Saturday, February 23, 2008

what is a whitelist?

in contrast to the blacklist, a whitelist is a list of known good things that we don't need to avoid, block, or weed out... a whitelist is generally used in situations where nothing is allowed except those things on the whitelist... this is sometimes referred to as 'default deny'...

a classical real world example of a whitelist is the guest list for an exclusive social function (where you don't get in unless you're on the list)... further examples include the list of things you're allowed to put in your recycling bin, the list of foods and drugs approved by the FDA, or the set of people you'd trust with a secret...

in the anti-malware context the most well known example (to average users) of a whitelist is the list of applications allowed by a software firewall to connect to the internet... you can also have a list of applications allowed to execute (or perform any other function), a list of websites allowed to execute scripts in your browser, a list of email senders allowed past your spam filter, etc...

back to index

0 comments: