At least 261 people now know exactly what IP addresses are: they're used by entertainment industry bottom feeders to track you down so other bottom feeders such as the RIAA can nail you for file sharing. They're also the things apps such as PeerGuardian look for to stop the RIAA and its minions from finding you in the first place.

IP addresses are mentioned in every news story on file sharing. But lots of us don't have a clue what they really are beyond the fact everyone who's online has one, and they're a bunch of numbers with dots in between.

We asked Seraphiel Helruner (you know him best as seraphielx ; ) for a few thoughts on the subject.

(Thanks, seraphielx. This'll help : )

Now read on >>>>>>>>>>>>>>>>>>>>>>>>>>>>

What is an IP address? How do I get one?
An IP address ("Internet Protocol address") is a number that represents a single unique computer on the Internet. IP addresses are similar to telephone numbers in that each computer (or telephone) must have its own unique IP address (telephone number.) Like telephones, there's a directory system-called the Domain Name System, or "DNS," that can convert a name such as "www.microsoft.com" into a corresponding numeric IP address.

IP Addresses are written as a sequence of four numbers separated by ".", like this: 208.123.246.35. Each of the four numbers in the IP address can take the value between 0 and 255.

Every computer on the Internet must have a unique IP address.

ISPs purchase large blocks of consecutive IP addresses, and then allocate smaller ranges of these addresses to their customers. Thus, a particular company might be assigned all the 254 IP addresses in the range 208.123.246.1 to 208.123.246.254. (The addresses ".0" and ".255" are not usually assigned.) Companies then assign the IP address to individual computers within the organization.

How do computers send data through the Internet?
Computers send information through the Internet by dividing the data to send into small chunks ("packets") and transmitting them to the other device. All this happens without your doing anything - the web browser, e-mail program, etc, all take care of these low level details.

When your computer wants to send to another computer, it creates the packet, then places the other computer's address in the destination address of the packet, places its own address in the source address of the packet, and then sends the packet off, either directly to the destination computer, or to a nearby router that takes responsibility for routing the packet.

There's an analogy here with the post office here. Packets are like envelopes, with destination addresses and return addresses. Routers are like post offices: they check the destination address and have the responsibility for delivering the packet to the final destination computer or to another router that's closer to the destination.

What's a private IP address range?
The Internet Assigned Numbers Authority (IANA) has reserved several blocks of IP addresses that an organization may assign for its own private internet. These blocks are defined in RFC 1918 - http://www.ietf.org/rfc/rfc1918.txt?number=1918.

From the RFC:

3. Private Address Space
The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

We'll refer to the first block as "24-bit block", the second as "20-bit block", and to the third as "16-bit" block. Note that (in pre-CIDR notation) the first block is nothing but a single class A network number, while the second block is a set of 16 contiguous class B network numbers, and third block is a set of 256 contiguous class C network numbers.

What's the difference between static and dynamic IP addressing?
There are actually two ways of assigning IP numbers: static and dynamic.

Static IP numbers are permanently assigned to a computer.

Dynamic IP numbers are only assigned to a computer at the time it connects with the Internet. Dynamic IP numbers can change every time the computer reconnects to the Internet. Dynamic IP numbers are used to maximize the use of the numbers available to an organization or an Internet Provider.

Well Said

Seraphielx, very clear and simplified. thanks. The only thing is on an envelope we can choose not to put a return address on it. if it were only that easy for the IP address

So according the above info, wouldn't it be harder to track someone with dynamic ips? Does broadband offer dynamic ips (at least mine never changes)?

I mean mine never changes so it must be static. Is there a way to change to a dynamic ip or is all broadband static?

No because the ISP keeps logs of all it customers and when they log on and what IP address was assigned. so when they get a sepoena for a particular IP address on a certin date and time they can tell who it is

I figured as much. Thanks compmore!

ILUVELPEES wrote:
So according the above info, wouldn't it be harder to track someone with dynamic ips?

Exactly!

Does broadband offer dynamic ips (at least mine never changes)?

Depends on the isp, some do some don't but all reuse their ip addresses. They call it leasing and will usually recycle the ip address after 7 days. You can find this by checking your router dhcp settings and it will show the time remaining or if you connect directly to the modem, by using winipcfg and click on more info. There it will show you the date/time that your lease was obtained and when it will expire.

compmore wrote:
"The only thing is on an envelope we can choose not to put a return address on it. if it were only that easy for the IP address"

There is software that modifies the source/return address. Unscrupulous characters that attack web sites causing denial-of-service (DOS) attacks will often replace their ip address (known as ip spoofing) with that of a reputable company, etc. sometimes those with a sense of humor use the very same company that they are attacking...

