Tuesday, August 7, 2007
Story of the Day-IP Addresses
IP adress
An IP address (Internet Protocol address) is a unique address that certain electronic devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP)—in simpler terms, a computer address. Any participating network device—including routers, computers, time-servers, printers, Internet fax machines, and some telephones—can have their own unique address.
An IP address can also be thought of as the equivalent of a street address or a phone number (compare: VoIP (voice over (the) internet protocol)) for a computer or other network device on the Internet. Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network. An IP address differs from other contact information, however, because the linkage of a user's IP address to his/her name is not publicly available information.
IP addresses can appear to be shared by multiple client devices either because they are part of a shared hosting web server environment or because a network address translator (NAT) or proxy server acts as an intermediary agent on behalf of its customers, in which case the real originating IP addresses might be hidden from the server receiving a request. A common practice is to have a NAT hide a large number of IP addresses, in the private address space defined by RFC 1918, an address block that cannot be routed on the public Internet. Only the "outside" interface(s) of the NAT need to have Internet-routable addresses.
Most commonly, the NAT device maps TCP or UDP port numbers on the outside to individual private addresses on the inside. Just as there may be site-specific extensions on a telephone number, the port numbers are site-specific extensions to an IP address.
IP addresses are managed and created by the Internet Assigned Numbers Authority (IANA). The IANA generally allocates super-blocks to Regional Internet Registries, who in turn allocate smaller blocks to Internet service providers and enterprises.
http://en.wikipedia.org/wiki/IP_address
IP address & IP location
http://www.ip-adress.com/
Anonymous surfing is easy with the IP Address Changer!
http://www.iprivacytools.com/
IP Address Tracking Program
http://aruljohn.com/track.pl
IP2Map
http://www.ip2map.com/
An identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the IP address of the destination. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 1.160.10.240 could be an IP address.
Within an isolated network, you can assign IP addresses at random as long as each one is unique. However, connecting a private network to the Internet requires using registered IP addresses (called Internet addresses) to avoid duplicates.
The four numbers in an IP address are used in different ways to identify a particular network and a host on that network. Four regional Internet registries -- ARIN, RIPE NCC, LACNIC and APNIC -- assign Internet addresses from the following three classes.
# Class A - supports 16 million hosts on each of 126 networks
# Class B - supports 65,000 hosts on each of 16,000 networks
# Class C - supports 254 hosts on each of 2 million networks
The number of unassigned Internet addresses is running out, so a new classless scheme called CIDR is gradually replacing the system based on classes A, B, and C and is tied to adoption of IPv6.
http://www.webopedia.com/TERM/I/IP_address.html
Understanding IP Addressing
http://www.webopedia.com/DidYouKnow/Internet/2002/IPaddressing.asp
Every computer that communicates over the Internet is assigned an IP address that uniquely identifies the device and distinguishes it from other computers on the Internet. An IP address consists of 32 bits, often shown as 4 octets of numbers from 0-255 represented in decimal form instead of binary form. For example, the IP address
168.212.226.204
in binary form is
10101000.11010100.11100010.11001100.
But it is easier for us to remember decimals than it is to remember binary numbers, so we use decimals to represent the IP addresses when describing them. However, the binary number is important because that will determine which class of network the IP address belongs to. An IP address consists of two parts, one identifying the network and one identifying the node, or host. The Class of the address determines which part belongs to the network address and which part belongs to the node address. All nodes on a given network share the same network prefix but must have a unique host number.
Class A Network -- binary address start with 0, therefore the decimal number can be anywhere from 1 to 126. The first 8 bits (the first octet) identify the network and the remaining 24 bits indicate the host within the network. An example of a Class A IP address is 102.168.212.226, where "102" identifies the network and "168.212.226" identifies the host on that network.
Class B Network -- binary addresses start with 10, therefore the decimal number can be anywhere from 128 to 191. (The number 127 is reserved for loopback and is used for internal testing on the local machine.) The first 16 bits (the first two octets) identify the network and the remaining 16 bits indicate the host within the network. An example of a Class B IP address is 168.212.226.204 where "168.212" identifies the network and "226.204" identifies the host on that network.
