Whitelist
A whitelist or allowlist is a list or register of entities that are being provided a particular privilege, service, mobility, access or recognition. Entities on the list will be accepted, approved and/or recognized. Whitelisting is the reverse of blacklisting, the practice of identifying entities that are denied, unrecognized, or ostracized.[citation needed]
Email whitelists
Spam filters often include the ability to "whitelist" certain sender IP addresses, email addresses or domain names to protect their email from being rejected or sent to a junk mail folder. These can be manually maintained by the user[1] or system administrator - but can also refer to externally maintained whitelist services.[citation needed][2]
Non-commercial whitelists
Non-commercial whitelists are operated by various non-profit organizations, ISPs, and others interested in blocking spam. Rather than paying fees, the sender must pass a series of tests; for example, their email server must not be an open relay and have a static IP address. The operator of the whitelist may remove a server from the list if complaints are received.[citation needed][3]
Commercial whitelists
Commercial whitelists are a system by which an Internet service provider allows someone to bypass spam filters when sending email messages to its subscribers, in return for a pre-paid fee, either an annual or a per-message fee. A sender can then be more confident that their messages have reached recipients without being blocked, or having links or images stripped out of them, by spam filters. The purpose of commercial whitelists is to allow companies to reliably reach their customers by email.[citation needed]
Advertising whitelists
Many websites rely on ads as a source of revenue, but the use of ad blockers is increasingly common.[citation needed] Websites that detect an adblocker in use often ask for it to be disabled - or their site to be "added to the whitelist"[4] - a standard feature of most adblockers.[citation needed]
Network whitelists
LAN whitelists
A use for whitelists is in local area network (LAN) security. Many network admins set up MAC address whitelists, or a MAC address filter, to control who is allowed on their networks. This is used when encryption is not a practical solution or in tandem with encryption. However, it's sometimes ineffective because a MAC address can be faked.[citation needed]
IP whitelist
Firewalls can usually be configured to only allow data-traffic from/to certain (ranges of) IP-addresses.[citation needed]
Application whitelists
One approach in combating viruses and malware is to whitelist software which is considered safe to run, blocking all others.[5][6][7][8] This is particularly attractive in a corporate environment, where there are typically already restrictions on what software is approved.[citation needed]
Leading providers of application whitelisting technology include Bit9, Velox, McAfee, Lumension, ThreatLocker, Airlock Digital and SMAC.[9][10][11]
On Microsoft Windows, recent versions include AppLocker, which allows administrators to control which executable files are denied or allowed to execute. With AppLocker, administrators are able to create rules based on file names, publishers or file location that will allow certain files to execute. Rules can apply to individuals or groups. Policies are used to group users into different enforcement levels. For example, some users can be added to a report-only policy that will allow administrators to understand the impact before moving that user to a higher enforcement level.[citation needed]
Linux systems typically have AppArmor and SE Linux features available which can be used to effectively block all applications which are not explicitly whitelisted, and commercial products are also available.[12]
On HP-UX introduced a feature called "HP-UX Whitelisting" on 11iv3 version.[13]
See also
- Blacklisting
- Blacklist (computing)
- Blackballing
- Closed platform
- DNSWL, whitelisting based on DNS
- Opt-in
References
- ^ e.g. Kindle users control the whitelist for email access. Besides Amazon itself, only e-mail addresses whitelisted by the device's registered owner can send content ("personal documents") to that device.
- ^ "IP and domain reputation". Spamhaus Project.
- ^ "Spamhaus' Blocklists".
- ^ "Adblock Instructions". Forbes. Retrieved 2017-12-09.
- ^ John Harrison, Enhancing Network Security By Preventing User-Initiated Malware Execution, Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) (Wireless Ad Hoc/Sensor Networks and Network Security Track), Volume II - Volume 02; pages 597-602; IEEE Computer Society Washington, DC, USA 2005.
- ^ "SANS Institute: Reading Room - Analyst Papers" (PDF). www.sans.org. Archived from the original (PDF) on 2012-03-02. Retrieved 27 August 2018.
- ^ "Dark Reading - Security - Protect The Business - Enable Access". Dark Reading. Archived from the original on 2019-12-12. Retrieved 2008-10-02.
- ^ "Application Whitelisting Gains Traction". eweek.com. 25 September 2008.
- ^ Blum, Dan (February 8, 2014). "Lessons Learned from Target Breach". Security-Architect Blog. Dan Blum. Retrieved July 18, 2014.
- ^ Vamosi, Robert (2008-07-21). "Will you be ditching your antivirus app anytime soon?". CNET. Archived from the original on 2012-10-24. Retrieved 2010-03-22.
- ^ Korobov, EVGENIY (2020-07-27). "SMAC - application whitelist platform". iqp. Retrieved 2020-07-27.
- ^ Cooprider, Nathan (2016-02-03). "Live Whitelisting!". Threat Stack. Retrieved 20 December 2018.
- ^ "HP-UX Whitelisting". HP. Retrieved 20 December 2018.