Blacklist (computing)

"Blocklist" redirects here. For the song by Lil Durk, see Blocklist (song).
For Wikipedia guidelines, see Wikipedia:Spam blacklist
Screenshot of a website blocking the creation of content which matches a regular expression term on its blacklist

In computing, a blacklist, disallowlist, blocklist, or denylist is a basic access control mechanism that allows through all elements (email addresses, users, passwords, URLs, IP addresses, domain names, file hashes, etc.), except those explicitly mentioned. Those items on the list are denied access. The opposite is a whitelist, allowlist, or passlist, in which only items on the list are let through whatever gate is being used. A greylist contains items that are temporarily blocked (or temporarily allowed) until an additional step is performed.

Blacklists can be applied at various points in a security architecture, such as a host, web proxy, DNS servers, email server, firewall, directory servers or application authentication gateways. The type of element blocked is influenced by the access control location.[1] DNS servers may be well-suited to block domain names, for example, but not URLs. A firewall is well-suited for blocking IP addresses, but less so for blocking malicious files or passwords.

Example uses include a company that might prevent a list of software from running on its network, a school that might prevent access to a list of websites from its computers, or a business that wants to ensure their computer users are not choosing easily guessed, poor passwords.

Examples of systems protected

Blacklists are used to protect a variety of systems in computing. The content of the blacklist is likely needs to be targeted to the type of system defended.[2]

Information systems

An information system includes end-point hosts like user machines and servers. A blacklist in this location may include certain types of software that are not allowed to run in the company environment. For example, a company might blacklist peer to peer file sharing on its systems. In addition to software, people, devices and Web sites can also be blacklisted.[3]

Email

Most email providers have an anti-spam feature that essentially blacklists certain email addresses if they are deemed unwanted. For example, a user who wearies of unstoppable emails from a particular address may blacklist that address, and the email client will automatically route all messages from that address to a junk-mail folder or delete them without notifying the user.

An e-mail spam filter may keep a blacklist of email addresses, any mail from which would be prevented from reaching its intended destination. It may also use sending domain names or sending IP addresses to implement a more general block.

In addition to private email blacklists, there are lists that are kept for public use, including:

Web browsing

The goal of a blacklist in a web browser is to prevent the user from visiting a malicious or deceitful web page via filtering locally. A common web browsing blacklist is Google's Safe Browsing, which is installed by default in Firefox, Safari, and Chrome.

Usernames and passwords

Blacklisting can also apply to user credentials. It is common for systems or websites to blacklist certain reserved usernames that are not allowed to be chosen by the system or website's user populations. These reserved usernames are commonly associated with built-in system administration functions. Also usually blocked by default are profane words and racial slurs.

Password blacklists are very similar to username blacklists but typically contain significantly more entries than username blacklists. Password blacklists are applied to prevent users from choosing passwords that are easily guessed or are well known and could lead to unauthorized access by malicious parties. Password blacklists are deployed as an additional layer of security, usually in addition to a password policy, which sets the requirements of the password length and/or character complexity. This is because there are a significant number of password combinations that fulfill many password policies but are still easily guessed (i.e., Password123, Qwerty123).

Distribution methods

Blacklists are distributed in a variety of ways. Some use simple mailing lists. A DNSBL is a common distribution method that leverages the DNS itself. Some lists make use of rsync for high-volume exchanges of data.[6] Web-server functions may be used; either simple GET requests may be used or more complicated interfaces such as a RESTful API.

