Does anyone know the status of this netblock? I've come across a malware
sample configured to callback to an IP in that range but it does not appear
to be routable. Yet, it is not mentioned in RFC 5735 nor does it have any
whois information.
nothing that is authoritative (anymore)… 1996-2000
last century, 192.0.0.0/24 and 192.0.1.0/24 were identified as usable address blocks, post-CIDR testing/evaluation.
they were both earmarked for use in the (then) four new root servers (which became J, K, L, and M)… they were
then supposed to be used as the blocks for the root zone distribution masters.
ICANN emerged and claimed them for itself, at one point using them for internal ICANN networking.
I lost interest/control at that point and don;t know what happened after that.
Harley is correct that 192.0.1/24 is mentioned in 1166, but AFAICS after cursory examination it has fallen through the cracks since then. (Note, this is not the same as 192.0.2/24, which has been updated in several RFCs recently, including 6303 by Mark Andrews (cc'ed for his information).
I've also cc'ed Leo and Michelle from ICANN so that hopefully they can see about getting some whois info set up for that network. Michelle, let me know if it would be easier for you if I opened a ticket for this request.
I've also cc'ed Leo and Michelle from ICANN so that hopefully they
can see about getting some whois info set up for that network.
Michelle, let me know if it would be easier for you if I opened a
ticket for this request.
As Harley correctly notes, in 1990 192.0.1.0/24 was listed in RFC
1166 as BBN-TEST-C. RFC 1166 was one in a series of status reports
on the distribution of Internet Number Resources and other protocol
parameters that started in the 1970s and continued until RFC 1700,
which was published in 1994. Eight years later, RFC 3232 noted that
the function provided by those reports had been provided via an
online database since 1994.
RFC 3232 noted that the periodic status reports might be continued
by a new organization. Most of that reporting responsibility was
taken on by the RIRs. However, in 2002 RFC 3330 provided an update
on the special use IPv4 addresses that had been assigned in various
RFCs. RFC 3330 did not include any mention of 192.0.1.0/24 and nor
did its successor, RFC 5735.
RFC 6890 was published In 2013 and created a pair of IANA registries
for special-purpose IPv4 and IPv6 addresses. 192.0.1.0/24 is not
listed in the IANA IPv4 Special-Purpose Address Registry
(IANA IPv4 Special-Purpose Address Registry) and
has no special purpose. ARIN is the administrator of 192.0.0.0/8 and
other than special-purpose assignments registered in accordance with
the requirements of section 4.3 of RFC 2860, addresses in this /8
are allocated according to ARIN policy.