PDA

View Full Version : How to tell if you have a Private IP Address or a Public IP Address



AlnertPt
06-07-2015,
Many of the questions posted here lack important information: does your machine have a Private IP Address or a Public IP Address?

So I made a video to show you how to determine this:

I use Nirsoft's netrouteview because it has a GUI: http://www.nirsoft.net/utils/network_route_view.html

Private IP Addresses have the following ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

AlmoMa
06-07-2015,
Are you asking for replies? It's not clear whether you are or not. Mine's private, assigned by my router via DHCP. At least that's what it is at home. I never check it when I'm at a public place where I use my tablet (Google Nexus 7) which has no sensitive info on it.


Everyone with a computer should back his system up to an external hard drive regularly. http://www.bleepingcomputer.com/forums/public/style_emoticons/default/thumbup.gif

Alloteormele
06-07-2015,
No, not asking for replies. This is for later reference: when I have to help somebody and need to know if they have a private or public ip address, I'll direct them to this post if they don't know how to determine this.

Didier Stevens
http://blog.DidierStevens.com (http://blog.didierstevens.com/)
http://DidierStevensLabs.com (http://didierstevenslabs.com/)

Alonsograf
06-09-2015,
I don't think it's too big of a deal, as "How did I get infected?" and "Slow computer?" could be taken as asking a question which wants answers. It wouldn't be too bad to get this pinned as well since it's good information which I see asked a fair bit (of course, up to mods).

Yes, I believe only those with mod power in the section can change a title after a topic has been posted. Hopefully one will reply and provide input

xXToffeeXx~

AlonsoLak
06-10-2015,
Although RFC-1918 specifies these as "PRIVATE IP ADDRESSES":

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

The story is incomplete.

"PRIVATE IP ADDRESSES" are for the internal networks and "PUBLIC IP ADDRESSES" are what is seen on the Internet.

For instance, the computers on my home network is:

desktop 192.168.254.1
my laptop 192.168.254.2
wife's laptop 192.168.254.3

But going out to the world, the "PUBLIC IP ADDRESSES" is 75.x.x.x.

================
COX said it best (empasis added by scotty_ncc1701)
================
A PUBLIC IP ADDRESS IS A GLOBALLY UNIQUE NUMBER that identifies a device on the Internet. If you want someone on the Internet to connect to you, then you must tell them your public address. Also known as your "real" or "external" address. Public IP addresses are globally recognized and assigned by the Arin. Arin is the governing body that controls the list of publicly routed IP addresses. YOUR ISP USUALLY GIVES YOU A PUBLIC IP.

A PRIVATE IP ADDRESS IS TYPICALLY ASSIGNED TO DEVICES ON A LAN (LOCAL AREA NETWORK) AND ARE NOT USED OUTSIDE THE LAN. These IP addresses are typically used with a router, where you have multiple computers all sharing the same Internet connection. PRIVATE IP ADDRESSES CANNOT BE USED ON THE INTERNET.

Private addresses are often used for isolated, IP-based networks that will not be connected to the public Internet. InterNIC encourages the use of private addresses for these situations because it reduces the waste of public IP addresses.

However, when using NAT (network address translation), you can have private IP addresses on your local network and use a single public IP address to have them access the internet. Using NAT, you would be able to connect hundreds of computer to your router, and then use one public IP for all computers to access the internet. A router will translate between private and public IP addresses.

REFERENCE FOR ABOVE: http://www.cox.com/business/idaho/support/voice/article.cox?articleId=a2b07280-6ce8-11e0-4e73-000000000000
================

What it boils down to, for most people with computers, as I explain in another post, is that anyone that accesses the Internet has two IPs associated with their computer. The "PRIVATE IP ADDRESSES" from your ROUTER/MODEM back, and the "PUBLIC IP ADDRESSES", FROM THE ROUTER/MODEM out to the world.

The NAT translation is what a router does!

ALouisevow
06-10-2015,
I've difficulty understanding the reason for your comment.

Don't you take into account machines that have a public IP address on their NIC?
I've seen several posts here where it turned out the user's machine had a public IP address, and not a private IP address.
And these people have problems figuring this out.
They often go to a site like "what is my IP address", but this doesn't answer the question.
That is why I made my video.

As to using private IP addresses on a LAN: this is just a convention, it is not mandatory. You can use public IP addresses on your LAN, and then NAT them to another public IP address to access the Internet.

The association between a private and public IP address in case of NAT is done at the level of the device that does the NATing. Usually based on port NATing.
This association is not explicited in the PC.

admin
06-11-2015,
Update: this is a reply to a post that has now disappeared.

I'm starting to get the feeling that there is some confusion regarding this topic.

There are ISPs that provide you with a network device (ADSL, cablemodem, ...) that you install on your local network and that assigns your machine a private IP address.
And there are ISPs that provide you with a network device that you install on your local network and that assigns your machine a public IP address.

To see which IPs are assigned to the NICs (Network Interface Controller) of your machine, you can use the ipconfig command on the command-line.
But this doesn't tell you which NIC is used to access the Internet (unless you have only one NIC with an IP address). To know this, you use the route command.
That's why I used netrouteview in my video (a GUI-equivalent of the route command).

Assume that your network device in your home (your ADSL router) assigned your machine a private IP address: 192.168.0.2
You want to connect to my website at IP address 96.126.103.196.
If you perform a packet capture on your machine, you will see a TCP connection with packets that have following characteristics:

Source MAC address: the MAC address of your NIC
Destination MAC address: the MAC address of the Ethernet interface on your local network device
Source IP address: 192.168.0.2
Destination IP address: 96.126.103.196

If I perform a packet capture on my website, I will see a TCP connection with packets that have following characteristics:

Source MAC address: the MAC address of the last router in the connection.
Destination MAC address: the MAC address of the Ethernet interface on my website's server
Source IP address: A public IP address, let's say 91.123.10.5
Destination IP address: 96.126.103.196

Your local network device has parformed NAT: Network Address Translation. It has translated the private IP address 192.168.0.2 into public IP address 91.123.10.5.
91.123.10.5 is the public IP address assigned to your local network device by your ISP. It is needed to access the Internet.
So packets that enter your network device via the local interface with source IP address 192.168.0.2 get translated to 91.123.10.5 when they leave the network device via the Internet-facing interface.
And packets that enter your network device via the Internet-facing interface with destination IP address 91.123.10.5 get translated to 192.168.0.2 when they leave the network device via the local interface (*oversimplification).

This NATing is completely transparent to both endpoints. Your machine doesn't see that it's private IP address gets translated to a public IP address, and my website doesn't see that your public IP address gets translated to a private IP address.

Now, if you have a network device that issues your machine's NIC with a public IP address, no translation takes place.
What you see is what you get. My server sees your public IP address, the one on your machine's NIC.

I have an ISP that works with a network device that issues private IP addresses a,d performs NAT.
But I also have VPN services that issue me a public IP address. When I start these VPN connections, a NIC is created for this VPN connection and it is assigned a public IP address.

If you use 3G or 4G dongles, you can get a private IP address or a public IP address on the NIC of your dongle.

*oversimplification: a decent NAT service will not translate all incoming packets. Simply put, it will only allow through incoming packets that can be linked to outgoing packets.