Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

How To Trace an IP Address: Myth Versus Reality

There’s a common misconception that it’s easy to trace an IP address to the computer to which it’s assigned, and be able to identify the computer’s location.

It’s certainly not easy, and depending on who you are, it may not even be possible.

Become a Patron of Ask Leo! and go ad-free!

IP Addresses

An IP (or “Internet Protocol”) address is the unique number assigned to every device connected to a network. They are used to route data between devices. Much like your mailing address identifies the physical location of your mailbox and tells your mail carrier where to deliver your mail, a device’s IP address tells the internet where to send the data destined for your computer.

But while an IP address is like a physical address, it’s important to realize that it isn’t one.

IP Address SearchIP addresses are based on your internet service provider, not on where you are. For example, the IP address assigned to your computer at home will be radically different than the one assigned to your neighbor next door if you use different ISPs. Even if you do use the same ISP, there are no rules or practices that would make your IP addresses appear “close” to one another.

While technically inaccurate, the best way to think of it is that IP addresses are assigned at the whim of the ISP providing the internet connection.

Movies and TV shows lie

Television and movie dramas lead us to believe that given an IP address, a criminal can be located in minutes.

It’s nowhere near that easy.

Public information about an IP address tells you which ISP provides it, and not much else.

Some additional information might be available to indicate the area where the IP address resides, but that is rarely more specific than what country, or perhaps what city, it’s in.1

As we saw above, the ISP holds the key. The ISP that “owns” the IP address assigned to your computer also knows where you live; that’s where they send your bill or hook up the wires.

Most ISPs adhere to a strict privacy policy that prevents them from disclosing that information. That’s why you may be able to identify the ISP involved and nothing more.

For more, you need help.

Enter the courts

Police and the courts can, with appropriate cause, request or even demand the location connected to an IP address.

Typically2, that means that law enforcement professionals go to a judge and provide evidence of reasonable cause that a crime has been committed, at which point the judge issues an order compelling the ISP to release the information.

If there’s nothing to suggest a crime has been committed, then in theory even law enforcement cannot get the information.

This puts those victims of cyberbullying and other forms of online harassment at a disadvantage. As long as the activity is technically “legal”, there’s little that can be done to trace the offender. Fortunately, many locations are passing laws that  address these situations more directly and allow law enforcement to trace offenders.

Privacy is a two-way street

While it’s certainly important that IP address locations be available when needed, privacy is also an important concern. Since your computer’s IP address is available whenever you use the internet, you don’t want someone random to use it to locate you.

ISPs are important gatekeepers of that privacy.

The reality is, an IP address does uniquely identify a connection to the internet, and that information can be used to determine a physical location.

The myth is that it’s easy. It’s not. Important privacy practices prevent that level of detail from being available to the general public. Typically ISPs and law enforcement must be involved.

Podcast audio

Play

Video Narration

Footnotes

1: That implies services claiming to be able to pinpoint the location of a specific IP address using only publicly available information are misleading at best.

2: This will vary depending on the laws where the ISP is located, and perhaps in the location of the IP address in question as well.

13 comments on “How To Trace an IP Address: Myth Versus Reality”

  1. Another point : With most ISP, the IP addresses are dynamic. They can change at any time for a multitude of reasons. The IP address that you have now may, in a few second, get assigned to someone else, maybe over 200Km away.

  2. About “Movies and TV shows lie”. Sometime back a new TV show was introduced in which four young computer nerds helped the government solve problems. In the first show the plot was that there was a disease epidemic. These characters sat in some warehouse and feverishly typed on their laptops for an hour of the show and at the end the epidemic was solved. Sadly this show is still on the air.

    • …but TV shows are totally divorced from reality. Methinks most people “actually” understand that. After all, how many people believe that what MacGyver does is in any way reality or achievable?

      • It’s not black or white (believe or do not believe) — TV and movies definitely set unrealistic expectations. People may not believe that it takes a random hacked 2 minutes to trace an IP address to a specific location, but it does set their expectation that a government agency can (highly unlikely, for any number of reasons), or that it’s doable in some short time that’s greater than 2 minutes, but still less than reality.

  3. Having worked as a telecom consultant for over 26 years I’m familiar with how ISPs allocate IP addresses. Most if not all have a dedicated server for this task including log files as Leo noted. The general rule is that all assigned IP addresses are dynamic for a given session. That means that every time you “disconnect” from the ISP (like shutting down your PC) & then reconnect, another IP address is assigned by the server. Based on server software, it may turn out to be the same IP address that you previously had if it hasn’t already been reallocated to someone else. For a fee, the ISP will assign a static IP address (it stays the same) for a given location, usually for commercial entities but individuals can also purchase them. The IP server has this info so it knows to reassign the same IP address after a reconnect.

    IPv4 addresses are a scarce resource (ISPs are assigned blocks of IP addresses & get new blocks allocated to them as the previous block gets used up) so ISPs try to make the most of them by reusing them as much as possible. Those blocks are allocated by The Internet Assigned Numbers Authority (IANA), a function of ICANN. Today most ISPs have converted to IPv6 which relieves the pressure to reuse IP addresses but the ISPs still utilize their reuse schema since they still work with an IP allocation block assigned to them. BTW, The biggest obstacle the ISPs had to converting to IPv6 was duplicate IPv4 addresses in different isolated regions of the network. That and the ISPs were at the mercy of their software vendors to upgrade the software to support IPv6. Hope this explanation helps.

    • Can’t speak for what happens in the US, or Canada for that matter, but in New Zealand virtually all cable or Fibre connections are static IP addresses. Those still on dial up, people out in the wop wops for example, may change their IP addresses every time they log on, but they are relatively few in number.

      I’m on cable and nothing changes. I turn my computer off but my wife and son can connect via their computer/laptop/mobile device which would all obviously have connection via the modem and router, same as me.

      Maybe the IP address resides in the router? I’m not that technically savvy to know about that one way or the other.

      • IP address is assigned by the equipment on the ISP side. Long term, always on connections can certainly be assigned a static IP, but often it’s really just a dynamic IP address that has no reason to be changed. In my case (always on cable) I see the IP address change a time or two every year. No idea why, other than presumed network reconfiguration at my ISP.

    • A VPN makes it even harder to trace the IP address, but the VPN provider has the potential to have all the information and may or may not be subject to needing to respond to legal warrants.

      • If the VPN is in another country, tracing the IP address would be nearly impossible. The technical steps would be similar, but an international warrant would be nearly impossible and probably take weeks to obtain if justified.

  4. The process for locating the owner of an IP address begins with the police requesting a warrant to present to the sender’s ISP and then contacting the ISP and waiting for them to look up the address. My guess is that it would take, at least, a few hours.

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.