Rupin Sharma, IPS
We have discussed primarily incidents involving ‘devices’ which provide us an ITC (Information Technology Convergence) interface. The incidents are essentially in the nature of normal crimes where the wrongdoer may, after having access to the device, commit various crimes which could be called pre-dominantly ‘ordinary crimes’ in nature. Let us now turn to crimes which are pre-dominantly ‘cyber’ in nature or crimes, which would not have existed before the advent of the ITC infrastructure.
Hereon, some articles in the series become a bit technical but simplified.
Briefly put, cyber-crimes are those which have an information technology interface and where the ITC infrastructure is either the offender or the victim or the medium for the crime being committed. This also means that what can be a victim in one case can be the offender in the other or vice versa. Similarly, the medium can also be used to commit crimes or facilitate the commission of crimes. The medium itself, can, at times be a source of attack or the victim.
A basic idea of the series is to simplify things for a complainant and a policeman who is to investigate a ‘cyber-crime’ or a ‘cyber-enabled’ crime. Let me try to explain in simplistic terms how the system works:
1. How the ITC Interface Works:
There are, at the two ends, two systems which can be called originators/senders and users/users of whatever information is being generated/carried. The origin-end and user-end usually have devices like laptops, PCs or Supercomputers or mobile phones or tablets and the like. Sometimes these devices may just be storage devices like CDs/External Hard-disks and the like at both ends. Usually, at both ends, there are human beings who are the ultimate users/consumers/operators, although this may not necessarily be the case.
In the middle is the telecom infrastructure by way of electromagnetic waves which are carried either through the air or through overhead cables or sub-terranean cables or even under-sea cables. These airwaves and cables carry data in encrypted form at very high speeds – often at the speed of light – at least hypothetically.
The connection between the two end-users i.e., the originator and the consumer is established through the encrypted signals sent through electromagnetic waves. Like in the case of a normal postal mail or a courier message, both ends have to have identifiable parameters for the messages to reach the right person. In the world of Information Technology, these addresses are called IP Addresses (Internet Protocol addresses).
2. What are IP Addresses?
Whenever an originator of a message originates a message and connects to the internet, he is automatically assigned an IP Address. Thus, an Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network.
IP addresses are written and displayed in a format which is human-readable. There are two protocols of IP Address allocation IPv4 and IPv6. In the IPv4 protocol, an IP Address would be denoted as 152.16.254.1 while in the in IPv4 formation it would be something like 2001:db8:0:1234:0:567:8:1.
IP addresses serve two principal functions
(A) Identifying the host, i.e., its network interface, and (b) Providing the location of the host in the network.
By performing these two functions, the IP addresses thus establish a path to that host.
Internet communications do not take place directly in most cases but have to pass through a lot of ‘gateways’. These gateways are comparable to the Post Offices which keep receiving our parcels/letters before the letters are finally delivered to us. Thus also, all ‘internet messages’ pass through various gateways or intermediate enablers. When a message is in transit, the message usually acquires the time-date stamp of the gateway through which the message was sent. Thus all internet messages carry the IP addresses of the sending host and the receiving host. However, since the re are intermediary or transit hosts, the intermediaries are also in a position to provide the IP addresses of the intermediary gateways through which the messages transited.
3. Types of IP Addresses:
IP Addresses are of different types and therefore it would be pertinent to understand some of the terms in simplistic terms. The different types of IP Addresses are as follows:
a. Static IP Addresses – are permanently assigned or persistently assigned addresses. These may be assigned based on countries or service providers etc.;
b. Dynamic IP Addresses – Are addresses which get assigned temporarily and get assigned to a computer system or a device every time a device connects to the internet or re-starts. Dynamic Host Configuration Protocol (DHCP) is a protocol/technology which is used to assign IP addresses. In some cases, the DHCP re-assigns the same IP address to a host device based on its MAC address, each time it joins the network. A MAC address or the Media Access Control address is a Unique Identifier for each device connected to the internet in addition to its IP Address and the IMEI number or even the SIM number or MSISDN. Network administrators may configure the networks in such a manner that specific MAC address always get allocated specific IP addresses too.
Thus, an IP Address (whether Static or Dynamic) in addition to its MAC address counterpart provides a specific, unique address/identity to a machine, whether temporarily or permanently, depending on how the network is configured.
c. Public IP Addresses -are addresses which are not reserved for use in private networks. These may, however, be used for communication between hosts on the global Internet;
d. Private IP Addresses – Under the IPv4 protocol for assigning IP addresses, certain blocks of IP addresses are reserved for private networks - hence called Private IP addresses. Under the IPv6 protocol too, certain blocks of addresses are set aside as reserved as Private IP Addresses. Under the IPv6 allocation system, these are referred to as unique local addresses (ULAs).
4. What do IP Addresses Mean For Me:
IP addresses are the virtual link to your physical device or instrument on the internet. Similarly, they are the unique virtual-physical address for anyone who communicates with you on the internet or sends a message to you or tries to establish contact with you.
While an analysis of your own IP address at a given time can give you details of your device or internet service provider or SIM-card number or wifi connection or broadband connection or even your physical location, the analysis of the other party can also reveal similar details.
However, except when you are on a LAN or a Local area Network, messages on the internet rarely travel straight from one point to another. They travel through or are routed through many service providers or intermediaries which may be located in different corners of the world. Therefore, the analysis of IP addresses and their trail is a highly complicated and technical task. But the IP Addresses can reveal a wealth of information.
Since every time anyone accesses the internet, IP Addresses get assigned and a unique IP address is likely to be automatically tagged to a device or internet session or duration, it is impossible to leave the internet without at least some digital signature or footprint. Therefore, A WORD OF CAUTION FOR ANYONE WHO THINKS HE IS ANONYMOUS – YOU ARE NOT. Only your identity is temporarily masked or hidden and can easily be deciphered or unveiled, if the experts want.
The amount and degree of effort which may be put in by the police or investigating agencies would depend on the degree of seriousness attached to the crime or the importance of the matter – both in terms of impact on the society/person or the financial well being of the society/person. The person may be a living being or a corporate. This is also because the deciphering of the IP Addresses of the originators and intermediaries may be a time consuming, serious and resource consuming exercise.
5. How Can I know my own IP Address?
Your IP addresses may be private (if you are working in a Local Area Network or LAN or a wifi network) or public.
Your Private IP address identifies you to the administrator of your Network Administrator who may have allocated the IP address to you in the first place. The private IP address can be seen by doing the following:
On Windows 10 machines:
Open Settings > click Network and Internet.
On the next screen, select Status in left-pane.
In the right-pane, click Properties button for the active Network on your computer.
On Network Properties screen, you will see your Private IP Address listed next to iPv4 address entry.
In addition to the IPv4 address, you will also see your IPV6 IP Address, which will be in the form of a complex combination of letters and numbers.
On MacBook, MacMini or iMac:
• Click Apple icon in top menu bar and select System Preferences in the drop-down.
• On System Preferences screen, click Network option.
• Select your Network Type (Ethernet or WiFi) in left-pane. In the right-pane, your Private IP Address will be listed next to IPV4 Address entry.
IP Address on Android Phone:
• Go to Settings > WiFi > tap gear shaped Settings Icon.
• On the next screen, you will be able to see your Private IP Address.
Private IP Address on iPhone:
• Go to Settings > WiFi > tap WiFi Network Name.
• On the next screen, your Private IP Address will be listed next to IP Address Entry under “IPV4 ADDRESS” section.
We will deal with the Public IP Addresses in the next piece.