As usual, seraph just RULES the tech corner .
VERY EXCELLENT ARTICLE..
5 Stars and Two Thumbs Up!

Seraph...you forgot to tell them how to spoof the old dotted decimal
~code

RIAAposterchild -lol..we were both typing about spoofing IPs at the same time!

great minds think alike...
~code

Could an ISP legally implement a policy of NOT keeping track of which customer logged on when?

It seems to me that the ISP's logging software could record the username but omit the IP address assigned...that way, they could respond to an RIAA subpoena (basically saying, "Gee, all we have are usernames, we'd like to help, but--sorry!) but still protect the privacy of their customers.

lol..the technies will get this one...
I know everyone's IP addres...
(putting on blindfold and using double secret probation ESP)
it's....
127.0.0.1

~code

tds67- I cover this in a thread in my forum-CodeWarrior's Forum
>DOES YOUR ISP HAVE TO KEEP YOUR IP ADDRESS?
"There is a loose group of ISPs called the "no log network" out there.

If the RIAA subpoenas an ISP for your IP address and they KEEP logs, they will eventually have to give you up, but, if they institute a pattern and practice of NOT keeping logs on users, you can't give data you don't have."
There's more discussion in that forum.
~code

actually, the 127.0.0.1 is the loopback address. However, there is one address that cannot be used by any computer in the world, and that address is 127.0.0.1, and cannot be anyone's address. The reason is that this address has been reserved as what is known as the loopback address. A loopback address is an address that tells the computer not to test its connections to another computer, but to test its own basic network setup.

OK..it was a lousy joke..it's Friday and my sense of humor is about gone...like cotton candy left out in the rain on a summer day...
apologies..

You are the localhost tonight, CodeWarrior...

Glad to see this come up, i am in the 4th semester of the Cisco Academy, about ready to take the CCNA.

directive, you'll do great.
I'd rather them have my IP than my Mac address...lol...

tsd67..dunno about you, but this week has tired me out...and, i get so frustrated with all this crap....

I just wrote an article about the RIAA suing iMESH today...

anyway..yup...mr. localhost...lol

Good one Code!

tds67
Date: September 19, 2003 @ 8:52 PM
Could an ISP legally implement a policy of NOT keeping track of which customer logged on when?

it is called dns,they have to know who has what ip address in order to give another one out...my dns server has a lan range of 10.0.0.0 and it has to keep track of every computer that connects to it to give it another ip address

localhost=127.0.0.1

sorry guys..i was just going down the list.

update from bill at tech focus!!

we have a beta of the htaccess script

now the only problem that we have is converting ip ranges to ip addressess.
like say i have the range of 127.0.0.0 to 127.09.254.16
im not going to want to type out all the ip addressess to block them,nor do i want to block out the other users on that block.
so what we are needing now is something that will output a list of ips from ranges that is better than angry ip scanner.

if any one know of something email me at seraphielx@hotmail.com

MUST READ LINKS ON THE LOG RETENTION ISSUE and WHAT ISPs MUST KEEP and what they DON"T HAVE TO..
http://www.mondumo.com/nologs/faq.php
"What about my statistics reports? I need those!Great! Run your statistics programs more often, make sure your reports don't contain identifying information of particular users, and then once you've obtained the report, discard the logs!"
and..
"We fully recognize web site operators' right to defend their property, ISP's right to defend their hardware and networks, and so on. But identifying and dealing with one particular IP address or group of IP addresses is in no way related to long-term retention of those addresses. In most cases during an attack, even a few minutes later, the logging of an IP address is no longer useful. Scripting and the http protocol itself gives an operator easy access to a visitor's IP address as it is - certainly defensive measures can be put in place that identify a particular visitor without long-term storage of all visitors' data."

http://www.epic.org/privacy/intl/data_retention.html
~code

ya stumped me Seraph..
me, I just block em all and unless I hit a site I HAVE to go to, I just keep the block of dotted decimals blocked from address A to address B...

if that is for the .htaccess, since it is a text file basically, I can't think of any easy way of selective blocking within eliminating a lot...
hmm...I don't guess a javascript would be of any help...

Hey guys. software isn't my specialty, I know enough to get by and be dangerous. thanks for making things a lot more clearer. I'll listen more than I talk. I get a lot out of this

I,m with compmore. I'm a box builder.
I'm not as skilled in the software.
WABBITMAN

Is there anyway with like a router or anonymizer software you could send a different IP everytime you log on the net? Does anyone know how that works?
Besides I have three comps to my IP addy, wondering how that makes a difference, if at all???

