IP Address: Your Internet Identity
Russ Smith of Consumer.Net
IP Addresses and Domain Names
Computers connected to the Internet must speak the "Internet language" called the "Internet Protocol" or simply "IP." Each computer is assigned a unique address somewhat similar to a street address or telephone number. Under the current system there are four numbers that range from 0 to 255 (Example: 18.104.22.168). Every computer, whether it functions as a web site, is being used by a web surfer, is a mail server, and/or is used for any other function, has an IP address so it can communicate across the Internet. Communication is accomplished by sending pieces of information called "packets" that include the IP address of the destination computer.
Up to this point, domain names have not yet been mentioned because they are not needed for the Internet to work! An optional feature of the Internet is to use domain names. With this system I can tell users to visit www.consumer.net rather than 22.214.171.124. If there are several computers in a network they can be grouped under a domain and could be given 'friendly' names for convenience such as: computer1.consumer.net, computer2.consumer.net, etc. This has the added convenience of keeping the same computer names even when the IP addresses change or if the computers move to a different physical location. Again, this naming is optional and is not always done. As a side note, the underlying IP addresses have no intrinsic value but the optional domain names can be worth thousands of dollars and have been the subject of many court cases.
The Domain Name System (often called DNS) is the system where the IP addresses are converted into names. When www.consumer.net is entered by a user into a browser a (somewhat hidden) process converts that name into 126.96.36.199. This allows the user to connect to the proper web site and usually involves a domain registration service that is funded by domain name fees.
How are IP Addresses Distributed?
Every transfer of information over the Internet must include the capture of the IP address. Some examples of automatic logging are: visiting a web site, sending or receiving e-mail, using a chat room, or reading and posting to newsgroups. A common situation that causes IP addresses to be distributed to a third party is when visiting a web site and that site participates in banner ad networks where the ads are served from a third party site. This third party site retrieves the IP address when it sends the ad. This information is used to measure the number of ad views and calculate click-through rates.
Transferring IP addresses to a third party can also be accomplished by sending a web page via e-mail. When the user opens the attachment (if they are connected to the Internet) the e-mailed web page could make a request to a web site anywhere on the Internet (such as requesting an image file). This transfers the user's IP address to that web site along with the date and time that the user opened the message. An Internet cookie can also be placed on the user's system at that time. Several advertisers already engage in this practice. This method could also be used to defeat anonymous e-mail.
How Can Users be Traced from their IP Addresses?
Once an IP address is captured several methods can be used to trace the user. These tools can be found at http://consumer.net/tracert.asp.
Generally, users who have fixed Internet connections (cable modems, private companies, etc.) have fixed IP addresses. Dial-up Internet providers usually give addresses dynamically from a pool when a user dials in to connect (such as a pool of 100 IP addresses per 800 subscribers).
Internal network procedures also affect the amount of information that can be gleaned from an IP address. If a proxy sits between the users and the Internet all of the users appear to come from one computer. In these cases, users can only traced as far as the proxy unless additional information is known. The computer names can also sometimes be used to gather additional information. One major provider's computer names usually include the nearest big city of the user. Some networks simply use the e-mail address in the computer name [Example: russ.consumer.net has e-mail address firstname.lastname@example.org].
Ambiguities in user identification by IP address are reduced by the use of "Internet cookies." These are text files that gives users a unique identity. Cookies would essentially become unnecessary if everyone had fixed IP addresses.
A site's policy must also be coordinated with the policies of third parties that capture IP addresses from their site visitors (such as banner ad networks). Sometimes the banner ad network's policy is more import since it has the potential to track users across several sites rather than activity at a single site.
ã 1998 Russ Smith