Linux Software Management Essentials

Linux, like most other operating systems, supports various types of software. Managing that software is a basic skill all Linux users should have. Doing it via a graphical user interface is usually pretty self-explanatory, as you just have to follow the instructions on the screen. Performing the same task by using a command line interface on the other hand is a whole different matter and could scare some Linux newcomers. To help crumble that fear a bit, here are some of the things to keep in mind about software management on a Linux-based operating system.

Software Mgmt On Linux-based OS

Most of today’s distributions of Linux-based operating systems install software in pre-compiled packages, which are archives that contain binaries of software, configuration files, and information about dependencies. Software on a Linux system often relies on other programs and libraries to work. These other programs are called dependencies. In addition, package management tools keep track of updates and upgrades so that the user doesn’t have to sniff out information about bug and security fixes. Different packet management software can be found on different Linux distributions. For example the Debian family uses dpkg (Debian Package Management System) and its front-end tools APT (Advanced Packaging Tool) and Aptitude; RPM (Red Hat Package Manager) with its tools YUM (Yellowdog Updater, Modified) and DNF (Dandified Yum) are used by RedHat; Packman Package Manager is used by Arch Linux and so forth. Each packet manager and tool has its own pros and cons. Software can also be installed using newers solutions like AppImageFlatpack and Snap. For the sake of this blog let’s focus on dpkg and it’s front-end tools.

Before You Install…

Before installing anything onto the operating system there is an important question you should ask yourself – from where do the required packages come from? When Linux installs new programs, it installs them from a repository (also known as a repo). APT has a nifty little file named /etc/apt/sources.list which contains a list of the repositories it uses. It’s quite clever. If it notices that a program depends on another program, it will install both at the same time so you don’t have to worry about it. It is possible to add new repositories into that file or remove the ones that are already there to accommodate your specific needs. Another way to add/remove repositories into/from the list is to use the add-apt-repository command. This creates a new source file with the repository info into the /etc/apt/sources.list.d/ directory. It is also possible to manually add source files into that directory.

An additional thing to do before installing anything with APT would be to update it’s cache with apt-get update. This will update the package database, which means it will update the list of available packages and their versions, but it does not install or upgrade any packages.

Example of /etc/apt/sources.list

deb http://us.archive.ubuntu.com/ubuntu xenial main universe
deb http://archive.ubuntu.com/ubuntu/ xenial-updates main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu/ xenial-security main restricted universe multiverse

Examples of add-apt-repository and updating the APT cache

Adds a repository into the file
  #add-apt-repository 'deb http://us.archive.ubuntu.com/ubuntu xenial main universe' 
Removes a repository from the file
  #add-apt-repository -r 'deb http://us.archive.ubuntu.com/ubuntu xenial main universe'
Updates the APT cache
  #apt-get update

There is one more important matter to attend to before going to the next subject. The apt-get package management utility uses public key cryptography to authenticate downloaded packages. apt-key is a program that is used to manage a keyring of gpg keys for secure apt. Each time you add another apt repository to /etc/apt/sources.list, you’ll also have to give apt its key if you want apt to trust it. Once you have obtained the key, you can validate it by checking the key’s fingerprint and then signing this public key with your private key. You can then add the key to apt’s keyring with apt-key add <key>.

Installing, Upgrading, Removing And Cleaning Up

On to installation. If you want to install something you just need to use the command apt-get install <name-of-package>. This will search the database to see if the package you need is present in the repositories listed in /etc/apt/sources.list. If it is there, then it will ask for a confirmation and then install the package on a positive reply. In case a package needs to be reinstalled the --reinstall parameter can be used with the command. If you want to know which versions of which packages will be installed you can use the -s parameter with install. This will run a simulation of the installation without actually changing anything in the system. It is also possible to install a package which is already in the filesystem. For that you cannot use the APT tool and have to use dpkg -i <path-to-package> instead.