Class C Network -- binary addresses start with 110, therefore the decimal number can be anywhere from 192 to 223. The first 24 bits (the first three octets) identify the network and the remaining 8 bits indicate the host within the network. An example of a Class C IP address is 200.168.212.226 where "200.168.212" identifies the network and "226" identifies the host on that network.
Class D Network -- binary addresses start with 1110, therefore the decimal number can be anywhere from 224 to 239. Class D networks are used to support multicasting.
Class E Network -- binary addresses start with 1111, therefore the decimal number can be anywhere from 240 to 255. Class E networks are used for experimentation. They have never been documented or utilized in a standard way.
IP address shortage to limit Internet acces
http://www.usatoday.com/tech/webguide/internetlife/2007-08-03-ip-shortage_N.htm
Oakland, Calif. — The seemingly boundless Internet is running out of a key resource: new IP addresses.
IP addresses, which are somewhat like telephone numbers, allow machines in homes and offices to locate and communicate with one another over the global network. The evaporating supply of new addresses – which some estimates say could dry up in about three years – could drive up the price of Internet access as well as disrupt the growth and performance of the network, warn some experts.
Worried that opportunists will hoard addresses to speculatively sell them, the organization responsible for handing out addresses in North America announced Wednesday that it would try to regulate the emerging trade. And in recent months, Internet administrators have been more forcefully urging software vendors, Internet service providers (ISPs), and major content providers to transition to a new addressing system.
Because upgrading can take years, the time to act is now, some experts say. "I suspect we are actually beyond a reasonable time frame where there won't be some disruption. It's just a question of how much," says David Conrad, general manager for the Internet Assigned Numbers Authority (IANA), the top body that allocates IP addresses. "The largest impact to most people would be that there's no way out of paying higher prices for Internet service."
As the pool of new addresses shrinks, explains Mr. Conrad, organizations and companies with surplus addresses are likely to make them available – for a price. That cost will be passed along to consumers when they order Internet access.
Shortsighted programming
The reason for the problem stems from shortsighted programming, as was the case with the Y2K bug at the turn of the millennium. Addresses under the current standard, known as IPv4, are made up of four integers between 0 and 255. That allows for roughly 4.3 billion addresses – not enough to keep pace with expanding Internet access in India and China as well as the variety of devices going online.
Newer IPv6 addresses are made up of six integers instead of four, allowing trillions of trillions of new addresses.
Also similar to the Y2K transition, the amount of work involved is not trivial.
Randy Bush, a scientist based in Hawaii who helped a Japanese ISP become the first to make the switch, says it took the company several years of work as well as significant government incentives.
Few companies have followed suit. Less than 1% of Internet traffic uses IPv6. The reason: Consumers aren't clamoring for it, so there is no immediate, compelling business reason to upgrade.
"From the user's point of view, they wouldn't know if it was IPv6 or V8 juice. They just want their MTV," says Mr. Bush.
There's some disagreement about whether fewer available addresses will pose real problems. For years, people have predicted that IP addresses were close to running out, says Douglas Comer, an early developer of the Internet and a professor at Purdue University in West Lafayette, Ind. Various workarounds staved off shortages.
"There are lots of alternatives to just giving everybody their own IP address for every device, and those alternatives seem to be working pretty well," says Dr. Comer.
ISPs have found ways to use fewer IP addresses to service entry-level Web users – those who aren't interested in setting up their own website or sharing files. As these users desire more functionality, such as the ability to write a blog, services like Flickr or website hosts can meet their needs while still economizing on IPv4 space. The prevalence of service fees, he says, may eventually stimulate user demand for IPv6.
Conrad argues against this laissez faire approach because it curbs the democratic promise of the Internet in favor of a "retrograde" broadcast model with only a few producers and many consumers. He also worries that procrastination will force a rushed transition at the last moment, something that could mean more Internet congestion and greater cost to companies.
There's also concern that a shortage of addresses could stifle new technologies such as Web-enabled home appliances and cellphones.