So it sounds like wireless is the way to beat the IP game? OR NO?
I mean if you park your rear on a park bench across the street form a large company....like the RIAA You could download using their broadban and nobody would be able to track you? or no?

OK guys...I know there have been lots of posts on here for this thread...but lets clarify a couple of things.

We ran out of IP numbers back in the 1970s if memory serves me correctly. (IP = Internet Protocol) Since there are only so many combinations of numbers that can be used in the current version of the IP protocol...IP4.0 they have to be "creative" about how they provide numbers to customers. IP6.0, when released will have more than enough numbers. the current IP protocol version runs on octets of ###.###.###.### - IP6.0 will have numbers and letters representing hexidecimal code. ##L#.#LL#.###L.#L## - the combinations are almost limitless and the numbers and letters can be in any combination.

This is all fine and dandy..but IP6.0 is not due to be released for some time because no one has equipment that can handle it...and they dont want to throw us into economic ruin when the system we have is kinda working okay for now. "Cream get the money, dollar dollar bill y'all!"

Your ISP is granted a very limited number of IP numbers from the authority they negotiate with for service. with that number, they do what is called "subnet" which is that they take this number and "mask" it with the subnet number, then make more IP numbers based on the new number. (lots of propeller-head jargon here).

Basically, the important thing is that you get a static IP number if you are one of the internet backbones, one of the first users of the internet before we ran out of IP numbers, or if you are "emperor of the known universe". For the rest of us, including some ISP's - you get a dynamic IP number, which is to say that when you log on to your computer and connect to the internet, your PC contacts your ISP, asks it "what is my name today?" and the ISP tells it..you are ###.###.###.### - for this session only. meaning when you log off...you loose that number. It may be assigned to you again, but it could also be assigned to someone else.

Most ISP's will log IP traffic and user names to protect themselves and other customers from lawsuits or incrimination. If you logged on at the same time someone else logged off...and that someone else had IP number 233.16.1.12, and you got the same number, AND if that previous user was doing something illegal and they werent logging it, you might be blamed for the illegal activities.

Also, an ISP will log the IP and user name activity to protect itself, as an ISP is liable and accountable for all traffic that it is carrying. the only way for them to protect themselves from a lawsuit (AKA the same type of lawsuits college campuses have been having to answer to) is to log the events, and if subpopenaed - spelling, turn over the logs to the authorities.

this may sound harsh and mean, but it is all they can do, otherwise they would be open to all kinds of lawsuits.

a personal network, (lets say you have 3 computers such as justin42980)...this would be a INTRAnet or LAN - Local Area Network. you might be using a cable modem, and it would provide you with one IP number that your ISP provides to you. for the INTRAnet user who has multiple computers, you would be doing basically the exact same thing that your ISP does with it's one or two static IP numbers. You get a router, plug it into the cable modem, then the cable modem provides the router with one IP number, the router takes the IP, "subnets" it, and provides all the computers connected to the router an Internal IP number. (these numbers are usually based on 192.168.###.###) These numbers are not valid numbers for INTERnet connection, only INTRAnet. if you have to connect with the outside world, you use the single IP number given to your cable modem by your ISP.

knowing all of this, the only way you might be able to beat them at the IP number game is to maybe have a computer in a country that has no agreements or treaties with other countries of the world...set up a computer there, connect to it over the net, then have it act as a "Proxy" for you. you sent it your request, it goes and gets it for you, but doesnt let the world know that you are the one asking for it.

There are not really any countries in the world though that can offer this kind of thing for one, and two, if they could, bigger countries like the USA - Police State and Babysitter of the World would step in and stop it.

The only real way to have any security and safety in this game is to remove the browse feature of the P2P software so that users cant "look into" your hard drive or share folder. The best way to handle this would be to move the file list out onto the net and keep it out there, so that if you are looking for a song, you might be able to find THAT song, but you wouldnt be able to look at any single user's inventory or even know who was offering you that file.

I hope this helps some people with thier questions. I know it was long. - Sorry

- Jolly Roger

- The Matrix has you!

ISP Privacy: SHHHHH! Dont spread that around on this forum!

Yes, you might be able to use wireless, if you went to a local "hot-spot", but they can look for you in other ways, such as a hash of your equipment, or maybe the MAC Address of your wireless network card.

MAC Addresses are unique identifiers for each network interface device in the world. no two are the same ( at least in theory ). If you have cable modem or DSL, the cable modem or DSL modem you connect with has a MAC number also. Some ISP's will only let you connect to them if you have the same MAC number that you had when you signed up for service.

