box). I heard a lot on forums about it causing problems, due to apps being buggy (as opposed to the protocol being poor which it isn't) and never heard of any real benefit for me so never looked into it since.

Only things I have read of (on linux forums) is things like security through ipsec integration but setting that up looks like a pain (especially on slack) and I don't have a clue there and as far as security goes am happy with hardware firewall and software firewall combo and the like (H fw is router and wifi box with wpa2mixed enc with mac filtering, everything behind NAT apart from mail server is allowed through sometimes in exceptions rules, only connections allowed are filtered by mac address and ports filtered or closed etc) and only bin/bash local login allowed. If here was a simple way of increasing it though I would love to.

My question is there anything that makes it worth enabling (some apps need building again to enable).

How do I find out what my IP address is?

If you're on a Windows machine, click Start/Run and enter "cmd."

Once you're in the command prompt type in "ipconfig."

That will give you your computer's IP address. That, however, is different from what the Internet might perceive your IP address to be. If you use a router to connect to the Internet, as far as the Internet is concerned, the IP address of your router is your IP address. Once the packets you've got from the web site arrive back to your router, the packet is then resolved by the router into your computer's true internal IP address. That translation between internal/external IP addresses is called network address translation (NAT).

The "ipconfig" gives you your computer's true internal IP address. Sites like What Is My IP Address.com tell you your router's IP address if you use one.

I will check that out Dr Mabuse I like the sound of it. Not really big on networking but I enjoy most aspects of comps so sounds like interesting reading (and I have run out of books to read, I read a lot and fast).

What's the main deal with IPV6, all I know is IPv6 is 128 bit IPv4 is 32bit long so more address space. I have support turned off at moment and build everything to use IPV4 (slackware box). I heard a lot on forums about it causing problems, due to apps being buggy (as opposed to the protocol being poor which it isn't) and never heard of any real benefit for me so never looked into it since.

Only things I have read of (on linux forums) is things like security through ipsec integration but setting that up looks like a pain (especially on slack) and I don't have a clue there and as far as security goes am happy with hardware firewall and software firewall combo and the like (H fw is router and wifi box with wpa2mixed enc with mac filtering, everything behind NAT apart from mail server is allowed through sometimes in exceptions rules, only connections allowed are filtered by mac address and ports filtered or closed etc) and only bin/bash local login allowed. If here was a simple way of increasing it though I would love to.

My question is there anything that makes it worth enabling (some apps need building again to enable).

no need to run IPV6 now...

it is far more sophisticated and secure, just inherent in the protocol... true(not simulated) multicast and anycast... too many features to list... but it won't enhance your security until IPV6 is implemented on the 'net...

there is no reason to run it now... all the IP specialists will have to go back to school when the actual rollout starts...

What do you do if you detect an IP address which connects: Clear to Australia, then back through New Zealand, off to Amsterdam??? (More specifically, what if you get a program that allows you to block whatever IP from remotely accessing your computer and for some reason the computer still can't block it?) Hmmm Some fat kid in a third world country messing around no doubt. RRrrrrrrr

What do you do if you detect an IP address which connects: Clear to Australia, then back through New Zealand, off to Amsterdam??? (More specifically, what if you get a program that allows you to block whatever IP from remotely accessing your computer and for some reason the computer still can't block it?) Hmmm Some fat kid in a third world country messing around no doubt. RRrrrrrrr

You wouldn't detect an IP address in all those locations, you might however detect Proxy networks that pass on from one to the other. Some of these proxies do actually have protocols that allow the IP address being proxied to be identified, others are obviously more anonymous.

Remotely accessing a computer requires that the computer runs a server, be this an operating system process, a third-party application or a trojan. The simplest thing to do to deal with someone attempting accesses is to identify what ports they are attempting to connect on, what protocols they are attempting to use and locking down all processes that allow remote access.
(this is said in both the Linux and Windows environments, only run what you use as anything else elevates your security risk.)

Obviously you can't stop them attempting to connect to your IP, that would have to be dealt with by your ISP if you have a static IP address assigned... If your IP address is Dynamically assigned through a DCHP, then all you need to do is either shutdown your modem for 20 minutes, or reclone a MAC address different from what you've been using before rebooting the modem. (This forces an IP address change since the record refers to a MAC address, altering it means creating a new record, thus gaining a newly assigned IP Address)

it's usually rare for one person to try and access it for no reason all the time. Even script kiddies wouldn't bother continually accessing a box for nothing.

How have you worked this out and IDd where they connecting from? What program to block them (killing the service and firewall/updated services should be fine)? What are they exploiting to get in? How have you IDd where they are accessing from? Sounds odd to me.

What do you do if you detect an IP address which connects: Clear to Australia, then back through New Zealand, off to Amsterdam??? (More specifically, what if you get a program that allows you to block whatever IP from remotely accessing your computer and for some reason the computer still can't block it?) Hmmm Some fat kid in a third world country messing around no doubt. RRrrrrrrr

ok... let's define terms... you say "detect an IP"... be painfully specific as to what you mean by that...

you say it "connects"... again be painfully specific as to what you mean by this... i assume this is rooted in, or based on, what you mean by 'detect'...

you mention a "program that allows you to block whatever IP from remotely accessing your computer"... be very specific on what you mean by that...

finally you say "and for some reason the computer still can't block it?"... ok i understand these terms you are using are building on each other... but what exactly do you mean by this?...

based on nothing more than the very nebulous description you give now... i would suspect the system you are referring to is contacting the outside world via malware, and doing so from a list of servers in the malware itself... the connections are initiated by software running on your computer... not from any outside intruder...

or i suppose you may actually be owned, or a rooted system, along the lines of a botnet slave or zombie PC... but i seriously doubt you would be able to detect that if it were so... so it's much less likely...

but until you clarify what you mean by these terms you use... and HOW you came to the conclusions you are posting... i can only guess blindly...