Examples of installing packages

Installs htop from a repository in the sources.list file
 #apt-get install htop 

Simulates an install of htop without changing anything in the system
 #apt-get install htop -s

Reinstalls htop from a repository in the sources.list file
 #apt-get install --reinstall htop 

Installs htop from a package in the filesystem
 Package naming convention: 
 <Name>_<VersionNumber>-<DebianRevisionNumber>_<DebianArchitecture>.deb
 #dpkg -i /home/student/Downloads/htop_2.0.2-1_amd64.deb

There are 2 ways to upgrade installed software using the APT tool. The apt-get upgrade command upgrades all the the installed packages and their versions on the operating system. apt-get dist-upgrade also upgrades the packages and their versions but in addition handles changing dependencies with new versions of packages and will attempt to upgrade the most important packages at the expense of less important ones if necessary. Thus, the apt-get dist-upgrade command may actually remove some packages in rare but necessary instances. To only upgrade a specific package the apt-get install can be used on an already installed package.

Examples of upgrading packages

 #apt-get upgrade
#apt-get dist-upgrade
Upgrades the package if it already exists in the system
#apt-get install <name-of-package>

To delete a package the apt-get remove <name-of-package> command can be used. This will delete the package but leave all the configuration files intact and in place. If the configuration files also need to be deleted with the package then apt-get purge <name-of-package> should be used.

Examples of deleting packages

Deletes htop but leaves configuration files in place
 #apt-get remove htop 
Deletes htop with all of its configuration files
 #apt-get purge htop

It is good to regularly clean up the filesystem from not needed packages and the local repository from retrieved package files. apt-get clean can be used to clean the packages and install scripts which are housed in /var/cache/apt/archives/apt-get autoclean cleans obsolete deb-packages. The difference between apt-get clean and apt-get autoclean is that the latter only removes package files that can no longer be downloaded, and are largely useless. This allows a cache to be maintained over a long period without it growing out of control. apt-get autoremove is used to remove packages that were automatically installed to satisfy dependencies for some package and are no more needed.

Examples of cleaning up packages

 #apt-get clean
 #apt-get autoclean
 #apt-get autoremove

Information Gathering

Knowing which software packages are installed on an operating system is a crucial part of software management. The apt-cache command can display information which is stored in APT’s internal database. The stats subcommand will display overall statistics about the cache. Using search with apt-cache will display a list of matched packages with a short description and using show with apt-cache will display the details of a package. Both apt-cache pkgnames and dpkg -l list all the packages which are installed in the operating system with the latter command showing more information (version number, revision number, architecture, description). There are occasions when some package dependencies become broken. For example this can come up when a program depends on another program, but Linux can’t find it in the repositories. In these cases a good tool is apt-get checkwhich checks the system to see if there are any broken dependencies.

Examples of gathering information

Displays info about packages
 #apt-cache stats
 #apt-cache search htop
 #apt-cache show htop

Displays all installed packages
 #apt-cache pkgnames
 #dpkg -l

Checks for broken dependencies
 #apt-get check

Changing package settings

There are several states that can be set for a software package. With the manualsetting the package is marked as having been manually installed: you explicitly installed it, so the system will not remove it unless you ask for it to be removed. With the auto setting the package is marked as having been automatically installed and will be removed automatically upon uninstallation. On the other hand, some packages are installed because they’re dependencies of a package you manually installed. APT marks these dependencies as automatically installed. These packages are marked for auto-removal if they are no longer needed, for instance with apt-get autoremove. The hold setting is used when the package needs to be held back. It will not be possible to install, upgrade, or remove the package until the hold mark is removed. There are even more interesting settings and it is possible to change them with the apt-mark tool.

Examples of package setting commands

Changes the setting of the package to manual, auto or hold
 #apt-mark manual virtualbox
 #apt-mark auto virtualbox
 #apt-mark hold virtualbox
 #apt-mark unhold virtualbox

Displays a list packages which have the auto, manual or hold settings enabled
 #apt-mark showauto
 #apt-mark showmanual
 #apt-mark showhold

In Conclusion

So what should you remember from all of this? Every Linux distribution has its own package management system and they all have their pros and cons. Linux packages come from different repositories and there is a dependency system between the packages. If automatic tools like Apt are used, then no dependency problems should arise. Command line interfaces aren’t scary if you get to know them a little.

Domain Name Hijacking

In this post, I will tell you about how the domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking. For most of you, the term “domain hijacking” may seem to be like an alien. So, let me first tell you what domain hijacking is all about.

Domain hijacking is a process by which Internet Domain Names are stolen from its legitimate owners. It is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).

The Operation of a Domain Name is as Follows:

Any website, for example, google.com consists of two parts. The domain name (google.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows:

After registering a new domain name, we get a control panel wherein we can have a full control of the domain.

