An IP address (Internet Protocol address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: it identifies the host or device on a network, and it provides the location of the host in the network.
There are two main versions of IP addresses: IPv4 (Internet Protocol version 4) and IPv6 (Internet Protocol version 6).
IPv4 is the most widely used version of IP addresses, and it consists of a 32-bit number that is expressed in a dot-decimal notation, such as 192.168.0.1. IPv4 addresses are divided into two main categories: private and public. Private IP addresses are used on local networks, such as home networks or corporate networks, and are not reachable from the Internet. Public IP addresses are used on devices that are directly connected to the Internet, and they are unique across the Internet.
The ranges for private IPv4 addresses are:
- 10.0.0.0 to 10.255.255.255
- 172.16.0.0 to 172.31.255.255
- 192.168.0.0 to 192.168.255.255
The ranges for public IPv4 addresses are:
- 0.0.0.0 to 255.255.255.255 (note that some ranges within this range are reserved for specific purposes and are not generally used for public IP addresses)
IPv6 is the latest version of IP addresses, and it consists of a 128-bit number that is expressed in a hexadecimal notation, such as 2001:0db8:85a3:0000:0000:8a2e:0370:7334. IPv6 addresses are designed to provide a much larger address space than IPv4, as well as other improvements such as better routing and security.
To count the number of IP addresses on a network, you can use a tool such as nmap to scan the network and identify all the active IP addresses. For example, to scan a network for active IPv4 addresses, you can use the following command:
nmap -sP [Network Range]To scan a network for active IPv6 addresses, you can use the following command:
nmap -6 -sP [Network Range]IP addresses can be used in cyber security during penetration testing to gather information about a target network and identify potential vulnerabilities. For example, you can use an IP address to identify the operating system and open ports on a host, or to connect to a network share or service.
NAT (Network Address Translation) is a technique used to allow multiple devices on a local network to share a single public IP address. NAT works by translating the private IP addresses of the devices on the local network into a single public IP address, and vice versa. This allows the devices on the local network to communicate with the Internet, while hiding their true IP addresses and making it more difficult for external parties to connect to them directly.
NMAP is a powerful tool that can be used to enumerate IP addresses and gather information about the hosts on a network. Some examples of NMAP queries that can be used for IP enumeration are:
- To scan a network for active IPv4 addresses:
nmap -sP [Network Range]- To scan a network for active IPv6 addresses:
nmap -6 -sP [Network Range]- To scan a single host for open ports:
nmap [IP Address]- To scan a host for specific port ranges:
nmap -p [Port Range] [IP Address]- To scan a host for common port ranges:
nmap -F [IP Address]- To scan a host for all 65535 ports:
nmap -p- [IP Address]It is important to note that using NMAP and other tools for IP enumeration and network scanning can potentially be illegal if done without the proper permissions. Always be sure to follow proper protocols and obtain the necessary permissions before conducting any penetration testing activities.
