General concepts
The Bogon IP addresses They are those that are not valid on the public Internet network and, therefore, cannot be used to route traffic through it. These IP addresses are reserved for private or internal use and are not assigned to devices on the public network.
There are several types of Bogon IP, but the most common are:
- Private IP addresses: These IP addresses are reserved for internal use on private networks, such as companies or homes. Private IP addresses are used by devices on the local network to communicate with each other and are not accessible from the Internet. Some examples of private IP addresses are:
- 10.0.0.0 – 10.255.255.255
- 172.16.0.0 – 172.31.255.255
- 192.168.0.0 – 192.168.255.255
- Unassigned or retired IP addresses: These IP addresses have not been assigned to any device or have been removed by the IP address assignment records. These addresses should not be used on any network and any traffic containing them should be blocked. Some examples of unassigned IP addresses are:
- 0.0.0.0 – 0.255.255.255
- 100.64.0.0 – 100.127.255.255
- 169.254.0.0 – 169.254.255.255
Security and Bogon IPs
The Bogon IP They can be used by malicious attackers to try to hide their identity or to carry out attacks on an internal network. For example, an attacker could attempt to send malicious traffic from an unassigned IP address to evade intrusion detection systems.
To protect against potential threats, many organizations use Bogon IP filters to block traffic coming from these invalid addresses and to prevent external attacks on your network. It is also important to ensure that devices on the internal network use private IP addresses and not public IP addresses that could interfere with traffic on the Internet.
List of Bogon IPs
- 0.0.0.0/8 reserved for self-identification [RFC1122] , section 3.2.1.3
- 10.0.0.0/8 (10.xxx) reserved for Private-Use Networks [RFC1918]
- 100.64.0.0/10 reserved for Shared Address Space [RFC6598]
- 127.0.0.0/8 reserved for Loopback [RFC1122], section 3.2.1.3
- 169.254.0.0/16 reserved for Link Local [RFC3927]
- 172.16.0.0/12 (172.16.xx – 172.31.xx) reserved for Private-Use Networks [RFC1918]
- 192.0.2.0/24 reserved for TEST-NET-1 [RFC5737].
- 192.88.99.0/24 reserved for 6to4 Relay Anycast [RFC3068]
- 192.88.99.2/32 reserved for 6a44 Relay Anycast [RFC6751
- 192.168.0.0/16 (192.168.xx) reserved for Private-Use Networks [RFC1918]
- 192.0.0.0/24 reserved for IANA IPv4 Special Purpose Address Registry [RFC5736]
- 198.18.0.0/15 reserved for Network Interconnect Device Benchmark Testing [RFC2544]
- 198.51.100.0/24 reserved for TEST-NET-2 [RFC5737]
- 203.0.113.0/24 reserved for TEST-NET-3 [RFC5737]
- Multicast (formerly “Class D”) [RFC5771]
- Unicast-Prefix-Based IPv4 Multicast Addresses [RFC6034]
- Administratively Scoped IP Multicast [RFC2365]
- Reserved for future use (formerly “Class E”) [RFC1112]
- 255.255.255.255 is reserved for “limited broadcast” destination address [RFC919] and [RFC922]
Botton line
In short, Bogon IPs are IP addresses that are not valid on the public Internet and are reserved for internal use or unassigned. It is important to know these addresses and take measures to protect yourself against possible threats.