IP addresses, white listing, blacklisting, locking and blocking

IP addresses are your phone number on the Internet.  Like phone calls you get good calls and bad calls.  So how do you manage your number online?

This backbone concept of the Internet of having unique phone numbers has been around since the dawn of the Internet.

Security management relies a lot on these numbers and this article looks at the pros can cons of how a business can use them to their advantage.

Marketing can also gain great insight via IP information.

No matter how I spin this subject, it involves numbers.  Lots of numbers so please bear with that fact.

 

Specifically designed to be a business introduction, this article allows you to ask some sensible questions of your IT and marketing teams.

Your teams will probably will have all the answers but it never hurts to check.

If you’re a seasoned security veteran or understand the basics of IP addresses, then please jump down to the sense checks.

  • The basics
  • Getting meta
  • Security
  • The sense checks to ask

[read more=”Read more” less=”Read less”]

The basics

Your Internet Phone Number

IP addresses come in two flavours, version 4 and version 6.

 

Launched in 1983, version 4 or IPv4 has been the most widespread version most people will recognise.

Made of 4 sets of numbers separated by full stops.  Each number ranges from 0 to 255.

So there are combinations from 0.0.0.0 through 255.255.255.255 to choose from.

 

There are 4,294,967,296 (2^32 or 32 bit) combinations in total possible.

As of 2016, 588,514,304 are reserved making 3,706,452,992 public addresses available.

 

According to the fascinating to watch worldometers, there is an estimated 7,663,844,230 people on the planet.

 

So by very simple maths, if everyone had 1 phone or 1 computer, then there’s not enough IP addresses for everyone.

Not to mention, servers, office computers, cars, trucks, trains, buses, planes and the billions of other devices connected to the Internet.

This is technically called IPv4 address exhaustion.  The world needs a solution.

 

Just make up some new numbers

So the fix came with IPv6.  IPv6 is 128 bit, i.e. 2 ^ 128.

There are 3.4×10^38 or 340 undecillion IPv6 addresses.

340,282,366,920,938,463,463,374,607,431,768,211,456

 

IP addresses ultimately boil down to 0s and 1s, however the humans have to read and use them.

Decimal uses (0,1,2,3,4,5,6,7,8,9). Hexadecimal (often called hex for short) uses ( 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F )

 

IPv6 numbers are separated using colons ( : ) instead of commas ( , )

Because the numbers are so much bigger it uses hexadecimal instead of decimal numbers to save reading space.

So an example address might look like 2001:0D8B:AC10:FE01::

 

So which version are we using

All technology going back to 1995 uses IPv4 comfortably.

In the late 1980s anticipation of running out of numbers was identified with the growth of the Internet.

IPv6s first iteration came out in 1996 yet took 16 years to be globally accepted.

IPv6 was launched June 6th, 2012.

So currently there is a mix.

Most modern desktops and phones run “dual stacks” meaning they work with IPv4 and IPv6.

 

Can we not just share?!

When you work in an office there could be 100 people on their PCs using the Internet.

The solution for offices was to share IP addresses.

A device called a router manages the Internet connection for the whole office.

Everyone in the office gets an internal IP Address, like an extension when you use a phone system.

The router has 1 public IP address ( 1 external IP address ) and it manages all the internal extensions.

 

In your office, you go to search google.  Your request goes to the router.

The router goes to google… gets your info and returns it to you.

Your colleague beside you wants their gmail.  The router gets the gmail and returns it to your colleague.

In this way an office of hundreds of computers only needs 1 external IP address.

 

Internet Service Providers (ISPs)

ISPs will send you a router when you connect to their service.

Why? Because you only get 1 external IP address per router.

Even homes only get 1 IP address for all the devices that work in the home.

 

Not everyone is connected to the internet all the time.

So your ISP will operate a pool of IP addresses.

When you turn on your mobile phone, your ISP will allocate you an IPv4 number from a pool they own.

If your phone turns off, that IPv4 returns to the pool for another mobile to use.

 

In this way you’re looking to only need IPv4 address for devices that are active on the Internet.

This was a number saving approach without having to switch to IPv6.

 

Security

Nuisance callers

On your phone you sometimes get people you don’t know phoning you.

They may be sales / marketing calls.

Friends or new business colleagues might be trying to get in touch.

Quite simply someone accidentally dials the wrong number.

