This is probably the most frequently asked question asked when it comes to online user security as an IP address is considered to be a direct link to the user that is accessing the internet. However, there is a good reason not to panic if you found your IP address disclosed somewhere on the internet.
What is the function of an IP address?
Before we talk about the security implications of the scenario when your IP address is publicly revealed on Internet, let’s discuss the purpose of an IP address.
An Internet IP address (also known as WAN, Wide Area Network IP address) is assigned to you by an ISP provider (a.k.a. Internet Service Provider). Your assigned IP address is what allows other machines on the Internet to connect to the computer(s) you may have connected to the Internet using this IP address. You might be connecting your computer devices to the internet via the following methods:
- Your computer device is connected directly to the Internet Modem which is connected to the Internet/WAN
- One or more computers in your home or business network are connected to a router or switch device. These devices create an internal sub-network at your home or business location and allow multiple computers to connect to the Internet Modem that is connected to the Internet. When your computer devices are connected to a router, the router assigns each one of your devices a Local Area Network or a private IP address, which generally falls within the following ranges:
- 10.0.0.0 – 10.255.255.255
- 172.16.0.0 – 172.31.255.255
- 192.168.0.0 – 192.168.255.255
When you do not use a router or switch in your home or business so-called “local network” and connect your computer device directly to the Internet Modem, your Internet IP address becomes an IP address of your connected device. This allows any computer on the Internet to connect directly to the computer device you are using.
In the scenario when you have multiple computers connected to the router or switch, which is connected to your Internet Modem, there will be no direct access to any of your computers from the Internet. This will be the case unless you specifically configure your router to send all requests sent to your Internet IP address to a specific machine located on your home or business Local Area Network.
Who and what is tracking your IP and why is it being tracked?
So who might be interested in tracking your IP address and what is the purpose of IP tracking? Generally, IP addresses are statistically tracked to analyze a pattern of usage of a specific service or to optimize hardware that handles connection routing or data distribution. Some of the examples of facilities that might be tracking your IP address are:
- Internet websites. Virtually ALL websites collect IP statistics. This is accomplished by both intentional and passive tracking reasons.
- Intentional IP tracking is initiated by a webmaster that handles website development. Generally, webmasters install IP tracking statistical software in order to understand the website traffic they receive and optimize content and advertising methods. IP surveillance is also used to monitor for website abuse and mitigate attacks from specific IPs that are found to cause harm.
- Passive tracking is generally known as “server-side” tracking. It is basically a built-in feature in many web server software packages that are configured by default to collect all connections to a server. It is used by a website server software to provide stability of service via internal analysis by a server’s firewall and other security software devices installed on a web server.
- Internet appliances. Most of the Internet Appliances that are remotely controlled by a user, have own IP statistical software that captures and records a pool of IP address that send requests to these devices. These devices include but are not limited to:
- IP camera surveillance;
- Security alarms;
- Weather monitoring devices;
- Home automation devices;
- Power grid smart meters;
- Smart appliances such as refrigerators, TVs, speakers, and multimedia players;
- Health monitoring devices;
- Vehicle navigational and tracking systems;
- ToysThese appliances often contain a log of IP addresses that have connected and allow remote access to this data.
- Online communication software such as Skype, Google Voice, Facebook, Telegram, and so on.
- Proxy servers. If you are using a proxy server, your IP address is always known to a proxy server service provider. Your IP address usage is logged and all internet activity through a particular proxy server is analyzed. Many proxy servers are used and analyzed by government authorities to monitor for illegal activity that usually requires the usage of a proxy server.
- Mobile device access points. Each time a mobile device “hops” from one wireless access point to another, its IP address is changed, assigned, and recorded by an access point.
- Government authorities. The legal authorities under certain conditions have full access to any IP address information, including personal identity information, complete criminal and civil offense history, and so on. Government authorities acquire Internet activity of any individual or an IP address through ISP providers and proxy server traps. There’s virtually no escape from being tracked on Internet, regardless of a number of connection hops from one point to another. It only comes to an effort of tracing any given activity and associating it with an individual or a group of individuals. Most of the criminal activities on the Internet are not thoroughly investigated due to the effort required in relation to a complexity of a case. However, if the crime exceeds a certain level of threshold, an offense can be efficiently resolved.
What are the risks from your IP address being “publicly known”?
Having your IP address on the Internet by itself does not mean there is a direct risk. ALL IP addresses fall within an IP address range, therefore, those who seek malicious activity, generally scan the entire IP range over a period of months to find IPs are host devices that are not behind a firewall for example.
If you connect to the Internet through a router and do not have a “Passthrough” mode enabled (generally disabled by default), then you are behind a firewall. This means that external computer connections cannot perform any direct communication with your device(s) other than sending information to web browsers, which respond on ports 80 and 443.
Web browsers only receive data on these forms to translate and display received information. However, if you have malicious software installed on your computer then a third party can gain access to your computer’s data.
IP hacking commonly works in the following order:
- A person visits a website that under false pretense instructs a web browser’s user to install some sort of a plugin or software that is infected;
- The installed malicious software sends a “signal” back home to the hacker providing an IP address of a machine where the software is installed;
- The hacker remotely connects to the infected computer gaining access to data and computer control.
However, if a hacker has your IP address and no malicious software is installed on your machine, then there’s no feasible way to “hack” your computer knowing just an IP address.
Website IP tracking
When you visit any website to read articles, view pictures or videos, listen to audio or play games, all of your IP address’ activity is generally captured either by passive or intentional methods. Regardless of the method, the only information is visible to webmasters at this point is your IP address and any associated activity on a particular website. It does not reveal your personal identity, a true geographical address, or any other personally sensitive data, that is unless you have entered your personal information on that particular website. When you submit forms on any of the websites, your IP address is associated with submitted data.
A website IP tracking is generally not a malicious activity but a functional procedure allowing webmasters to maintain their website’s service and security. It is similar to general merchandise stores that record a video of you entering the store and looking at the products. However, a merchandise store would have significantly more information about you such as your facial ID, your name, and payment information from the checkout process.
With website IP tracking, and thousands of visits daily, no one is going to analyze and sort through the data for a single IP address. This all becomes aggregated data that is usable only on a statistical level. Furthermore, website IP tracking helps people like yourself to mitigate website attacks and have control over customizing content for a website.
IP tracking is not as dangerous as it may sound
Yes, privacy concerns while using the Internet are real and valid. However, if you practice general safety, such as avoiding installing unknown software from the Internet or posting your personal information on social sites, IP tracking should be the least worrisome among other concerns on the web you should be aware of. Social sites alone reveal more personal information about yourself than all IP tracking data could ever do.