Bogons and other IP Lists I Love to Block

I love the Team Cymru Bogons lists. Bogons are unallocated IP ranges from which you should never receive traffic. These ranges are used in DDoS attacks. Like RFC 1918 addresses, these should be blocked explicitly at your network borders.

Another question I have been asked more than once recently: ‘How do you determine which IP address ranges to block?’

My answer is: It depends. If you have a business that has no interaction with China or Myanmar, find the IP ranges for these places and block them. If you only do business domestically, block the rest. If your device can handle it and has enough memory.

The minimum to block is any and all nations that the US State Department has embargoed. Traffic from Iran is not likely going to be anything but suspect if it’s hitting your firewall.


Published by

Jake G

I love logs.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s