IPC (Inter-Process Communication)
IPC (the number of instructions executed by the CPU in each clock cycle)
IPC represents a The design architecture of a processor, once the processor design is completed, the IPC value will not change. Here, the level of IPC value plays a decisive role, and frequency no longer seems to be above all else.
In fact, it is frequency and IPC that really affect CPU performance. The accurate CPU performance judgment standard should be: CPU performance = IPC (the number of instructions executed by the CPU in each clock cycle) × frequency (MHz clock speed). This formula was originally proposed by Intel and is widely recognized by the industry.
If you compare Intel's 800MHz Itanium processor (Intel's most advanced series of CPUs) for enterprise servers with the 1800MHz Pentium 4 processor for desktop computers , we will find that the Itanium processor with a main frequency of only 800MHz is even more powerful in performance than the Pentium 4 processor with a main frequency of up to 1800MHz.
IPC Inter-Process Communication
IPC (Internet Process Connection) is the only resource to share "named pipes". It is a named pipe open to allow inter-process communication. By providing a trusted username and password, both parties can establish a secure channel and exchange encrypted data through this channel, thereby achieving access to the remote computer. IPC is a new feature of NT/2000. It has a feature that only one connection is allowed to be established between two IPs at the same time. NT/2000 not only provides the ipc function, but also opens the default partition when installing the system for the first time, that is, all logical partitions (c, d, e...) and the system directory winnt or windows (admin). )***Enjoy. All of these, Microsoft's original intention is to facilitate administrator management, but intentionally or unintentionally, it leads to a reduction in system security.
We usually hear people talking about IPC vulnerabilities, IPC vulnerabilities. In fact, IPC is not a real vulnerability. I think the reason why some people say this must be referring to the one installed by Microsoft itself. Backdoor': Null session.
IPC (Industrial Personal Computer─IPC) is a ruggedized enhanced personal computer that can operate reliably in an industrial environment as an industrial controller. As early as the early 1980s, the American AD Company launched the IPC-like MAC-150 industrial computer, and then the American IBM Company officially launched the industrial personal computer IBM7532. Due to its reliable performance, rich software, and low price, IPC has suddenly emerged as a new force among industrial computers, catching up from behind and being used increasingly widely. At present, IPC has been widely used in communications, industrial control sites, road and bridge toll collection, medical care, environmental protection and all aspects of people's lives.
Technical features of IPC:
1. It adopts an all-steel industrial chassis that complies with the "EIA" standard, which enhances the ability to resist electromagnetic interference.
2. Adopt bus structure and modular design technology. The CPU and each functional module use a plug-in structure and are equipped with pressure rods for soft locking, which improves shock and vibration resistance.
3. The chassis is equipped with dual fans, positive pressure convection exhaust, and a dust filter to prevent dust.
4. Equipped with highly reliable industrial power supply and overvoltage and overcurrent protection.
5. The power supply and keyboard are equipped with electronic lock switches to prevent illegal opening and closing and illegal keyboard input.
6. It has self-diagnosis function.
7. I/O templates can be selected as needed.
8. It is equipped with a "watchdog" timer, which will automatically reset without human intervention when it crashes due to a fault.
9. It has good openness and compatibility. It absorbs all the functions of PC and can directly run various application software of PC.
10. Configurable real-time operating system to facilitate multi-task scheduling and operation.
11. Passive motherboard (baseboard) can be used to facilitate system upgrades.
The main structure of IPC:
1. All-steel chassis
The all-steel chassis of IPC is designed according to standards and is resistant to impact, vibration, and electromagnetic radiation. interference, a passive backplane compatible with PC-bus can be installed inside.
2. Passive backplane
The slots of the passive backplane are composed of multiple slots of the ISA and PCI buses. The number and location of the ISA or PCI slots are certain according to the needs. Select, the board has a four-layer structure, with the middle two layers being the ground layer and the power layer. This structure can weaken the mutual interference of the logic signals on the board and reduce the power supply impedance. The base plate can be plugged into various boards, including CPU cards, display cards, control cards, I/O cards, etc.
3. Industrial power supply
It is an AT switching power supply with an average trouble-free operating time of 250,000 hours.
