Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Comparison of reserved IP lists in Nmap and Zmap
From: David Fifield <david () bamsoftware com>
Date: Mon, 9 Sep 2013 13:48:27 -0700

I was comparing the default lists of reserved IP addresses in Nmap and
Zmap. They are mostly the same with some differences. Here is a summary.

Entries marked with a * are present in one list but not the other.

The Nmap list (https://svn.nmap.org/nmap/libnetutil/netutil.cc, ip_is_reserved)
  0.0.0.0/8           # 000/8 is IANA reserved
* 6.0.0.0/8           # USA Army ISC
* 7.0.0.0/8           # used for BGP protocol
  10.0.0.0/8          # the infamous 10.0.0.0/8
* 55.0.0.0/8          # misc. U.S.A. Armed forces
  127.0.0.0/8         # 127/8 is reserved for loopback
  169.254.0.0/16      # 169.254.0.0/16 is reserved for DHCP clients seeking addresses
  172.16.0.0/12       # 172.16.0.0/12 is reserved for private nets by RFC1819
  192.0.2.0/24        # 192.0.2.0/24 is reserved for documentation and examples (RFC5737)
  192.88.99.0/24      # 192.88.99.0/24 is used as 6to4 Relay anycast prefix by RFC3068
  192.168.0.0/16      # 192.168.0.0/16 is reserved for private nets by RFC1819
* 198.18.0.0/15       # 198.18.0.0/15 is used for benchmark tests by RFC2544
  198.51.100.0/24     # 198.51.100.0/24 is reserved for documentation (RFC5737)
  203.0.113.0/24      # 203.0.113.0/24 is reserved for documentation (RFC5737)
  224.0.0.0/4         # 224-239/8 is all multicast stuff
  240.0.0.0/4         # 240-255/8 is IANA reserved

The Zmap list (https://github.com/zmap/zmap/blob/master/conf/blacklist.conf)
  0.0.0.0/8           # RFC1122: "This host on this network"
  10.0.0.0/8          # RFC1918: Private-Use
* 100.64.0.0/10       # RFC6598: Shared Address Space
  127.0.0.0/8         # RFC1122: Loopback
  169.254.0.0/16      # RFC3927: Link Local
  172.16.0.0/12       # RFC1918: Private-Use
* 192.0.0.0/24        # RFC6890: IETF Protocol Assignments
  192.0.2.0/24        # RFC5737: Documentation (TEST-NET-1)
* 192.18.0.0/15       # RFC2544: Benchmarking
  192.88.99.0/24      # RFC3068: 6to4 Relay Anycast
  192.168.0.0/16      # RFC1918: Private-Use
  198.51.100.0/24     # RFC5737: Documentation (TEST-NET-2)
  203.0.113.0/24      # RFC5737: Documentation (TEST-NET-3)
  224.0.0.0/4         # RFC5771: Multicast/Reserved
  240.0.0.0/4         # RFC1112: Reserved
* 255.255.255.255/32  # RFC0919: Limited Broadcast

Overall, the Nmap list contains 638,845,952 addresses, and the Zmap list
contains 592,708,865.

It looks like Nmap should add 100.64.0.0/10 and 192.0.0.0/24 from recent
RFCs. I don't know anything about the 6.0.0.0/8, 7.0.0.0/8, and
55.0.0.0/8 networks or why they're on the list.

The discrepancy between 192.18.0.0/15 (Zmap) and 198.18.0.0/15 (Nmap)
looks like it is caused by a typo in RFC 2544, and Nmap is correct in
this case. Look for "Errata ID: 423" on this page:
        http://www.rfc-editor.org/errata_search.php?rfc=2544
In Section C.2.2:
        The network addresses 192.18.0.0 through 198.19.255.255 are have
        been assigned to the BMWG by the IANA for this purpose.
It should say:
        The network addresses 198.18.0.0 through 198.19.255.255 have
        been assigned to the BMWG by the IANA for this purpose.

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]