Ver
Lista de
objetos o sujetos indeseados. Su objetivo es identificarlos y detenerlos antes
de que lleguen a entrar en el sistema o causar algún daño.
Blacklisting
refers to the technique of defining known malicious behavior, content, code, and
so on. Blacklists are typically used for threat detection, comparing network
traffic, files, users, or some other quantifiable metric against a relevant
blacklist. For example, an intrusion prevention system (IPS) will compare the
contents of network packets against blacklists of known malware, indicators of
exploits, and other threats so that offending traffic (i.e. packets that match
a signature within the blacklist) can be blocked. [knapp:2014]
The process of
the system invalidating a user ID based on the users inappropriate actions. A
blacklisted user ID cannot be used to log on to the system, even with the
correct authenticator. Blacklisting and lifting of a blacklisting are both
security-relevant events. Blacklisting also applies to blocks placed against IP
addresses to prevent inappropriate or unauthorized use of internet resources. [CNSSI_4009:2010]
A list of
discrete entities, such as hosts or applications, that have been previously
determined to be associated with malicious activity. [NIST-SP800-94:2007]
List of known
malicious objects (Websites, vandals, script commands, etc.) that should be
blocked by default.
http://www.qtsnet.com/SecuritySolutions/security_glossary.html
A list of
computers, IP addresses, user names or other identifiers to block from access
to a computing resource.
http://cyber.law.harvard.edu/cybersecurity/Keyword_Index_and_Glossary_of_Core_Ideas
Temas relacionados