An IP address (Internet Protocol address) is a unique address that certain electronic devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP)—in simpler terms, a computer address. Any participating network device—including routers, switches, computers, infrastructure servers (e.g., NTP, DNS, DHCP, SNMP, etc.), printers, Internet fax machines, and some telephones—can have their own address that is unique within the scope of the specific network. Some IP addresses are intended to be unique within the scope of the global Internet, while others need to be unique only within the scope of an enterprise.
In other words, the IP address acts as a locator for one IP device to find another and interact with it. It is not intended, however, to act as an identifier that always uniquely identifies a particular device.
An IP address can also be thought of as the equivalent of a street address or a phone number (compare: VoIP (voice over (the) internet protocol)) for a computer or other network device on the Internet. Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network. An IP address differs from other contact information, however, because the linkage of a user's IP address to his/her name is not publicly available information.
Further, an IP address is not necessarily linked, in a persistent way, to a physical location or even data link layer address. In the past, an IP address could be considered a unique identifier of a particular IP host, in addition to being a locator. When it was usable as an identifier, it was static, and it was assumed to be globally unique from end to end of the Internet.
In current practice, an IP address is less likely to be an identifier, due to technologies such as:
Dynamic assignment, as with an address that is assigned by the access device by which the user's host connects over a dialup telephone line or by a set-top box for an IP over cable network. However the network provider maintains a database of which IP address was assigned to which access port on dialup, or MAC address on LANs or broadband networks. This information, assuming it is available to the investigator, may help to identify the computer, although that is unlikely if it was a dialup connection where the identifier is of the dial-in port, not the computer itself. More extensive forensic work, with access to telephone records, may identify the calling telephone, although that may itself be a "cutout" on the way to the real telephone.
Network address translation (or NAT), a feature common on gateway routers in corporate networks or home LANs, where the address visible to the Internet is the "outside" of a device that maps it to a completely different and hidden address on the "inside". See IP Address Translation, below.
In other words, the IP address acts as a locator for one IP device to find another and interact with it. It is not intended, however, to act as an identifier that always uniquely identifies a particular device.
An IP address can also be thought of as the equivalent of a street address or a phone number (compare: VoIP (voice over (the) internet protocol)) for a computer or other network device on the Internet. Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network. An IP address differs from other contact information, however, because the linkage of a user's IP address to his/her name is not publicly available information.
Further, an IP address is not necessarily linked, in a persistent way, to a physical location or even data link layer address. In the past, an IP address could be considered a unique identifier of a particular IP host, in addition to being a locator. When it was usable as an identifier, it was static, and it was assumed to be globally unique from end to end of the Internet.
In current practice, an IP address is less likely to be an identifier, due to technologies such as:
Dynamic assignment, as with an address that is assigned by the access device by which the user's host connects over a dialup telephone line or by a set-top box for an IP over cable network. However the network provider maintains a database of which IP address was assigned to which access port on dialup, or MAC address on LANs or broadband networks. This information, assuming it is available to the investigator, may help to identify the computer, although that is unlikely if it was a dialup connection where the identifier is of the dial-in port, not the computer itself. More extensive forensic work, with access to telephone records, may identify the calling telephone, although that may itself be a "cutout" on the way to the real telephone.
Network address translation (or NAT), a feature common on gateway routers in corporate networks or home LANs, where the address visible to the Internet is the "outside" of a device that maps it to a completely different and hidden address on the "inside". See IP Address Translation, below.
From Wikipedia, the free encyclopedia
