HOME

TheInfoList



Click Here for Items Related To - bogon filtering
OR:
bogon filtering on:   [Wikipedia]   [Google]   [Amazon]

Bogon filtering is the practice of filtering bogons, which are bogus (fake)
IP address An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface ident ...
es of a
computer network A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections ar ...
. Bogons include IP packets on the public
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a ''internetworking, network of networks'' that consists ...
that contain addresses that are not in any range allocated or delegated by the
Internet Assigned Numbers Authority The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System (DNS), media types, and other Internet ...
(IANA) or a delegated
regional Internet registry A regional Internet registry (RIR) is an organization that manages the allocation and registration of Internet number resources within a region of the world. Internet number resources include IP addresses and autonomous system (AS) numbers. T ...
(RIR) and allowed for public Internet use. The areas of unallocated address space are called the bogon space. Bogons also include some address ranges from allocated space, also known as
Martian packet A Martian packet is an IP packet seen on the public Internet that contains a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA) as defined in , Appendix B Glossary (Martian Address Filte ...
s, mainly when they are being used as source address. Addresses reserved for private networks, such as those in , , and , loopback interfaces like and , and link-local addresses like and are part of it. Also addresses for Carrier-grade NAT, Teredo, and
6to4 6to4 is an Internet transition mechanism for migrating from Internet Protocol version 4 (IPv4) to version 6 (IPv6) and a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the IPv4 Internet) without the need to c ...
and documentation prefixes fall into this category. Many ISPs and end-user
firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spre ...
s filter and block bogons, because they have no legitimate use, and usually are the result of accidental misconfiguration or malicious intent. Bogons can be filtered by using router
access-control list In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object). An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on giv ...
s (ACLs), or by BGP blackholing. IP addresses that are currently in the bogon space may not be bogons at a later date because IANA and other registries frequently assign new address space to ISPs. Announcements of new assignments are often published on
network Network, networking and networked may refer to: Science and technology * Network theory, the study of graphs as a representation of relations between discrete objects * Network science, an academic field that studies complex networks Mathematics ...
operators' mailing lists (such as NANOG) to ensure that operators have a chance to remove bogon filtering for addresses that have become legitimate. For example, addresses in were not allocated prior to August 2010, but are now used by
APNIC APNIC (the Asia Pacific Network Information Centre) is the regional Internet address registry ( RIR) for the Asia-Pacific region. It is one of the world's five RIRs and is part of the Number Resource Organization (NRO). APNIC provides numbe ...
. , the
Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and ...
(IETF) recommends that, since there are no longer any unallocated IPv4 s, IPv4 bogon filters based on registration status should be removed. However, bogon filters still need to check for Martian packets.


Etymology

The term ''bogon'' stems from
hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
jargon Jargon is the specialized terminology associated with a particular field or area of activity. Jargon is normally employed in a particular communicative context and may not be well understood outside that context. The context is usually a partic ...
, with the earliest appearance in the
Jargon File The Jargon File is a glossary and usage dictionary of slang used by computer programmers. The original Jargon File was a collection of terms from technical cultures such as the MIT AI Lab, the Stanford AI Lab (SAIL) and others of the old ARPANE ...
in version 1.5.0 (dated 1983). It is defined as the quantum of ''bogosity'', or the property of being bogus. A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless. These unused IP addresses are collectively known as a bogon, a contraction of "bogus logon", or a logon from a place you know no one can actually logon.


See also

*
Reverse-path forwarding Reverse-path forwarding (RPF) is a technique used in modern routers for the purposes of ensuring loop-free forwarding of multicast packets in multicast routing and to help prevent IP address spoofing in unicast routing. In standard unicast IP r ...
*
IP hijacking BGP hijacking (sometimes referred to as prefix hijacking, route hijacking or IP hijacking) is the illegitimate takeover of groups of IP addresses by corrupting Internet routing tables maintained using the Border Gateway Protocol (BGP). Background ...
*
IP address spoofing In computer networking, IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of impersonating another computing system. Background The basic protocol for sending ...
*
Ingress filtering In computer networking, ingress filtering is a technique used to ensure that incoming packets are actually from the networks from which they claim to originate. This can be used as a countermeasure against various spoofing attacks where the at ...
* Internet background noise


References


External links


Bogons Ate My Website

Bogon traffic analysis report, netflow and spam analysis
{{Webarchive, url=https://web.archive.org/web/20150316073337/http://www.toonk.nl/bogons.php , date=2015-03-16
RIPE NCC: De-Bogonising New Address Blocks


Computer jargon Internet Protocol