Examples

  • Companies like Google, Symantec and Sucuri keep internal blacklists of sites known to have malware and they display a warning before allowing the user to click them.
  • Content-control software such as DansGuardian and SquidGuard may work with a blacklist in order to block URLs of sites deemed inappropriate for a work or educational environment. Such blacklists can be obtained free of charge or from commercial vendors such as Squidblacklist.org.
  • There are also free blacklists for Squid (software) proxy, such as Blackweb
  • A firewall or IDS may also use a blacklist to block known hostile IP addresses and/or networks. An example for such a list would be the OpenBL project.
  • Many copy protection schemes include software blacklisting.
  • The company Password RBL offers a password blacklist for Microsoft's Active Directory, web sites and apps, distributed via a RESTful API.
  • Members of online auction sites may add other members to a personal blacklist. This means that they cannot bid on or ask questions about your auctions, nor can they use a "buy it now" function on your items.
  • Yet another form of list is the yellow list which is a list of email server IP addresses that send mostly good email but do send some spam. Examples include Yahoo, Hotmail, and Gmail.[citation needed] A yellow listed server is a server that should never be accidentally blacklisted. The yellow list is checked first and if listed then blacklist tests are ignored.
  • In Linux modprobe, the blacklist modulename entry in a modprobe configuration file indicates that all of the particular module's internal aliases are to be ignored. There are cases where two or more modules both support the same devices, or a module invalidly claims to support a device.
  • Many web browsers have the ability to consult anti-phishing blacklists in order to warn users who unwittingly aim to visit a fraudulent website.
  • Many peer-to-peer file sharing programs support blacklists that block access from sites known to be owned by companies enforcing copyright. An example is the Bluetack[7] blocklist set.

Usage considerations

As expressed in a recent conference paper focusing on blacklists of domain names and IP addresses used for Internet security, "these lists generally do not intersect. Therefore, it appears that these lists do not converge on one set of malicious indicators."[8][9] This concern combined with an economic model[10] means that, while blacklists are an essential part of network defense, they need to be used in concert with whitelists and greylists.

Controversy over terminology

See also: Inclusive language

Some major technology companies and institutions have publicly distanced themselves from the term blacklist due to a perceived connection with racism, instead recommending the terms denylist or blocklist.[11][12][13][14][15][16] The term's connection with racism, as well as the value in avoiding its use has been disputed.[15][17][better source needed]

