[nsp-sec] Bogon feed
Jan Boogman
boogman at ip-plus.net
Thu Mar 11 02:22:27 EST 2010
Hi Hank
I receive a total 30 bogon prefixes, including 172.16/12:
i79zhh-020#sh ip b nei 68.22.187.24 received-routes
BGP table version is 50124867, local router ID is 164.128.32.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 5.0.0.0 68.22.187.24 0 0 65333 i
* 10.0.0.0 68.22.187.24 0 0 65333 i
* 14.0.0.0 68.22.187.24 0 0 65333 i
* 23.0.0.0 68.22.187.24 0 0 65333 i
* 31.0.0.0 68.22.187.24 0 0 65333 i
* 36.0.0.0 68.22.187.24 0 0 65333 i
* 37.0.0.0 68.22.187.24 0 0 65333 i
* 39.0.0.0 68.22.187.24 0 0 65333 i
* 42.0.0.0 68.22.187.24 0 0 65333 i
* 49.0.0.0 68.22.187.24 0 0 65333 i
* 100.0.0.0 68.22.187.24 0 0 65333 i
* 101.0.0.0 68.22.187.24 0 0 65333 i
* 102.0.0.0 68.22.187.24 0 0 65333 i
* 103.0.0.0 68.22.187.24 0 0 65333 i
* 104.0.0.0 68.22.187.24 0 0 65333 i
* 105.0.0.0 68.22.187.24 0 0 65333 i
* 106.0.0.0 68.22.187.24 0 0 65333 i
* 169.254.0.0 68.22.187.24 0 0 65333 i
* 172.16.0.0/12 68.22.187.24 0 0 65333 i
* 176.0.0.0/8 68.22.187.24 0 0 65333 i
* 177.0.0.0/8 68.22.187.24 0 0 65333 i
* 179.0.0.0/8 68.22.187.24 0 0 65333 i
* 181.0.0.0/8 68.22.187.24 0 0 65333 i
* 185.0.0.0/8 68.22.187.24 0 0 65333 i
* 192.0.2.0 68.22.187.24 0 0 65333 i
* 192.168.0.0/16 68.22.187.24 0 0 65333 i
* 198.18.0.0/15 68.22.187.24 0 0 65333 i
* 198.51.100.0 68.22.187.24 0 0 65333 i
* 203.0.113.0 68.22.187.24 0 0 65333 i
* 223.0.0.0/8 68.22.187.24 0 0 65333 i
Total number of prefixes 30
Cheers
Jan
Am 11.03.2010 um 06:53 schrieb Hank Nussbacher:
> ----------- nsp-security Confidential --------
>
> I am looking at:
> http://www.cymru.com/Documents/bogon-bn-agg.txt
>
> Yet on my feed I am missing an important Bogon:
>
> gp1#sho ip bgp nei 68.22.187.24 routes
> BGP table version is 3248463, local router ID is 128.139.220.90
> Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
> S Stale
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
> *> 5.0.0.0 68.22.187.24 0 0 65333 i
> *> 10.0.0.0 68.22.187.24 0 0 65333 i
> *> 14.0.0.0 68.22.187.24 0 0 65333 i
> *> 23.0.0.0 68.22.187.24 0 0 65333 i
> *> 31.0.0.0 68.22.187.24 0 0 65333 i
> *> 36.0.0.0 68.22.187.24 0 0 65333 i
> *> 37.0.0.0 68.22.187.24 0 0 65333 i
> *> 39.0.0.0 68.22.187.24 0 0 65333 i
> *> 42.0.0.0 68.22.187.24 0 0 65333 i
> *> 49.0.0.0 68.22.187.24 0 0 65333 i
> *> 100.0.0.0 68.22.187.24 0 0 65333 i
> *> 101.0.0.0 68.22.187.24 0 0 65333 i
> *> 102.0.0.0 68.22.187.24 0 0 65333 i
> *> 103.0.0.0 68.22.187.24 0 0 65333 i
> *> 104.0.0.0 68.22.187.24 0 0 65333 i
> *> 105.0.0.0 68.22.187.24 0 0 65333 i
> *> 106.0.0.0 68.22.187.24 0 0 65333 i
> *> 169.254.0.0 68.22.187.24 0 0 65333 i
> *> 176.0.0.0/8 68.22.187.24 0 0 65333 i
> *> 177.0.0.0/8 68.22.187.24 0 0 65333 i
> *> 179.0.0.0/8 68.22.187.24 0 0 65333 i
> *> 181.0.0.0/8 68.22.187.24 0 0 65333 i
> *> 185.0.0.0/8 68.22.187.24 0 0 65333 i
> *> 192.0.2.0 68.22.187.24 0 0 65333 i
> *> 192.168.0.0/16 68.22.187.24 0 0 65333 i
> *> 198.18.0.0/15 68.22.187.24 0 0 65333 i
> *> 198.51.100.0 68.22.187.24 0 0 65333 i
> *> 203.0.113.0 68.22.187.24 0 0 65333 i
> Network Next Hop Metric LocPrf Weight Path
> *> 223.0.0.0/8 68.22.187.24 0 0 65333 i
>
> Total number of prefixes 29
>
> I see that RFC1918: 172.16.0.0/12 is missing. Is this only me?
>
> I also note that based on:
> http://www.cymru.com/Documents/bogon-list.html
> the prefixes from change 1.9 that were added in April 2003 have been silently removed from the list since IANA has allocated them but this page has not been updated as to that fact.
>
> Regards,
> Hank
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
---
Jan Boogman - CCIE#7345
Swisscom - IP-Plus Internet Services - AS3303
boogman at ip-plus.net - +41 31 342 39 35
INOC-DBA 3303*JAN
More information about the nsp-security
mailing list