Home page logo

nmap-dev logo Nmap Development mailing list archives

Comparison of reserved IP lists in Nmap and Zmap
From: David Fifield <david () bamsoftware com>
Date: Mon, 9 Sep 2013 13:48:27 -0700

I was comparing the default lists of reserved IP addresses in Nmap and
Zmap. They are mostly the same with some differences. Here is a summary.

Entries marked with a * are present in one list but not the other.

The Nmap list (https://svn.nmap.org/nmap/libnetutil/netutil.cc, ip_is_reserved)           # 000/8 is IANA reserved
*           # USA Army ISC
*           # used for BGP protocol          # the infamous
*          # misc. U.S.A. Armed forces         # 127/8 is reserved for loopback      # is reserved for DHCP clients seeking addresses       # is reserved for private nets by RFC1819        # is reserved for documentation and examples (RFC5737)      # is used as 6to4 Relay anycast prefix by RFC3068      # is reserved for private nets by RFC1819
*       # is used for benchmark tests by RFC2544     # is reserved for documentation (RFC5737)      # is reserved for documentation (RFC5737)         # 224-239/8 is all multicast stuff         # 240-255/8 is IANA reserved

The Zmap list (https://github.com/zmap/zmap/blob/master/conf/blacklist.conf)           # RFC1122: "This host on this network"          # RFC1918: Private-Use
*       # RFC6598: Shared Address Space         # RFC1122: Loopback      # RFC3927: Link Local       # RFC1918: Private-Use
*        # RFC6890: IETF Protocol Assignments        # RFC5737: Documentation (TEST-NET-1)
*       # RFC2544: Benchmarking      # RFC3068: 6to4 Relay Anycast      # RFC1918: Private-Use     # RFC5737: Documentation (TEST-NET-2)      # RFC5737: Documentation (TEST-NET-3)         # RFC5771: Multicast/Reserved         # RFC1112: Reserved
*  # RFC0919: Limited Broadcast

Overall, the Nmap list contains 638,845,952 addresses, and the Zmap list
contains 592,708,865.

It looks like Nmap should add and from recent
RFCs. I don't know anything about the,, and networks or why they're on the list.

The discrepancy between (Zmap) and (Nmap)
looks like it is caused by a typo in RFC 2544, and Nmap is correct in
this case. Look for "Errata ID: 423" on this page:
In Section C.2.2:
        The network addresses through are have
        been assigned to the BMWG by the IANA for this purpose.
It should say:
        The network addresses through have
        been assigned to the BMWG by the IANA for this purpose.

David Fifield
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]