From this domain control panel, we point our domain name to the web server where the website’s data (web pages, scripts etc.) are actually hosted.

For a clear understanding let me take up a small example:

John registers a new domain called “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascript etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y).

Now, whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.

What Happens When a Domain Name is Hijacked?

Now, let us see what happens when a domain name is hijacked. To hijack a domain name, you just need to gain access to the domain control panel and point the domain name to some other web server other than the original one. So, to hijack a domain you need not gain access to the target web server.

For example, a hacker gets access to the domain control panel of  “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now, whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).

In this case, John’s domain name (abc.com) is said to be hijacked.

How are the Domain Names Hijacked?

To hijack a domain name, it is necessary to gain access to the domain control panel of the target domain. For this you need the following ingredients:

The domain registrar name for the target domain.

The administrative email address associated with the target domain.

This information can be obtained by accessing the WHOIS data of the target domain. To get access to the WHOIS data, go to whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this, you’ll get the “Administrative contact email address”.

To get the domain registrar name, look for the words something like: “Registered through:: XYZ Company”. Here XYZ Company is the domain registrar. In case if you do not find this, scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.

The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlocking the domain control panel. So, to take full control of the domain, the hacker will have to hack the administrative email associated with it.

Once the hacker takes full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There, he will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once this is done, all the details to reset the password will be sent to the administrative email address.

Since the hacker has the access to this email account, he can easily reset the password of domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.

How to Protect the Domain Name from Getting Hijacked?

The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you lose your domain. Another best way to protect your domain is to go for a private domain registration.

When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public.

whenever a hacker performs a WHOIS lookup for your domain name, he will not be able to find your name, phone or the administrative email address. Thus, the private registration provides an extra security and protects your privacy. Even though it costs a few extra bucks, is really is worth for its advantages.

DNS Hijacking Explained

DNS hijacking (sometimes referred to as DNS redirection) is a type of malicious attack that overrides a computer’s TCP/IP settings to point it at a rogue DNS server, thereby invalidating the default DNS settings. In other words, when an attacker takes control of a computer to alter its DNS settings so that it now points to a rogue DNS server, the process is referred to as DNS hijacking.

As we all know, the “Domain Name System (DNS)” is mainly responsible for translating a user-friendly domain name such as “google.com” to its corresponding IP address “74.125.235.46”. Having a clear idea of DNS and its working can help you better understand what DNS hijacking is all about. If you are fairly new to the concept of DNS, I would recommend reading my previous post on How Domain Name System Works.

How does DNS Hijacking work?

As mentioned before, DNS is the one that is responsible for mapping the user-friendly domain names to their corresponding IP addresses. This DNS server is owned and maintained by your Internet service provider (ISP) and many other private business organizations. By default, your computer is configured to use the DNS server from the ISP. In some cases, your computer may even be using the DNS services of other reputed organizations such as Google. In this case, you are said to be safe and everything seems to work normally.

DNS Hijacking

But, imagine a situation where a hacker or a malware program gains unauthorized access to your computer and changes the DNS settings so that your computer now uses one of the rogue DNS servers that is owned and maintained by the hacker. When this happens, the rogue DNS server may translate domain names of desirable websites (such as banks, search engines, social networking sites etc.) to IP addresses of malicious websites. As a result, when you type the URL of a website in the address bar, you may be taken to a fake website instead of the one you are intending for. Sometimes, this can put you in deep trouble!

What are the Dangers of DNS Hijacking?

The dangers of DNS hijacking can vary and depend on the intention behind the attack. Many ISPs such as “OpenDNS” and “Comcast” use DNS hijacking for introducing advertisements or collecting statistics. Even though this can cause no serious damage to the users, it is considered as a violation of RFC standards for DNS responses.

Other dangers of DNS hijacking include the following attacks:

Pharming: This is a kind of attack where a website’s traffic is redirected to another website that is a fake one. For example, when a user tries to visit a social networking website such as Facebook.com he may be redirected to another website that is filled with pop-ups and advertisements. This is often done by hackers in order to generate advertising revenue.

Phishing: This is a kind of attack where users are redirected to a malicious website whose design (look and feel) matches exactly with that of the original one. For example, when a user tries to log into his bank account, he may be redirected to a malicious website that steals his login details.

