There are two types of IP addresses, public and private.
If you’re on a Windows machine, open up your cmd.exe (Start –> search for “cmd.exe”).
Once that is open, type in “ipconfig /all”.
A bunch of text should spit out, but focus in on the section that has “IPv4 Address”.
Your IP will most likely be in this range of IP addresses:
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
You can check your IP on a Linux machine by opening Terminal, and typing “ifconfig -a”.
You will once again see an IP in the “inet addr” section fall into the above ranges.
This range is known as the private IP range, or if you want to be fancy, RFC 1918.
While talking to network engineers, it’s not uncommon to hear them refer to an IP as an RFC 1918 range. They may be trying to sound smart, or trying to differentiate between an RFC 1918 IP, and an Internet-routable public IP.
RFC 1918 IP addresses are free for everyone to use, as long as they remain inside their private network.
Click here to learn more: Excuse Me, Is This IP Address Free or For Sale?
What is a public IP?
First, go to Google.com, and type in “what is my ip?”.
A search result should pop up with an IP address that does NOT fall into the RFC 1918 range.
This is an IP that your ISP has assigned to you to use on the Internet. This is the IP you pay for in your monthly Internet bill. This is the IP the police can use to track you and find you. Or hackers. Or someone with a vendetta. Or a curious and bored security engineer who happened to see your public IP appear in some firewall log. Bottom line, the IP you see in Google is not one you should really share with anyone. This is why I show you my Windows and Linux machine IP addresses, but not my public IP.
Computers, cell phones, routers, firewalls, servers, web pages, video game systems…they ALL need an IP address in order to communicate with each other. It’s like how we know each others cell phone numbers in order to call or text a message. IP addresses allow us to communicate with each other on the Internet.
All Devices Have IP Addresses
All the devices within the private network start with the first 3 octets of 192.168.0.x.
But then what about the IP 220.127.116.11 ? Well, that’s the NAT IP, devices with a private IP need a NAT IP (public IP), in order to go out to the Internet.
We talk more about NAT here: An Explanation of Network Address Translation (NAT)
IP addresses are at Layer 3 of the OSI Model, the Networking Layer. If a CISSP exam question is talking about IP addresses, try to keep this in mind.
IP addresses have sections called octets, these sections are separated by a dot.
192 is the 1st octet.
168 is the 2nd octet.
1 is the 3rd octet.
55 is the 4th octet.
Sometimes I’m on troubleshooting conference calls with other security engineers talking about and exchanging IP addresses from multiple networks. If you’ve ever been on a conference call, sometimes calls are dropped, or their voices get distorted. In these instances we may not hear the other side and could ask “Hey I got the first two octets of that IP address, can you please repeat the 3rd and the 4th?” Using our example above, they’d be repeating the numbers 1 and 55.
There are two versions of IP addresses, IPv4 and IPv6.
IPv6 has octets too, just a lot more of them, and separated by a colon ( : ).
IPv6 has 16 octets, with each octet holding a pair.
So the first 5 zeros are actually 5 octets consisting of 2 bytes each, making it a total of 10 octets. It is just condensed, and would actually look like this “0000:0000:0000:0000“.
ffff is the 11th and 12th octet.
c0a8 is the 13th and 14th octet.
1370 is the 15th and 16th octet.
If you’re going to build a network, you’re going to need to know how to allocate private IP addresses, and an associated NAT IP in order to give those devices the ability to go out to the Internet.
You’re going to need to know subnetting, subnet masks, how to divide networks into smaller networks, default gateways, broadcast IP addresses vs subnet IDs…these things however, are beyond the scope of the CISSP exam.
Just know the concept of an IP address, and you’ll be fine.