Governmental involvement
Some experts are urging governments to step in as Japan did to provide monetary incentives, rather than waiting years for businesses to see a short-term rationale for upgrading to IPv6. Other governments, and the US Department of Defense, are now mandating contractors to upgrade.
While still a matter of considerable debate, one of the most widely cited projections on when the last new IP addresses will be allocated comes from Geoff Huston, a scientist with the Australian telecom Telstra. Currently, the IANA gives out IP addresses on the basis of demonstrated need. Those handouts will start running out in parts of the world in 2011, according to projections last month by Mr. Huston.
However, Huston says that doesn't factor in the IANA growing more stingy, nor does it factor in hoarding by those seeing the shortage of remaining addresses. Both those scenarios are likely, particularly a run on the bank, says Bill Woodcock, research director of the Packet Clearing House, an institute in San Francisco dealing with Internet development.
Internet addresses will soon run out
http://story.malaysiasun.com/index.php/ct/9/cid/3a8a80d6f705f8cc/id/270917/cs/1/
The internet is running out of a key resource: new Internet Protocol (IP) addresses.
IP addresses allow machines in homes and offices to locate and communicate with one another over the global network.
Experts are warning the dwindling supply of new addresses could drive up the price of internet access as well as disrupt its growth and performance.
The organisation responsible for handing out addresses in North America has announced it will try to regulate the addresses for fear that opportunists will speculate on the shortage.
As the pool of new addresses shrinks, organisations and companies with surplus addresses are likely to make them available; for a price.
That cost will be passed along to consumers when they order Internet access.
Addresses under the current standard, known as IPv4, are made up of four integers between 0 and 255, which only allows for 4.3 billion addresses; not even enough to keep pace with expanding Internet access in India and China
Newer IPv6 addresses, made up of six integers instead of four, will eventually be introduced.
A Looming Shortage Of IP Addresses
The Numerical Sequences, Which Allow Machines To Communicate, Could Run Out In Next Few Years
http://www.cbsnews.com/stories/2007/08/03/tech/main3131734.shtml
The seemingly boundless Internet is running out of a key resource: new IP addresses.
IP addresses, which are somewhat like telephone numbers, allow machines in homes and offices to locate and communicate with one another over the global network. The evaporating supply of new addresses — which some estimates say could dry up in about three years — could drive up the price of Internet access as well as disrupt the growth and performance of the network, warn some experts.
Worried that opportunists will hoard addresses to speculatively sell them, the organization responsible for handing out addresses in North America announced Wednesday that it would try to regulate the emerging trade. And in recent months, Internet administrators have been more forcefully urging software vendors, Internet service providers (ISPs), and major content providers to transition to a new addressing system.
Because upgrading can take years, the time to act is now, some experts say. "I suspect we are actually beyond a reasonable time frame where there won't be some disruption. It's just a question of how much," says David Conrad, general manager for the Internet Assigned Numbers Authority (IANA), the top body that allocates IP addresses. "The largest impact to most people would be that there's no way out of paying higher prices for Internet service."
As the pool of new addresses shrinks, explains Conrad, organizations and companies with surplus addresses are likely to make them available — for a price. That cost will be passed along to consumers when they order Internet access.
Shortsighted Programming
The reason for the problem stems from shortsighted programming, as was the case with the Y2K bug at the turn of the millennium. Addresses under the current standard, known as IPv4, are made up of four integers between 0 and 255. That allows for roughly 4.3 billion addresses — not enough to keep pace with expanding Internet access in India and China as well as the variety of devices going online.
Newer IPv6 addresses are made up of six integers instead of four, allowing trillions of trillions of new addresses.
Also similar to the Y2K transition, the amount of work involved is not trivial.
Randy Bush, a scientist based in Hawaii who helped a Japanese ISP become the first to make the switch, says it took the company several years of work as well as significant government incentives.
Few companies have followed suit. Less than 1 percent of Internet traffic uses IPv6. The reason: Consumers aren't clamoring for it, so there is no immediate, compelling business reason to upgrade.
"From the user's point of view, they wouldn't know if it was IPv6 or V8 juice. They just want their MTV," says Bush.