How to Prevent DNS Hijacking?

In most cases, attackers make use of malware programs such as a trojan horse to carry out DNS hijacking. These DNS hijacking trojans are often distributed as video and audio codecs, video downloaders, YoTube downloaders or as other free utilities. So, in order to stay protected, it is recommended to stay away from untrusted websites that offer free downloads. The DNSChanger trojan is an example of one such malware that hijacked the DNS settings of over 4 million computers to drive a profit of about 14 million USD through fraudulent advertising revenue.

Also, it is necessary to change the default password of your router, so that it would not be possible for the attacker to modify your router settings using the default password that came with the factory setting.

Installing a good antivirus program and keeping it up-to-date can offer a great deal of protection to your computer against any such attacks.

What if you are already a victim of DNS hijacking?

If you suspect that your computer is infected with a malware program such as DNSChanger, you need not panic. It is fairly simple and easy to recover from the damage caused by such programs. All you have to do is, just verify your current DNS settings to make sure that you are not using any of those DNS IPs that are blacklisted. Otherwise, reconfigure your DNS settings as per the guidelines of your ISP.

Introduction to Domain Name System (DNS)

In the world of Internet and the area of computer networks, you will often come across the term Domain Name System or Domain Name Service which is simply referred to as DNS. The working of DNS forms one of the basic concepts of computer networks whose understanding is very much essential especially if you are planning to get into the field of network security.

In this post, I will try to explain how Domain Name System works in a very simple and easy manner so that even the readers who do not have any prior knowledge of computer networks should be able to understand the concept.

What is a Domain Name System?

A “Domain Name System” or “Domain Name Service” is a computer network protocol whose job is to map a user friendly domain name such as “google.com” to its corresponding IP address like “172.217.26.206”.

How Domain Name System (DNS) Works?

Every computer on the Internet, be it a web server, home computer or any other network device has a unique IP address allotted to it. This IP address is used to establish connections between the server and the client in order to initiate the transfer of data. Whether you are trying to access a website or sending an email, the DNS plays a very important role here.

For example, when you type “www.google.com” on your browser’s address bar, your computer will make use of the DNS server to fetch the IP address of Google’s server that is “172.217.26.206”. After obtaining the IP address, your computer will then establish a connection with the server only after which you see the Google’s home page loading on your browser. The whole process is called DNS Resolution.

With millions of websites on the Internet, it is impossible for people to remember the IP address of every website in order to access it. Therefore, the concept of domain name was introduced so that every website can be identified by its unique name which makes it easy for people to remember. However, the IP address is still used as the base for internal communication by network devices. This is where the DNS comes in to action that works by resolving the user friendly domain name to its corresponding machine friendly IP address.

In simple words, domain names are for humans while IP addresses are for network devices. The “Domain Name System” is a protocol to establish a link between the two. Hence, it is not a surprise that you can even load a website by directly typing its IP address instead of the domain name in the browser’s address bar (give it a try)!

Types of DNS Servers and their Role:

The Domain Name System (DNS) is a distributed database that resides on multiple computers on the Internet in a hierarchical manner. They include the following types:

Root Name Servers:

The root servers represent the top level of the DNS hierarchy. These are the DNS servers that contain the complete database of domain names and their corresponding IP addresses. Currently, there are 13 root servers distributed globally which are named using the letters A,B,C and so on up to M.

Local Name Servers:

Local servers represent the most lower level DNS servers that are owned and maintained by many business organizations and Internet Service providers (ISPs). These local servers are able to resolve frequently used domain names into their corresponding IP addresses by caching the recent information. This cache is updated and refreshed on a regular basis.

How DNS Server Works?

Whenever you type a URL such as “www.google.com” on your browser’s address bar, your computer will send a request to the local name server to resolve the domain name into its corresponding IP address. This request is often referred to as a DNS query. The local name server will receive the query to find out whether it contains the matching name and IP address in its database. If found, the corresponding IP address (response) is returned. If not, the query is automatically passed on to another server that is in the next higher level of DNS hierarchy. This process continues until the query reaches the server that contains the matching name and IP address. The IP address (response) then flows back the chain in the reverse order to your computer.

In rare cases where none of the lower level DNS servers contain the record for a given domain name, the DNS query eventually reaches one of the root name server to obtain the response.

