Get Started Book a Demo

Bogon

10th March 2021 | Cybrary Bogon


bogon cyber term

A Bogon is an IP address (IPv4 or IPv6) that has yet to be officially assigned for use by the Internet Assigned Number Authority (IANA). As such they are unassigned and unrouted on the Internet.  Bogons can be intentionally misused by hackers to hide their attacks by hiding their source IP address (hackers). Only connectionless (UDP/ICMP) attacks can be used in these cases, but for these forms of attack, there are many options. (See an early example in a “Ping of Death”).

IP addresses enable the Internet to function, uniquely identifying a company’s website or mail servers, and connecting  unique endpoints together for seamless and consistently reliable communication. IANA, and other Internet registries, assign and track IP address assignments.

Some IP addresses may only be considered a bogon temporarily, as the IANA registry is constantly updating and assigning new address spaces.

What does this mean for an SMB?

Hacker attacks in the early 2000s came from BOGON IP addresses as often as 60% of the time but by 2009 that had dropped down to less than 5% of the time. BOGON filtering by Internet Service Providers means they aren’t seen on public networks today. However, good hackers are very aware of bogon networks and can use them for targeted attacks and exploits. For example, they’re often used by hackers conducting Distributed Denial-of-Service (DDoS) attack. This is because bogon packets can’t be traced back to a real host or source. 

Many technologies help protect you from bogon attacks including: 

In addition to these actions, it’s critical that your organization adopts cybersecurity awareness training, phishing tests, policy guidance, and dark web reporting to ensure your company is properly secured online today. 

https://youtu.be/eXC87A5e0aQ

Sources: 

TechTarget

RuleGate

Additional Reading:

Bogons: Don’t Let Them In or Through Your Networks

Related Terms:

Firewall

IPSec

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Domain Takedowns: How to Remove Fraudulent and Typo-squatted Domains and Websites
28th October 2025 | Blog

Domain Takedowns: How to Remove Fraudulent and Typo-squatted Domains and Websites

In cybersecurity, not all attacks happen through fancy malware or zero-day exploits. Some of the most effective...

Read more
The AI Threat Awakens: What OpenAI’s Latest Report Reveals About Cybercrime
14th October 2025 | Blog

The AI Threat Awakens: What OpenAI’s Latest Report Reveals About Cybercrime

The rapid rise of generative AI has unlocked enormous promise, but it’s also accelerating the arms race in...

Read more
Klopatra: New Android Trojan Drains Bank Accounts via Hidden VNC
7th October 2025 | Blog

Klopatra: New Android Trojan Drains Bank Accounts via Hidden VNC

Newly discovered Android banking Remote Access Trojan (RAT), dubbed Klopatra, has compromised more than 3,000...

Read more
Get Started All Posts