I used the ones Cisco outlined in their document IOS Essentials every ISP Should Know. Here is a copy of the list I use for out clients:
deny ip host 0.0.0.0 any log deny ip 127.0.0.0 0.255.255.255 any log deny ip 10.0.0.0 0.255.255.255 any log deny ip 172.16.0.0 0.15.255.255 any log deny ip 192.168.0.0 0.0.255.255 any log deny ip xxx.xxx.xxx.0 0.0.0.255 any log deny ip 224.0.0.0 31.255.255.255 any log
We are denyingy anyone that claims that their IP address is 0.0.0.0, Loopback addresses, all of the RFC 1918 addresses, address coming into us claiming they belong to our subnet, and multicast addresses. It seems to work for us. I also turn of ip directed broadcasts to minimize smurf/DoS attacks. If you would like a copy of the document I used, let me know and I'll e-mail a copy to you.
Its also useful to block 192.0.2.0/24 - the test network. so designated for documentation use 169.254.0.0/16 - the link-local network. I'm not convinced that blocking native multicast is a good idea. --bill