Nmap Development mailing list archives
Comparison of reserved IP lists in Nmap and Zmap
From: David Fifield <david () bamsoftware com>
Date: Mon, 9 Sep 2013 13:48:27 -0700
I was comparing the default lists of reserved IP addresses in Nmap and Zmap. They are mostly the same with some differences. Here is a summary. Entries marked with a * are present in one list but not the other. The Nmap list (https://svn.nmap.org/nmap/libnetutil/netutil.cc, ip_is_reserved) 0.0.0.0/8 # 000/8 is IANA reserved * 6.0.0.0/8 # USA Army ISC * 7.0.0.0/8 # used for BGP protocol 10.0.0.0/8 # the infamous 10.0.0.0/8 * 55.0.0.0/8 # misc. U.S.A. Armed forces 127.0.0.0/8 # 127/8 is reserved for loopback 169.254.0.0/16 # 169.254.0.0/16 is reserved for DHCP clients seeking addresses 172.16.0.0/12 # 172.16.0.0/12 is reserved for private nets by RFC1819 192.0.2.0/24 # 192.0.2.0/24 is reserved for documentation and examples (RFC5737) 192.88.99.0/24 # 192.88.99.0/24 is used as 6to4 Relay anycast prefix by RFC3068 192.168.0.0/16 # 192.168.0.0/16 is reserved for private nets by RFC1819 * 198.18.0.0/15 # 198.18.0.0/15 is used for benchmark tests by RFC2544 198.51.100.0/24 # 198.51.100.0/24 is reserved for documentation (RFC5737) 203.0.113.0/24 # 203.0.113.0/24 is reserved for documentation (RFC5737) 224.0.0.0/4 # 224-239/8 is all multicast stuff 240.0.0.0/4 # 240-255/8 is IANA reserved The Zmap list (https://github.com/zmap/zmap/blob/master/conf/blacklist.conf) 0.0.0.0/8 # RFC1122: "This host on this network" 10.0.0.0/8 # RFC1918: Private-Use * 100.64.0.0/10 # RFC6598: Shared Address Space 127.0.0.0/8 # RFC1122: Loopback 169.254.0.0/16 # RFC3927: Link Local 172.16.0.0/12 # RFC1918: Private-Use * 192.0.0.0/24 # RFC6890: IETF Protocol Assignments 192.0.2.0/24 # RFC5737: Documentation (TEST-NET-1) * 192.18.0.0/15 # RFC2544: Benchmarking 192.88.99.0/24 # RFC3068: 6to4 Relay Anycast 192.168.0.0/16 # RFC1918: Private-Use 198.51.100.0/24 # RFC5737: Documentation (TEST-NET-2) 203.0.113.0/24 # RFC5737: Documentation (TEST-NET-3) 224.0.0.0/4 # RFC5771: Multicast/Reserved 240.0.0.0/4 # RFC1112: Reserved * 255.255.255.255/32 # RFC0919: Limited Broadcast Overall, the Nmap list contains 638,845,952 addresses, and the Zmap list contains 592,708,865. It looks like Nmap should add 100.64.0.0/10 and 192.0.0.0/24 from recent RFCs. I don't know anything about the 6.0.0.0/8, 7.0.0.0/8, and 55.0.0.0/8 networks or why they're on the list. The discrepancy between 192.18.0.0/15 (Zmap) and 198.18.0.0/15 (Nmap) looks like it is caused by a typo in RFC 2544, and Nmap is correct in this case. Look for "Errata ID: 423" on this page: http://www.rfc-editor.org/errata_search.php?rfc=2544 In Section C.2.2: The network addresses 192.18.0.0 through 198.19.255.255 are have been assigned to the BMWG by the IANA for this purpose. It should say: The network addresses 198.18.0.0 through 198.19.255.255 have been assigned to the BMWG by the IANA for this purpose. David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Comparison of reserved IP lists in Nmap and Zmap David Fifield (Sep 09)
- Re: Comparison of reserved IP lists in Nmap and Zmap David Fifield (Sep 09)