IP addresses allocation is managed by a non-profit American organization called the Internet Assigned Number Authority (IANA) which has been founded by the U.S. government in 1988.
The IANA is responsible for the allocation of globally unique IP addresses that are used with the Internet Protocol (IP). There exists 2 versions of the IP protocol: IPv4 and IPv6. The first version allows up to 2^32 or 4,294,967,296 IP addresses while the second version augments this number to 2^128.
Only part of all these IP addresses is allocated for use in the public Internet. Some are reserved for private networks or for future usages. These reserved and unused IP addresses are said unallocated and called bogon IP addresses.
Threats Associated With Bogons
Since bogon IP addresses refer to non-allocated IP addresses, it means they should never be used on the public Internet. Although they have no legitimate use, bogon IP addresses are often used for malicious misconfigurations or attacks. If you see a bogon IP address in your logs, you are most probably the target of a hacker or a spammer who is initiating an attack such as a Denial-of-Service (DDoS) or a Scanning Attack.
Can you geolocalize bogon IP addresses?
Bogon IP addresses don't belong to a specific device or server on the public Internet, as such, there is no way to geolocate them. As a consequence, the Ipregistry API does not return location information for bogon IP addresses. However, you will find a dedicated field to know whether the IP address under lookup is a bogon or not.
Why do malicious people use bogon IP addresses?
Bogon IP addresses are used for malicious activities because they cannot be traced back to an existing host or source.
Why are routers not discarding bogon packets?
While bogons IP addresses should never appear in routing tables, routers will not detect bogons as they only examine the destination IP address, not the source IP address.
Is there a public list of existing bogon IP addresses?
IP address allocations change over time, that's why we recommend using an API such as the one we provide at Ipregistry to keep results up-to-date. As part of our Enterprise services, we can also provide a downloadable up-to-date list in the format of your choice. Contact sales to learn more.