Friday, December 27, 2013

IANA — Abuse Issues

Does it look like we're attacking you?

Some of the most common things we hear are "My network is under attack by IANA!" and "IANA is spamming me!" If you think this is the case, please take a few moments to read this page.

The Internet Assigned Numbers Authority, or IANA, is responsible for the global coordination of IP addresses. Most of the used numbers are allocated via a regional allocation system to your ISP, which then automatically assigns one or more to you.

There are, however, special sets of numbers that are designed not to be assigned to any particular person. Instead, they are general allocations that are either used in special ways, or designed for people to use internally within local networks.

These numbers are primarily in the following ranges:

  • Begins with 10. (i.e. 10.0.0.0 through to 10.255.255.255)
  • Begins with 127.
  • Begins with 169.254.
  • Begins with 172.16. through 172.31.
  • Begins with 192.168.
  • Shows up in your logs with a name like blackhole-1.iana.org

There are additional ranges of numbers that are also marked as "IANA Reserved" and similarly are not operated by IANA, although these are the most common ones we receive abuse reports concerning.

If you are seeing unexplained Internet traffic to your computer from these numbers, it is important to remember the following things:

  • The traffic does not come from IANA. As the authority for IP addresses, we have simply reserved these numbers in our databases, but we do not use or operate them, and we are not the source of the traffic.

  • As use of these numbers is untracked and unrestricted, we can not tell you who is using these numbers.

  • It is perfectly normal to see traffic from these numbers if you have a small home or office network. By default, most routers and access points use these numbers to assign to your local computers. It is most likely these numbers represent computers on your own internal network.

  • If you see these numbers in the headers of an unsolicited email, they usually indicate transit between servers within a corporate network or ISP. They are not useful in identifying the origin of an email. In such cases you can usually find the true origin by looking for the earliest "Received" mail header that is not an IANA Reserved address.

For more information on this topic, please read our more detailed Abuse Questions and Answers.



Elyssa D. Durant. Ed.M.
Research &  Policy Analyst
  

No comments:

Post a Comment