Types of IP address
When you google, ‘What is my IP address?’, you will actually get the answer to ‘What is my public IP address?’, which is the IP address of the home router provided by your internet service provider (ISP). The most common types of IP address are public, private, and localhost.
142.250.178.4 is a public IP address; if you enter it into your browser address bar, you will find it belongs to Google. Your public IP address belongs to your home router and is used to communicate on the internet. If you have several devices using your internet connection, they all share the same public IP address.
In contrast, 10.0.0.1 is a private IP address. In fact, all IP addresses of the form 10.x.x.x or 192.168.x.x, where x can be between 0 and 255, are private IP addresses. Every device on your home network has its own private IP address assigned by your home router. These addresses work only on your local network — for example, in your home or school.
Finally, any 127.x.x.x IP address is a localhost IP address. Localhost IP addresses mean ‘this machine’, so that a computer can talk to itself. This can be used for testing programs without sending information over the internet; so that applications on a computer can talk to each other; or as a form of secure communication.
Public versus private
So, why do we need both private and public IP addresses? We don’t actually have enough public IP addresses for the number of devices used in the world. In the 1980s, the internet was created with 32-bit IP addresses, which was enough for about 4.3 billion devices. Now that we have surpassed that number of devices, we have to share private IP addresses. Your home router handles the translation of your internet traffic from a public IP address outside your network to a private IP address inside your network.
Wouldn’t you always want a private IP address? You might think so, but you can’t talk to computers outside your network this way. If you want to make a connection from inside your network to outside your network, you send something through your router. Your router remembers where that traffic was sent, and when an answer comes back, it translates that traffic back to you on your computer. You have to send something for that to work, and nobody can send you anything from outside your network, because your computer has a private IP address. In fact, nobody can see your computer when it has a private IP address. It is possible to make your private IP address visible by changing a setting on your home router. This is called port forwarding, and you can do this to play a game online, or to let you or someone else access your computer remotely
Protecting your devices
A port is part of an address, and can be used with an IP address to identify the kind of network traffic they receive. For example, secure web traffic (with the padlock symbol in your browser bar) uses port 443 and is the secure and encrypted version of the protocol that makes the World Wide Web work. The console gaming service Xbox Live uses multiple ports, including ports 88 and 3074. It is very common, though potentially unsafe, for someone playing games to forward the ports they use for gaming. Port forwarding is like opening the door between your computer and the internet. So, if you forgot something at home and wanted to connect to your home computer from school, you could port forward your home router to allow access to your home computer.
Isn’t it bad to open the port forwarding door? Yes and no. Would you leave your front door open in a safe neighbourhood? What about in a bad neighbourhood? While some may tell you that it is safe to port forward, there are risks. With port forwarding, anyone on the internet can find your computer. In fact, if you port forward, a website called Shodan will list your computer for anyone to see. Would someone then make the effort to break into your computer and do something bad? Maybe not, but as more and more people find ways to abuse the internet, port forwarding becomes less and less safe.
If you want to access your device remotely and safely, the simplest answer is not to port forward. If you do port forward, then make absolutely sure that you have changed your passwords from their default values, because those are now all that is stopping someone from accessing your computer. Alternatively, look for remote access or private network software that can solve the problem safely.
After installing appropriate software, check that your network is safe. You can perform a scan using a website such as ShieldsUP! (helloworld.cc/shieldsup) to see if your computer is visible from the internet. It will detect your public IP address and check if any ports are open and, thus, if your computer can be reached by someone on the internet. One or more of your ports might be open, for example, if you changed your port forward router settings.
The best result from a scan is that none of your ports are open and you are ‘cloaked’, or invisible to the internet. If one or more of your ports has to be open for some reason, you should check what is behind that port — it may be a game or another application. Unfortunately, there is no easy way to determine whether you have left the password at the default setting, or even don’t have one, so you should and must do that manually.
If you follow all these steps, you will not be the person on the TV show that can be traced and hacked. In fact, if you are successfully cloaked, there is no way for anyone to find you, and you are networking safely!
Further resources
A good explanation of an IP address from a security point of view
How to port forward your home router, and why this is not necessarily a good thing!
The title of this article says it all: ‘Shodan: the scariest search engine on the internet’
A website that scans your computer to see if you have any ports open