As more people migrate to wireless, network admins will have to secure thier networks or risk lawsuits of thier own from the RIAA and others. so this is a temporary solution.

however, i must say that was "Capital Thinking" my friend!

- Jolly Roger

Thank-you JOLLY! you are a friend indeed!

I liked your idea about having a proxy in another country, but the SS goose stepping is being heard over there now to. RIAA POWER! "give a man or an organization a little power and he or they will extend it to the max"

Some unanswered questions some of you have.

Ok....this is a alright for the computer literate I suppose, however some of you are a little confused.

Lans Wans and Loopholes

Basically, and IP Address is assigned by a service provider to a computer or network. Not necessarily a single computer, because entire networks of computers CAN access the internet through 1 ip address.

As this article noted, there are private network ip address allocations. Now to the average user, there's a Wide Area Network (WAN), and a Local Area Network (LAN). WAN is basically the internet, a LAN would be the configuration of multiple home or office computers linked together.

The LAN is ussually restricted to users within the home or office. If you have more than one computer accessing the internet at your home, if your accessing the internet at work, or if you're accessing the internet from school, there are 2 types of configurations that are popular. 1) The computers all connect to a hub, and the internet (WAN) connection also plugs into the hub. This allows each user their own direct access to the internet, allowing for the user to have it's own WAN IP Address (the ip address that can identify your computer on the internet) as well as a LAN IP (the ip address that can identify your computer on the network). 2) The computers plug into a firewall, router or gateway; and then the information is routed in and out to the internet. In this configuration, the only IP Address that's recognized on the internet is the address to the network and each individual computer only has one IP Address, on the lan.

Now, ussually on an office or school network where the computers go through a firewall, who's accessinr what is logged, and the logs are kept for a specific length of time (retention rate). However, home routers aren't set up to log access by default (although many home routers allow the ability).

This means, if you've managed to use a p2p app at work or school (i say managed because alot of school and office networks block ports that aren't used for the specific protocls they believe the users should only be using), don't think you're in the clear, because depending on how long their log retention rate is, it can be traced back to you by contrasting the time of the infringement and the lan ip addresses to the specific computers accessing such ports at such time.

There is a way around this, you can use a type of program called an HTTP TUNNEL, which would allow you to run your p2p connection to a proxy like server over port 80 (the firewall thinks you're surfing the web) and then the server passes your info along to the p2p network. From the p2p network, it can be traced to the http tunnel server, and if they log their connections, it can be traced back to your school or office network, however, chances are there are many more people accessing the web at that time, and it will be very hard to prove that the infringement came from your computer.

There is also a loophole for home users with a firewall. There are two basic types of firewall/routers, wired and wireless. Basically, if you have a wireless firewall, and you aren't very computer literate, your network is then open for any person with a wireless network card in your general area. By default these wireless routers have no encryption, and if you set up encryption on your wireless network, the encryption key can be easily cracked by someone with the knowledge. What I'm getting at, is that if you own a wireless router, and you're subpoenaed, if you do not have traces of the infringing files on your computers, there is absolutely no way for the RIAA to prove that you're responsible for the infringement, or if a cracker using your wireless network was responsible. If you are subpeonnaed for an offense you know you've commited, and you have a wireless router, it's probably best that you use third party software to "securely" format your hard drives(this software will write over everything on your hard drive and then format...files aren't truely deleted until they are written over, even when you format). This could provide a pretty solid defense that would be backed up by computer professionals.

Static, Dynamic...and everything in between.

Like the article stated, there are static ip's and dynamic ip's. Static IP's always remain the same, Dynamic are changed whenever a user logs on (typically dial up), or after a specific time (typically broadband dynamic ip's). Now, if you have a dynamic IP Address, you can most likely bet your life on the fact that your ISP logs which customers use which ip addresses at which time. So if you have a dynamic IP...or you read this and want one, let it be known that you're just as recognizable with or without one. Like a static IP is bound specifically to an ISP's account, so is a dynamic IP, only it's temporary, however, the logs will remain for however long your isp's log retention rate is (which is most likely a few months at least).

Spoofing, Anonamity, and other myths

Alot of people are under the impression that you may be able to hide your ip address over the internet. This is not necessarily correct.

If you're accessing the internet from your internet account, there is no way to hide your identity from your ISP.