There's some disagreement about whether fewer available addresses will pose real problems. For years, people have predicted that IP addresses were close to running out, says Douglas Comer, an early developer of the Internet and a professor at Purdue University in West Lafayette, Ind. Various workarounds staved off shortages.
"There are lots of alternatives to just giving everybody their own IP address for every device, and those alternatives seem to be working pretty well," says Comer.
ISPs have found ways to use fewer IP addresses to service entry-level Web users — those who aren't interested in setting up their own Web site or sharing files. As these users desire more functionality, such as the ability to write a blog, services like Flickr or Web site hosts can meet their needs while still economizing on IPv4 space. The prevalence of service fees, he says, may eventually stimulate user demand for IPv6.
Conrad argues against this laissez faire approach because it curbs the democratic promise of the Internet in favor of a "retrograde" broadcast model with only a few producers and many consumers. He also worries that procrastination will force a rushed transition at the last moment, something that could mean more Internet congestion and greater cost to companies.
There's also concern that a shortage of addresses could stifle new technologies such as Web-enabled home appliances and cell phones.
Governmental Involvement
Some experts are urging governments to step in as Japan did to provide monetary incentives, rather than waiting years for businesses to see a short-term rationale for upgrading to IPv6. Other governments, and the U.S. Department of Defense, are now mandating contractors to upgrade.
While still a matter of considerable debate, one of the most widely cited projections on when the last new IP addresses will be allocated comes from Geoff Huston, a scientist with the Australian telecom Telstra. Currently, the IANA gives out IP addresses on the basis of demonstrated need. Those handouts will start running out in parts of the world in 2011, according to projections last month by Huston.
However, Huston says that doesn't factor in the IANA growing more stingy, nor does it factor in hoarding by those seeing the shortage of remaining addresses. Both those scenarios are likely, particularly a run on the bank, says Bill Woodcock, research director of the Packet Clearing House, an institute in San Francisco dealing with Internet development.
IP addresses will help police catch 'Obeeba' group members
http://www.cambridgetimes.ca/cam/news/news_844063.html
The majority of Facebook users' Internet protocol addresses are permanent and can be tracked, according to a technology crime unit sergeant with Waterloo Regional Police.
"That number is attached to your computer," said Sgt. Eugene Silva. "The number is left wherever you go (on the Internet)."
And the Internet protocol, or IP, addresses are what investigators will use to locate members of a Facebook group - called "Obeeba Sightings" - that made stalking and taking photos of a Cambridge woman the members' objective.
An investigation of more than 700 members is currently underway and the regional police service may have to "share the responsibility" with other police services to locate members because people around the world utilize the site, police spokesperson Olaf Heinzel said in a recent interview. Investigators are working to determine if criminal harassment or threatening charges should be laid in this investigation.
There are two types of IP addresses; one is called a static IP address, and the other is a dynamic IP address, said Silva, who has been with the technology crime unit since its creation in 2003.
The majority of at-home computer users will have dynamic IP addresses, which are typically the easiest to track.
An IP address typically looks like this: 102.168.212.226.
"When you connect yourself to the Internet with a service provider such as Rogers.com...people who log onto Facebook, who are going through an Internet service, their signature - their IP addresses - are left with Facebook.com," said Silva.
Businesses, he added, typically use static IP addresses, which can change within an hour on one computer.
But for the dynamic addresses, Silva said, "We could visit (the address source) again a year from now and it will still be there."
And websites like Facebook.com will keep those addresses on file, regardless of how long and with all the users' Internet service provider information.
Silva said it depends on the investigation and how many people are involved as to how long it takes to locate one computer.
"If there's enough grounds to obtain a warrant," he said, "then we will obtain a warrant."
And if there aren't enough grounds for a warrant, he said "there's nothing stopping us from talking to the person."
Silva also said that Facebook.com is being "very" co-operative in the investigation into the group.
"Facebook, and other social networking sites, are certainly law-enforcement friendly...there's enough obstacles as is."
He also said in this case it was interesting to see the contrast on the Internet between the group and a counter group that was formed.