References

  1. ^ Shimeall, Timothy; Spring, Jonathan (2013-11-12). Introduction to Information Security: A Strategic-Based Approach. Newnes. ISBN 9781597499729.
  2. ^ "Domain Blacklist Ecosystem – A Case Study". insights.sei.cmu.edu. 17 June 2015. Retrieved 2016-02-04.
  3. ^ Rainer, Watson (2012). Introduction to Information Systems. Wiley Custom Learning Solutions. ISBN 978-1-118-45213-4.
  4. ^ "反垃圾邮件联盟". Archived from the original on 2015-08-11. Retrieved 2015-08-10.
  5. ^ "Fabelsources – Blacklist".
  6. ^ "Guidelines". www.surbl.org. Retrieved 2016-02-04.
  7. ^ "B.I.S.S. Forums – FAQ – Questions about the Blocklists". Bluetack Internet Security Solutions. Archived from the original on 2008-10-20. Retrieved 2015-08-01.
  8. ^ Metcalf, Leigh; Spring, Jonathan M. (2015-01-01). "Blacklist Ecosystem Analysis". Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security. pp. 13–22. doi:10.1145/2808128.2808129. ISBN 9781450338226. S2CID 4720116.
  9. ^ Kührer, Marc; Rossow, Christian; Holz, Thorsten (2014-09-17). "Paint It Black: Evaluating the Effectiveness of Malware Blacklists". In Stavrou, Angelos; Bos, Herbert; Portokalidis, Georgios (eds.). Research in Attacks, Intrusions and Defenses. Lecture Notes in Computer Science. Vol. 8688. Springer International Publishing. pp. 1–21. doi:10.1007/978-3-319-11379-1_1. ISBN 9783319113784. S2CID 12276874.
  10. ^ Spring, Jonathan M. (2013-09-17). Modeling malicious domain name take-down dynamics: Why eCrime pays. 2013 ECrime Researchers Summit (eCRS 2013). IEEE. pp. 1–9. CiteSeerX 10.1.1.645.3543. doi:10.1109/eCRS.2013.6805779. ISBN 978-1-4799-1158-5. S2CID 8812531.
  11. ^ Cimpanu, Catalin (2020-06-14). "GitHub to replace "master" with alternative term to avoid slavery references". ZDNET. Retrieved 2025-01-02.
  12. ^ "George Floyd: Twitter drops 'master', 'slave' and 'blacklist'". BBC News. 2020-07-03. Retrieved 2025-01-02.
  13. ^ Cimpanu, Catalin (2020-07-11). "Linux team approves new terminology, bans terms like 'blacklist' and 'slave'". ZDNET. Retrieved 2025-01-02.
  14. ^ Kan, Michael (2020-07-17). "Apple to Remove 'Master/Slave' and 'Blacklist' Terms From Coding Platforms". PCMag. Retrieved 2025-01-02.
  15. ^ a b Conger, Kate (2021-04-13). "'Master,' 'Slave' and the Fight Over Offensive Terms in Computing". The New York Times. Retrieved 2025-01-02.
  16. ^ Milanesi, Carolina (2021-06-29). "The Importance Of Inclusive Language And Design In Tech". Forbes. Retrieved 2025-01-02.
  17. ^ Jocom, Juan Miguel (2022-03-24). "Op-Ed | "Blacklist" and "whitelist" aren't racist, you are". The Seattle Collegian. Retrieved 2025-01-02.
Index: pl ar de en es fr it arz nl ja pt ceb sv uk vi war zh ru af ast az bg zh-min-nan bn be ca cs cy da et el eo eu fa gl ko hi hr id he ka la lv lt hu mk ms min no nn ce uz kk ro simple sk sl sr sh fi ta tt th tg azb tr ur zh-yue hy my ace als am an hyw ban bjn map-bms ba be-tarask bcl bpy bar bs br cv nv eml hif fo fy ga gd gu hak ha hsb io ig ilo ia ie os is jv kn ht ku ckb ky mrj lb lij li lmo mai mg ml zh-classical mr xmf mzn cdo mn nap new ne frr oc mhr or as pa pnb ps pms nds crh qu sa sah sco sq scn si sd szl su sw tl shn te bug vec vo wa wuu yi yo diq bat-smg zu lad kbd ang smn ab roa-rup frp arc gn av ay bh bi bo bxr cbk-zam co za dag ary se pdc dv dsb myv ext fur gv gag inh ki glk gan guw xal haw rw kbp pam csb kw km kv koi kg gom ks gcr lo lbe ltg lez nia ln jbo lg mt mi tw mwl mdf mnw nqo fj nah na nds-nl nrm nov om pi pag pap pfl pcd krc kaa ksh rm rue sm sat sc trv stq nso sn cu so srn kab roa-tara tet tpi to chr tum tk tyv udm ug vep fiu-vro vls wo xh zea ty ak bm ch ny ee ff got iu ik kl mad cr pih ami pwn pnt dz rmy rn sg st tn ss ti din chy ts kcg ve
Prefix: a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9

Portal di Ensiklopedia Dunia

Portal : Agama
Agama
Portal : Bahasa
Bahasa
Portal : Biografi
Biografi
Portal : Budaya
Budaya
Portal : Ekonomi
Ekonomi
Portal : Elektronika
Elektronika
Portal : Film
Film
Portal : Filsafat
Filsafat
Portal : Geografi
Geografi
Portal : Indonesia
Indonesia
Portal : Ilmu
Ilmu
Portal : Lingkungan
Lingkungan
Portal : Masyarakat
Masyarakat
Portal : Matematika
Matematika
Portal : Militer
Militer
Portal : Mitologi
Mitologi
Portal : Musik
Musik
Portal : Olahraga
Olahraga
Portal : Pendidikan
Pendidikan
Portal : Politik
Politik
Portal : Sastra
Sastra
Portal : Sejarah
Sejarah
Portal : Seni
Seni
Portal : Teknologi
Teknologi

Kembali kehalaman sebelumnya