Ver
Lista de
objetos o sujetos indeseados. Su objetivo es identificarlos y detenerlos antes
de que lleguen a entrar en el sistema o causar algún daño.
Blacklisting refers to the
technique of defining known malicious behavior, content, code, and so on.
Blacklists are typically used for threat detection, comparing network traffic,
files, users, or some other quantifiable metric against a relevant blacklist.
For example, an intrusion prevention system (IPS) will compare the contents of
network packets against blacklists of known malware, indicators of exploits,
and other threats so that offending traffic (i.e. packets that match a
signature within the blacklist) can be blocked. [knapp:2014]
The process of the system
invalidating a user ID based on the user’s inappropriate actions. A blacklisted
user ID cannot be used to log on to the system, even with the correct
authenticator. Blacklisting and lifting of a blacklisting are both
security-relevant events. Blacklisting also applies to blocks placed against IP
addresses to prevent inappropriate or unauthorized use of internet resources. [CNSSI_4009:2010]
A list of discrete entities,
such as hosts or applications, that have been previously determined to be
associated with malicious activity. [NIST-SP800-94:2007]
List of known malicious
objects (Websites, vandals, script commands, etc.) that should be blocked by
default.
http://www.qtsnet.com/SecuritySolutions/security_glossary.html
A list of computers, IP
addresses, user names or other identifiers to block from access to a computing
resource.
http://cyber.law.harvard.edu/cybersecurity/Keyword_Index_and_Glossary_of_Core_Ideas