"Technology has always been made for the greater good, but in this case there was a little bit of both."
FBI's Secret Spyware Tracks Down Teen Who Made Bomb Threats
http://www.wired.com/politics/law/news/2007/07/fbi_spyware
BI agents trying to track the source of e-mailed bomb threats against a Washington high school last month sent the suspect a secret surveillance program designed to surreptitiously monitor him and report back to a government server, according to an FBI affidavit obtained by Wired News.
The court filing offers the first public glimpse into the bureau's long-suspected spyware capability, in which the FBI adopts techniques more common to online criminals.
The software was sent to the owner of an anonymous MySpace profile linked to bomb threats against Timberline High School near Seattle. The code led the FBI to 15-year-old Josh Glazebrook, a student at the school, who on Monday pleaded guilty to making bomb threats, identity theft and felony harassment.
In an affidavit seeking a search warrant to use the software, filed last month in U.S. District Court in the Western District of Washington, FBI agent Norman Sanders describes the software as a "computer and internet protocol address verifier," or CIPAV.
Sanders wrote that the spyware program gathers a wide range of information, including the computer's IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer's registered owner and registered company name; the current logged-in user name and the last-visited URL.
The CIPAV then settles into a silent "pen register" mode, in which it lurks on the target computer and monitors its internet use, logging the IP address of every computer to which the machine connects for up to 60 days.
Under a ruling this month by the 9th U.S. Circuit Court of Appeals, such surveillance -- which does not capture the content of the communications -- can be conducted without a wiretap warrant, because internet users have no "reasonable expectation of privacy" in the data when using the internet.
According to the affidavit, the CIPAV sends all the data it collects to a central FBI server located somewhere in eastern Virginia. The server's precise location wasn't specified, but previous FBI internet surveillance technology -- notably its Carnivore packet-sniffing hardware -- was developed and run out of the bureau's technology laboratory at the FBI Academy in Quantico, Virginia.
The FBI's national office referred an inquiry about the CIPAV to a spokeswoman for the FBI Laboratory in Quantico, who declined to comment on the technology.
The FBI has been known to use PC-spying technology since at least 1999, when a court ruled the bureau could break into reputed mobster Nicodemo Scarfo's office to plant a covert keystroke logger on his computer. But it wasn't until 2001 that the FBI's plans to use hacker-style computer-intrusion techniques emerged in a report by MSNBC.com. The report described an FBI program called "Magic Lantern" that uses deceptive e-mail attachments and operating-system vulnerabilities to infiltrate a target system. The FBI later confirmed the program, and called it a "workbench project" that had not been deployed.
No cases have been publicly linked to such a capability until now, says David Sobel, a Washington, D.C., attorney with the Electronic Frontier Foundation. "It might just be that the defense lawyers are not sufficiently sophisticated to have their ears perk up when this methodology is revealed in a prosecution," says Sobel. "I think it's safe to say the use of such a technique raises novel and unresolved legal issues."
The June affidavit doesn't reveal whether the CIPAV can be configured to monitor keystrokes, or to allow the FBI real-time access to the computer's hard drive, like typical Trojan malware used by computer criminals. It notes that the "commands, processes, capabilities and ... configuration" of the CIPAV is "classified as a law enforcement sensitive investigative technique, the disclosure of which would likely jeopardize other ongoing investigations and/or future use of the technique."
The document is also silent as to how the spyware infiltrates the target's computer. In the Washington case, the FBI delivered the program through MySpace's messaging system, which allows HTML and embedded images. The FBI might have simply tricked the suspect into downloading and opening an executable file, says Roger Thompson, CTO of security vendor Exploit Prevention Labs. But the bureau could also have exploited one of the legion of web browser vulnerabilities discovered by computer-security researchers and cybercrooks -- or even used one of its own.
"It's quite possible the FBI knows about vulnerabilities that have not been disclosed to the rest of the world," says Thompson. "If they had discovered one, they would not have disclosed it, and that would be a great way to get stuff on people's computer. Then I guess they can bug whoever they want."
