Friday, January 31, 2014

How to verify or build a BOGON list


The folks at cymru has a DNSbased BOGON listing that's available to anybody that can execute a AXFR against their DNS-server;

e.g

dig @ns1.cymru.com. axfr bogons.cymru.com. | grep bogons | grep 127.0.0.2


A entry in this DNS listing can then be used to check your BOGON list or you can take the reverse output and convert it to to either a cisco wildcard or cidr format.

e.g




So you can write a ACL listing with confidence to meet your needs;

e.g

deny 169.254.0.0/16

deny 169.254.0.0 0.0.255.255
deny 169.254.0.0 255.255.0.0

 NOTE: great if you need to check the format for a BOGON entry


Ken Felix
Freelance Network / Security Engineer
kfelix  ----a---t---socpuppets ---d---o---t---com

     ^      ^
=(   ^   ^  )=
          o
       /     \
.



No comments:

Post a Comment