 

 

However some of them can be bad people trying to do something nefarious.

People have phone books on their mobile phones.

If you recognise the number, the name comes up.

Yet if you don’t recognise the number, you don’t answer the call.

It is possible to do exactly the same thing with IP addresses.

 

On the router you can set a white list or a blacklist.

White listing.  A white list says, if I see this IP address, let it connect, everything else is blocked.  Same as saying only answer calls from people I know.

Blacklisting. Alternately you can have a black list.  If this specific number comes in block it.  Otherwise let all other numbers come in.

 

These two strategies form a huge part of the basics of Internet security.

 

Home and remote working

For home and office, white listing makes the most sense.

No one from the public internet should be coming into your building EVER!

Yet if you promote “home working” or “remote working” then you have an issue.

As a result how do you tell if the person coming in is staff going to work or is breaking in trying to do something bad?

 

As mentioned previously ISPs pool your address and your IP address changes.  Consequently you have two choices.

 

Static IP addressing

A static IP means you pay extra to your ISP for a permanent IP address which does not get recycled.  It’s always yours.

This static IP is added to the white list rules of the office router.  It knows who you are.

 

User authentication

Alternately you can set up a more complex username and passwords security authenticate approach.

You let the whole world connect but then you have to security check everyone coming in.

 

Getting meta

Data about data

So a quick sense check.

Your IP address will be IPv4 or IPv6.

  • You can have a number from a pool of IP addresses allocated for the time you’re connected to the internet.
  • Alternately you can have a static IP address.

To get a static IP address you have to buy it.  It costs around €50 once off from your ISP who organises it for you.

 

Now, when someone calls you and you don’t recognise the number you have choices.

You can ask friends and family… do you recognise this number?

Searching Google for company listed numbers makes sense.

 

IP addresses can be looked up to see who owns that IP address.

To read this article you’re on the internet… so what is your IP address at the moment and what information is available about it.

Try this for yourself and your connection!  https://whatismyipaddress.com/ip-lookup

 

Usually getting the country and even town is very possible along with latitude and longitude.

It’s like something from a science fiction or crime tv series but this information is available to everyone.

 

Making sales and marketing assumptions

As you have just seen, because so much information is available, when someone visits your website, they leave data behind.

The IP address of the people coming to your website have to give you a return phone number.

Using this IP address you can see

  • The country or your visitors
  • The geographic region of the visitor
  • If a company has a static IP you can see the company who has come to visit.

So if you wanted to know if your competitors are visiting your website you could find out.

Also if you have just sent in a pitch and you want to know if people are visiting, you can probably work that out too.

Companies like Netflix, can look up your IP to decide what content is available in your country for copyright reasons!

 

A bit of anonymity

So if you don’t want to be recognised, for whatever reason, your IP address is something you’ll want to hide.

There are companies out there which offer a solution.

Like the office office solution sharing IPs, you connect to a VPN service (Virtual Private Network).

 

They go an get your information for you.

So when the website you’re visiting sees an IP address, they get the VPN service IP address, not yours.

There are pros and cons to this approach but it does get you your anonymity.

You do tell your VPN provider everywhere you’re going though!

 

If your VPN service is in America, then Netflix will filter your content for America and not from the country you’re in.

This is a growing business service.

 

The sense checks to ask

Quick list

Now that there is context for each of the following questions hopefully they make sense.

  1. Firstly do we operate a white list / blacklist on our office router? Who’s on it and why? [Security]
  2. Secondly how often do we review those rules? [Security]
  3. Next do we promote remote working and if so how do we review connections in to our business? [Security]
  4. What geographies do our staff work in and can we block the areas we know shouldn’t be coming into us?  [Security]
  5. Do we review our public website to see which countries and areas are coming to visit us? [Marketing]
  6. Also do we use data services to review our visitors to figure out who exactly is coming in to visit? [Marketing]
  7. In our marketing spend, do we compare where we’re advertising to where are visitors are coming in from? [Marketing]
  8. When we review competitor websites / market research are we anonymous?  Do we care?  [Marketing]

These would be a strong starting point for any business discussion with an IT team and your IP security.

There are many more questions and sense checks around “what after”, but if any of these “pull a thread” it is worth checking it out.

If there’s anything in this article you’d like to chat to me about you can contact me here or on social media.

[/read]

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.