The FBI's 2008 budget request hints at the bureau's efforts in the hacking arena, including $220,000 sought to "purchase highly specialized equipment and technical tools used for covert (and) overt search and seizure forensic operations.… This funding will allow the technology challenges (sic) including bypass, defeat or compromise of computer systems."
With the FBI in the business of hacking, security companies are in a tight place. Thompson's LinkScanner product, for example, scans web pages for security exploits, and warns the customer if one is found. How would his company respond if the FBI asked him to turn a blind eye to CIPAV? He says he's never fielded such a request. "That would put us in a very difficult position," Thompson says. "I don't know what I'd say."
The Washington case unfolded May 30, when a handwritten bomb threat prompted the evacuation of Timberline High School in Lacey, Washington. No bomb was found.
On June 4, a second bomb threat was e-mailed to the school from a Gmail account that had been newly created under the name of an innocent student. "I will be blowing up your school Monday, June 4, 2007," the message read. "There are 4 bombs planted throughout Timberline high school. One in the math hall, library hall, main office and one portable. The bombs will go off in 5 minute intervals at 9:15 AM."
In addition, the message promised, "The e-mail server of your district will be offline starting at 8:45 am."
The author made good on the latter threat, and a denial-of-service attack smacked the North Thurston Public Schools computer network, generating a relatively modest 1 million packets an hour. Responding to the bomb threat, school administrators ordered an evacuation of the high school, but, once again, no explosives were found.
That began a bizarre cat-and-mouse game between law enforcement and school officials and the ersatz cyberterrorist, who e-mailed a new hoax bomb threat every day for several days, each triggering a new evacuation. Each threat used the same pseudonym, but was sent from a different, newly created Gmail account to complicate tracing efforts.
On June 7, the hoaxer started issuing threats through other online mediums. In his most brazen move, he set up a MySpace profile called Timberlinebombinfo and sent friend requests to 33 classmates.
The whole time he was daring law enforcement officials to trace him. "The e-mail was sent over a newly made Gmail account, from overseas in a foreign country," he wrote in one message. "Seeing as you're too stupid to trace the e-mail back lets (sic) get serious," he taunted in another. "Maybe you should hire Bill Gates to tell you that it is coming from Italy. HAHAHA. Oh wait. I already told you that it's coming from Italy."
As promised, attempts to trace the hoaxer dead-ended at a hacked server in Grumello del Monte, Italy. The FBI's Seattle Division contacted the FBI legal attaché in Rome, who provided an official request to the Italian national police for assistance. But on June 12, perhaps fed up with the mocking, the FBI applied for and obtained a search warrant authorizing the bureau to send the CIPAV to the Timberlinebombinfo MySpace profile.
Court documents reveal the search warrant was "executed" June 13 at 5:49 p.m. Though the CIPAV provided a wealth of information, Glazebrook's IP address would have been enough to guide the FBI to the teen's front door.
John Sinclair, Glazebrook's attorney, says his client never intended to blow anything up -- "it was a prank from the get-go" -- but admits he hacked into computers in Italy to launder his activities, and that he launched the denial-of-service attack against the school district's network.
Glazebrook was sentenced Monday to 90 days in custody, and given credit for 32 days he's spent behind bars since his arrest. When he's released he'll be on two years' probation with internet and computer restrictions, and he's been expelled from high school. The teen is being held at the Thurston County Juvenile Detention Center, where he will serve out his sentence, says Sinclair.
Sinclair says he was told that the FBI had tracked down his client in response to a request from local police -- but that he didn't know exactly how the bureau did it. "The prosecutor made it clear that they wouldn't indicate how this device works or how they do it," says Sinclair. "For obvious reasons."
Larry Carr, a spokesman with the FBI's Seattle field office, couldn't confirm that the CIPAV is the same software previously known as Magic Lantern, but emphasized that the bureau's technological capabilities have grown since the 2001 report. The case shows that FBI scientists are equipped to handle internet threats, says Carr.
"It sends a message that, if you're going to try and do stuff like this online, that we have the ability to track individuals' movements online and bring the case to resolution."
Trace Any IP Address
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment