Current location - Quotes Website - Personality signature - What does the white list mean?
What does the white list mean?
The concept of white list corresponds to "blacklist".

The purpose of whitelisting technology is not to block something. It uses a list of "known good" entities (programs, e-mail addresses, domain names, web addresses) in the opposite way to blacklisting. There is no need to run antivirus software that must be constantly updated, and anything that is not on the list will be prevented from running; The system can be protected from zero-day attacks.

Whitelist technology is very simple. It gives administrators and companies more power to control the programs that can enter the network or run on the machine. The advantage of whitelisting technology is that nothing can run or pass except the entities on the list, but the disadvantage is that nothing can run or pass.

Extended data:

1. Comparison of advantages and disadvantages between blacklist and whitelist;

Blacklist:

Advantages: Some hidden dangers can be prohibited (solved) through the known information, such as filtering XSS, SQL injection, etc.

Disadvantages: It can only target known hidden dangers and threats, and cannot defend against new threats, such as 0day.

White list:

Advantages: Solving 0day is lighter than blacklisting.

2. Applicable scenarios.

Blacklist: Blacklist is suitable for people with large trust domain. For example, WAF in the access layer blocks some IPS according to malicious requests.

Whitelist: Whitelist is suitable for small trust domains. For example, the database server only allows clients with specific IP addresses and network segments to connect to it.

Baidu Encyclopedia-Real-time blacklist list

Baidu Encyclopedia-Whitelist