A proposed technology for mapping telephone numbers to the Domain Name System (DNS).
Overview
Storing contact information for business or personal use is complicated by the fact that individuals have so many different technologies by which they can be reached, such as “snail” mail, telephone, fax, and e-mail. ENUM is an attempt to bring convergence to such contact infor- mation by using an individual’s standard E.164 tele- phone number as that person’s primary contact information. By mapping these numbers to the DNS naming system of the Internet, you could send an e-mail message to someone by specifying the recipient’s tele- phone number instead of e-mail address.
ENUM works by using a special reverse DNS domain called e164.arpa that is used to store records for E.164 international telephone numbers. For example, the DNS name for someone whose telephone number is +44-6-2368572 would be 2.7.5.8.6.3.2.6.4.4.e164.arpa, constructed by reversing the digits and appending the e164.arpa domain name. A Naming Authority Pointer (NAPTR) record is then used to identify the services supported by this DNS name, such as telephone, e-mail, or fax. The NAPTR record effectively con- verts the E.164 telephone number into a Uniform Resource Identifier (URI).
Issues
ENUM promises to simplify Voice over IP (VoIP) com- munications by making it simpler to route calls over the Internet. However, the proposed global public database of ENUM contact information is seen by some industry watchers as a danger to privacy and a potential tool for spammers and mass marketers.
Notes
ENUM is described in RFC 2916.
For More Information
For an explanation of how DNS and VoIP work, see the
Microsoft Encyclopedia of Networking, Second Edition,
available from Microsoft Press.
See Also: spam
enumeration
Gathering information about a target system or network a hacker wants to compromise.
Overview
Enumeration is a collection of methods and procedures used by malicious hackers for gathering information that might be useful for launching an attack. Enumera- tion seeks to reveal poorly protected network resources that can be exploited for breaking into networks. Exam- ples of such resources can include the following:
● Default user accounts that have no passwords
● Guest accounts that should normally be disabled
● Network services that are running but not needed
There are a variety of methods and approaches attackers use for enumerating systems and networks. One com- mon method is to use port scanners to connect to stan- dard Transmission Control Protocol (TCP) ports such as port 80 (Hypertext Transfer Protocol, HTTP) and send random data to the port to see what returns. If a Web server is listening on this port, it will usually respond with information identifying the vendor and version number. The attacker can then try compromising the server using known vulnerabilities of that version of the product, hoping that busy administrators have not had time to keep patches on the system up to date. Some of the tools commonly used for enumeration include Netcat, Rcpdump, Dumpsec, Getmac, and many others.
See Also: hacking, Netcat, port scanning
EoP Ethereal
EoP
Stands for elevation of privileges, any method used by attackers to gain control of a system or network.
See: elevation of privileges (EoP)
EPIC
Stands for Electronic Privacy Information Center, a public interest organization focusing on civil liberties and privacy issues.
See: Electronic Privacy Information Center (EPIC)
E-SIGN Act
Stands for Electronic Signatures in Global and National Commerce Act, a U.S. law governing the use of digital signatures in business and commerce.
See: Electronic Signatures in Global and National
Commerce (E-SIGN) Act
ESP
Stands for Encapsulating Security Payload, an Internet Protocol Security (IPSec) protocol that provides encryption.
See: Encapsulating Security Payload (ESP)
/etc/passwd
A file used in most UNIX and Linux systems for storing user information.
Overview
The /etc/passwd file is a text file that typically contains the following information for each user on the system:
● The user’s login name
● An encrypted version of the user’s password
● A unique numerical ID (uid) for the user
● A numerical group ID (gid) for the user
● A comment field that can contain information such
as the user’s real name and address
● The location of the user’s home directory ● The user’s preferred shell
Implementation
As an example, the entry for user Denise Smith in /etc/ passwd might be
dsmith:y29rf8er755:641:641:Northwind Traders: home/dsmith:/bin/bash
The etc/passwd file is readable by all users, and even though passwords are stored in the file in encrypted form, this can constitute a security problem. One solution is to store only basic user information in etc/passwd and keep all passwords for users in a separate file called etc/ security/passwd. Another solution is to implement shadow passwords, which store users’ passwords in /etc/shadow, a file that can only be read by root. If shadow passwords are used, the preceding user’s entry in etc/passwd usually looks like this:
dsmith:x:641:641:Northwind Traders:/home/ dsmith:/bin/bash
where x replaces the encrypted password and indicates that shadow passwords are being used.
See Also: password, shadow password
Ethereal
A free network protocol analyzer for UNIX and Microsoft Windows operating systems.
Overview
Ethereal is a free network “sniffer” created by Gerald Combs that allows you to capture and analyze traffic on a network. It works with a variety of data-link-layer protocols, including Ethernet, Token Ring, Fiber Dis- tributed Data Interface (FDDI), Point-to-Point Protocol (PPP), and Classical IP over ATM. Display filters can highlight different types of packets in different colors, and captured data can be saved in plaintext or Post- Script format for further analysis and reporting. Ethereal was released under the GNU General Public License and is freely available as open source software.
European Institute of Computer Anti-Virus Research (EICAR) exploit
For More Information
You can download Ethereal from www.ethereal.com.•
See Also: sniffing