1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
<p>From the maintainer <a href="http://www.team-cymru.org/bogon-reference.html" target="_blank">site</a>:</p>
<p>A bogon prefix is a route that should never appear in the Internet routing table. A packet routed over the public Internet (not including over VPNs or other tunnels) should never have a source address in a bogon range. These are commonly found as the source addresses of DDoS attacks.</p>
<p>
Bogons are defined as <b>Martians</b> (private and reserved addresses defined by RFC 1918, RFC 5735, and RFC 6598) and netblocks that have not been allocated to a regional internet registry (RIR) by the Internet Assigned Numbers Authority.
</p>
<p>
<strong>It is important to realize that the bogon list is NOT a static list.</strong>
</p>
<p>
How much does it help to filter the bogons? In one study conducted by Rob Thomas of a frequently attacked site, fully 60% of the naughty packets were obvious bogons (e.g. 127.1.2.3, 0.5.4.3, etc.).
</p>
<p>
For more information please refer to the maintainer <a href="http://www.team-cymru.org/bogon-reference.html" target="_blank">site</a>.
</p>
|