Now, there's a popular term that's thrown around often that alot of you might have heard. Spoofing. Spoofing is when you trick another computer into believing the information they're recieving is coming from another computer, rather than the sending computer. There are two types of connections, UDP and TCP. TCP offers a dependable connection. It requires both computers to awknowledge each other, through a sequence of commands sent and returned. This type of connection is possible (however extreamly difficult) to spoof initially, however, you will not recieve any information from the connection, you'll only be able to send. And UDP, this protocol doesn't require computers to awknowledge each other, therefore it's rather easily spoofed, however, again you can not recieve data if you're spoofing, so it can only be a one way thing. To put it simply, there's no way to spoof a connection to a p2p network, and use the network to download music.

What would be possible, however would be to build a p2p application using UDP protocol to spoof out going file transfers, therefore the reciever can not get your ip address. I believe Blubster and Piolot use UDP.

A way you could possibly hide your identity is to use a proxy or http tunnel. This would route the connection a program makes through a 3rd party computer before hitting it's destination. However, this sort of solution is pretty much a coin flip. If a proxy server logs who's accessing what and when(and there's a good chance that it does), it can potentially be traced back to you. You might also want to take into account that using such services will most likely affect your speed, resulting in very slow speeds.

If you believe this type of solution is for you, you're probably best off using an http tunnel because it will mask your connection through your isp and all hops to the recieving server as nothing more than web surfing.


To put it simply...you are not anonymous, however much you'd like to be. Depending on certain situations, you can almost certainly be tracable. You can always hide your identiy by cracking another average home users computer or network and using it to route your internet connections, however that's very immoral.

No solution is fool proof, however your best defense would probably be the Wireless network loophole, but that has yet to be tested in court, so don't go placing all your cards on that. If you want full anonamity on p2p networks, do not use p2p networks.

hehe my ip is static =)

Loves this forum! I can not only get an education in legal issues, the constitution, and the music industry...I can also learn about the computer and tech issues as well. Sorry to gush, but you people are some of the smartest on the net.

i regularly use foreign proxies all the way from europe to the far east...
and change regularly...sometimes US proxies under high anonymity

man I hate to say things when there is a possiblity that a riaa mole is listening but let me ask this. Hypothetically speaking, if you were to store downloaded music on a removable hard drive that doesn't have to be kept with your computer and the riaa was to take you to court then you presented the computer and said hey there's nothing on here and it doesn't show any signs of having been erased would you be able to claim that they are mistaken?

some might wonder what an RCF is.
an RFC is a Request For Comment. Also, until the conversion to IP v6 is complete there will remain only 4 'classes' of IP addies.
Great article, seraph, my hat is off to you, but some havent a clue, lets not mislead them.

~time flies~

a modem has a MAC as well. even macs have macs.
so, if you loan a buddy a 56k modem, oh heck....i quit ;p
for the 'unschooled' there is a wealth of information available on the net, rtfm before its all gone.

~time flies~

dunsel.....

the 9th circuit court of appeals would first have to rule that a hard drive is in fact removeable.
long live the floppy? speakin of floppy...
sorry guys n gals.....i love computers as well. cant stop myself! love to all!
.....now......wheres that pot? ;p
~time flies~

I was checking into something just before BIG BROTHER, (BIG BABYSITTER), pulled it off the internet...

Baically it worked like this, two proxies, that encrypted your connection to the internet between them and acted as one proxy. In theory, the computer connected to you, (call it the first proxy) knows your name, but only connects to the internet through a second computer, (the second proxy) by an encrypted connection.

It sounded pretty interesting to me, but the main problem with a Proxy, is whether or not to trust it. For all I know BIG BABYSITTER, or the RIAA might own either proxy, or both, and you are selling yourself out, by trusting either. Only bullet proof plan I have for not getting caught is not to do anything defined as legally wrong.

Hmm, I'm still not happy with that. I guess I'm kind of stuck changing the law, to make "freedom of privacy", and all the other amendments legal.

hey cw check yer mail arrrr

after some hours of thinking about the masking of an IP/MAC address, I need some expert advice.

email me at hermit@ec.rr.com

Is there any hiding place?

you can reach me on netmeeting on IP ?

I got an idea. Set the proxy ip numbers (What it can use) to your friends (Ones you truly know) and have them vice-versa on your ip number. This requires static ip's however, and until you make friends you can trust long distance it will be limited to your region.

ok jolly, you are part right, w2k, winxp and w2k3 server all support ipv.6, but the dns servers aren't supporting it yet, here in the US we are not at risk of running out of IPs for several more years, but the far east *japan and their neighbors* are very close to running out right now...*shrugs* but alot of hope computers can handle it, just takes a lot of infrastructure upgrades that haven't been done yet

United WE Stand

Thanks for the tips guys, But what about The anonymizer software? Would this software encrypt information/and or protect you from the RIAA??