FAQs about Domain Name System:

How does a “root name server” obtain the information about new domains?

Whenever a new domain name is created or an existing one is updated, it is the responsibility of the domain registrar to publish the details and register it with the root name server. Only after this, the information can move down the DNS hierarchy and get updated on the lower level DNS servers.

What is DNS propagation?

Whenever a new domain name is registered or an existing one is updated, the information about the domain must get updated on all the major DNS servers so that the domain can be reached from all parts of the globe. This is called DNS propagation and the whole process can take anywhere from 24 to 72 hours to get completed.

How often the DNS servers are updated to refresh the cache?

There is no specific rule that defines the rate at which DNS servers should be updated. It usually depends on the organization such as the ISP that maintains the server. Most DNS servers are updated on an hourly basis while some may update their databases on a daily basis.

I hope you have now understood the working of DNS in a very convincing manner.

Tutorial for Changing IP Address

Every time you connect to the Internet, your ISP (Internet Service Provider) assigns an IP address to your computer that makes it possible for websites and applications to keep track of your online activities and also pin point your physical location. Therefore, in order to protect your Internet privacy, it is often necessary to change your IP address.
Ways to Change IP Address

The following are some of the possible ways to change IP address of your computer:
1. Using a VPN: Best Way to Change IP Address

Even though there are several methods to change your IP address, using a VPN proxy is by far the best and most secure way. The following are some of the most popular VPN proxies that most Internet users prefer:

Hide My Ass VPN – Hide My Ass is one of the most popular and trusted VPN service that provides a fast and secure proxy server to allow people to easily change their IP address and also obtain IP address from any country of their choice.

VyprVPN – VyprVPN offers the world’s fastest VPN services to make it possible for its clients to easily change their real IP using a proxy and supports wide range of operating systems.

Advantages of using VPN over other methods:

Fast, secure and highly reliable. All your web traffic is encrypted to keep your data safe from hackers and also protect your privacy.
You can choose from a list of countries and locations to obtain a new IP address. This makes it possible to have your origin from any country of your choice.
Easily bypass regional blocks to access sites and content that are restricted for your location.

2.Change IP by Restarting the Router

Every time you connect to the Internet your ISP may assign a different IP to your computer called dynamic IP. If your Internet connection uses a dynamic IP you can easily change it just by restarting your network device such as modem/router. All you need to do is just turn off its switch for a few seconds and turn it on again to get a different IP address assigned.

Unlike using a VPN, this method has quite a few drawbacks. Your newly assigned IP will have the same location or country as before and therefore if you’re trying to bypass a country block it would not be possible. Moreover, if your Internet connection uses a static IP address, you will get the same IP assigned no matter how many times you restart your router.
3. Using Free Web Proxy to Change Your IP Address

If you cannot afford a VPN service or restarting the router doesn’t get you a new IP, you can try some of the free browser based proxy services that help you change your IP address and surf anonymously. The following are some of the websites that offer free proxy services:

www.rapidproxy.us
www.proxysite.com
www.englandproxy.co.uk
www.filterbypass.me

Drawbacks of using free web proxies

Even though these services come free of cost they also come with some of the following drawbacks:

Most of them are slow and websites take a lot of time to load.
Security and privacy is questionable as most of these free services are unreliable.
Users have to bare with annoying ads and pop-ups as these sites need to generate revenue to compensate for free service.
Limited or no choice over the selection of your IP location.

How to Ensure that Your IP is Changed?

To know your current IP address just type what is my ip addresson Google and your public IP address should be displayed in the search results. Once you’ve successfully implemented one of the above mentioned IP changing methods, you can re-check your IP on Google to make sure that you have got a new one.

Denial of Service (DoS) Attack Explained.

If you are working in the field of computer networks or an enthusiast in the field of network security, you are sure to have come across the term “Denial of Service attack” which is simply referred to as “DoS attack”. Today, this is one of the most common types of network attacks carried out on the Internet. In this post, I will try to explain DoS attack, its variants and methods involved to carry out the same in an easily understandable manner.
What is a DOS Attack?

Denial of Service or DoS attack is a type of network attack designed to flood the target network or machine with a large amount of useless traffic so as to overload it and eventually bring it down to its knees. The main intention behind DoS attack is to make the services running on the target machine (such as a website) temporarily unavailable to its intended users. DoS attacks are usually carried out on web servers that host vital services such as banking, e-commerce or credit card processing.

