Back to Security Pattern Catalog
Network Address Blacklist
: Exterior Security, Spoofing
Identifying the malicious users at the system access point is a very effective defense mechanism. However, it is computationally expensive.
How can a malicious user be identified?
Maintain a list of network addresses that exhibit inappropriate behavior. Drop requests received from a blacklisted address.
RBL and RHSBL List used in Postfix to filter spam coming from known blacklisted IP addresses.
Policy Enforcement Point, Minefield
Kienzle et. al. Repository
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz