The Bogon List (Bogus outside networks)

The Bogon list is a non-standard but highly regarded set of addresses that you should block from accessing your Network, if connected to the Internet.  Many DoS (Denial of Service) attacks come from these addresses !!!

see also  http://www.cymru.com/Bogons/index.html 

*** see Aggregated Access Lists for an explanation of how they work with less entries

If you have a Cisco router and want to prevent invalid addresses from accessing your network (e.g., spoofing) here is the current list of what is technically called the "Bogon List".  These addresses are also commonly found as the source addresses of DDoS attacks (Distributed Denial of Service).

  deny ip 0.0.0.0 1.255.255.255 any
  deny ip 2.0.0.0 0.255.255.255 any
  deny ip 5.0.0.0 0.255.255.255 any
  deny ip 7.0.0.0 0.255.255.255 any
  deny ip 10.0.0.0 0.255.255.255 any
  deny ip 23.0.0.0 0.255.255.255 any
  deny ip 27.0.0.0 0.255.255.255 any
  deny ip 31.0.0.0 0.255.255.255 any
  deny ip 36.0.0.0 1.255.255.255 any
  deny ip 39.0.0.0 0.255.255.255 any
  deny ip 41.0.0.0 0.255.255.255 any
  deny ip 42.0.0.0 0.255.255.255 any
  deny ip 49.0.0.0 0.255.255.255 any
  deny ip 50.0.0.0 0.255.255.255 any
  deny ip 58.0.0.0 0.255.255.255 any
  deny ip 59.0.0.0 0.255.255.255 any
  deny ip 60.0.0.0 0.255.255.255 any
  deny ip 70.0.0.0 1.255.255.255 any
  deny ip 72.0.0.0 7.255.255.255 any
  deny ip 82.0.0.0 1.255.255.255 any
  deny ip 84.0.0.0 3.255.255.255 any
  deny ip 88.0.0.0 7.255.255.255 any
  deny ip 96.0.0.0 31.255.255.255 any
  deny ip 169.254.0.0 0.0.255.255 any
  deny ip 172.16.0.0 0.15.255.255 any
  deny ip 192.0.2.0 0.0.0.255 any
  deny ip 192.168.0.0 0.0.255.255 any
  deny ip 197.0.0.0 0.255.255.255 any
  deny ip 198.18.0.0 0.1.255.255 any
  deny ip 201.0.0.0 0.255.255.255 any
  deny ip 222.0.0.0 1.255.255.255 any
  deny ip 223.0.0.0 0.255.255.255 any
  deny ip 224.0.0.0 31.255.255.255 any

*** click Here for an expanded Bogon list that includes other protocols