A common variant of DOS attack known as DDoS (Distributed Denial of Service) attack has become quite popular in the recent days as it is more powerful and hard to detect. A typical DoS attack has a single place of origin while a DDoS attack originates from multiple IP addresses distributed across two or more different network.

Unlike a DoS attack where the attacker uses one single computer or a network to attack the target, a DDoS the attack originates from different pre-compromised computers belonging to different networks. As the attacker uses a number of computer systems from different networks each residing in different geographical locations, the incoming traffic looks natural and therefore becomes hard to detect.
Protection Against DoS/DDoS Attacks:

DoS attacks can easily be handled by blacklisting the target IP (or range of IPs) that are found to be making too many requests/connections (in an unnatural way) to the server. However, DDoS attacks are complicated as the incoming requests seem more natural and distributed. In this case it is hard to find the difference between the genuine and malicious traffic. Taking an action at the firewall level to blacklist suspected IPs may result in false positives and therefore may affect the genuine traffic as well.
Methods Involved in DoS Attack:

The following are some of the commonly employed methods in carrying out a DoS attack:

SYN Flood Attack
Ping Flood Attack (Ping of Death)
Teardrop Attack
Peer-to-Peer Attacks

Difference between Private and Public IP Addresses

Internet Protocol (IP) addresses are usually of two types: Public and Private. If you have ever wondered to know what is the difference between a public and a private IP address, then you are at the right place.

In this post I will try to explain the difference between a public and a private IP address in layman’s terms so that it becomes simple and easy to understand.
What are Public IP Addresses?

A public IP address is assigned to every computer that connects to the Internet where each IP is unique. In this case, there cannot exist two computers with the same public IP address all over the Internet. This addressing scheme makes it possible for the computers to “find each other” online and exchange information. User has no control over the IP address (public) that is assigned to the computer. The public IP address is assigned to the computer by the Internet Service Provider as soon as the computer is connected to the Internet gateway.

A public IP address can be either static or dynamic. A static public IP address does not change and is used primarily for hosting web pages or services on the Internet. On the other hand, a dynamic public IP address is chosen from a pool of available addresses and changes each time one connects to the Internet.

Most Internet users will only have a dynamic IP assigned to their computer which goes off when the computer is disconnected from the Internet. Thus when it is re-connected it gets a new IP.

You can check your public IP address by visiting www.whatismyip.com
What are Private IP Addresses?

An IP address is considered private if the IP number falls within one of the IP address ranges reserved for private networks such as a Local Area Network (LAN). The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private networks (local networks):

10.0.0.0 – 10.255.255.255 (Total Addresses: 16,777,216)

172.16.0.0 – 172.31.255.255 (Total Addresses: 1,048,576)

192.168.0.0 – 192.168.255.255 (Total Addresses: 65,536)

Private IP addresses are used for numbering the computers in a private network including home, school and business LANs in airports and hotels which makes it possible for the computers in the network to communicate with each other.

Say for example, if a network X consists of 10 computers, each of them can be given an IP starting from 192.168.1.1 to192.168.1.10. Unlike the public IP, the administrator of the private network is free to assign an IP address of his own choice (provided the IP number falls in the private IP address range as mentioned above).

Devices with private IP addresses cannot connect directly to the Internet. Likewise, computers outside the local network cannot connect directly to a device with a private IP. It is possible to interconnect two private networks with the help of a router or a similar device that supports Network Address Translation.

If the private network is connected to the Internet (through an Internet connection via ISP), then each computer will have a private IP as well as a public IP. Private IP is used for communication within the network where as the public IP is used for communication over the Internet. Most Internet users with a DSL/ADSL connection will have both a private as well as a public IP.

You can know your private IP by typing ipconfig command in the command prompt. The number that you see against “IPV4 Address:” is your private IP which in most cases will be 192.168.1.1 or 192.168.1.2. Unlike the public IP, private IP addresses are always static in nature.
Common Myth about Private IP Address:

Most people assume that a private IP is the one used for stealth Internet activities and hence cannot be detected. But this is NOT TRUE!.

Unlike what most people think, a private IP address (unlike the private telephone number) is just like any other IP address that belongs to a private network. In reality, there is no public IP address that is impossible to trace as the protocol itself is designed for transparency.