4. CPU card
There are many kinds of IPC CPU cards. They can be divided into long cards and half-length cards according to the size. According to the processor, they can be divided into 386, 486, 586, PII and PIII motherboards can be selected by users according to their own needs. Its main features are: operating temperature 0-600C; equipped with a "watchdog" timer; low power consumption, maximum 5V/2.5A.
5. Other accessories:
IPC’s other accessories are basically compatible with PCs, mainly including CPU, memory, graphics card, hard disk, floppy drive, keyboard, mouse, optical drive, and monitor. wait.
IPC network intrusion
In order to help everyone learn IPC better, I have specifically organized and improved the concepts of IPC, some common commands, and some problems that occur in IPC. Reasons, etc. Most of the information comes from the Internet. Since I don’t know the author’s name, I cannot mark the source of the content. Please forgive me.
1. The concept of IPC
IPC$ (Internet Process Connection) is the only resource to share "named pipes". It is a named pipe open for inter-process communication. , by providing a trusted user name and password, the two parties can establish a secure channel and exchange encrypted data through this channel, thereby achieving access to the remote computer. In fact, it can be regarded as a relatively practical service provided by Microsoft. It can be said to play a relatively important role in realizing resource sharing. However, it is rarely used, and most of them are used by Microsoft. Hackers use them to carry out attacks, so they are often referred to as vulnerabilities. In fact, it is not a real vulnerability, it refers to the 'backdoor' installed by Microsoft itself: Null session.
The concept of null session
A null session is a session established with the server without trust. For a null session, the SID of the token provided by LSA (the SID of the null session ) is S-1-5-7, the username is: ANONYMOUS LOGON (the system’s built-in account), and the access token contains the following disguised groups: Everyone and Network.
2. The process of IPC establishment
1) The session requester (client) sends a data packet to the session receiver (server) requesting the establishment of a secure tunnel;
2) The server generates a random 64-digit number (implementation challenge) and sends it back to the client;
3) The client obtains the 64-digit number generated by the server and enters it with the password of the account trying to establish a session. Scramble it and return the result to the server (implementing the response);
4) The server accepts the response and sends it to the Local Security Authentication (LSA). The LSA verifies the response by using the user's correct password to identify the requester. identity. If the requester's account is local to the server, verification occurs locally; if the requested account is a domain account, the response is sent to the domain controller for verification. When the response to the challenge is verified to be correct, an access token is generated and sent to the client. The client uses this access token to connect to resources on the server until the proposed session is terminated.
3. IPC connection conditions
★ Depends on the operating system (NT/2000/XP can establish an ipc$ connection, 98/ME cannot establish an ipc$ connection);
★ The target host must enable ipc$*** sharing;
★ The local host must enable the Lanmanworkstation service (the function is to provide network links and communications);
★ The target host must start the Lanmanserver service (ipc$ depends on this service, which provides RPC support, file, printing, and named pipe sharing);
★ The target host must start NetLogon, which supports Computer pass-through account login identity on the network;
★ The target host should start NBT (open port 139);
★ Target host firewall configuration (if 139 and 445 ports are blocked, it will also Causes connection failure);
★ Incorrect user name or password;
★ Wrong command input (pay special attention to the input of spaces, double quotes on both sides when the user name and password do not contain spaces) It can be omitted, the password is empty, and directly enter two quotation marks "");
★ After the connection is established, the target host restarts, and the ipc$ connection will be automatically disconnected.
4. Analysis of connection error numbers
Error number 5: Access denied, insufficient permissions;
Error number 51: Unable to find network path (network problem) ;
Error number 53: The network path cannot be found (the IP address is wrong; the target host is not powered on; the target host lanmanserver service is not started; the target host firewall sets the filter port);
Error No. 67: The network name cannot be found (the lanmanworkstation service in the local host is not started or the target host has deleted ipc$);
Error No. 1219: The provided credentials conflict with an existing credential set (already established An ipc$, you can delete and reconnect);
Error number 1326: Incorrect user name or password;
Error number 1792: Trying to log in, the network login service is not started (in the target host NetLogon service has not started);
Error number 2242: The user's password has expired.
5. Commonly used passwords
★ Establish an empty connection: net use \\IP\ipc$ "" /user:""
★ Establish a non-empty connection : net use \\IP\ipc$ "password" /user:"username"
★ View the shared resources of the remote host (but cannot see the default shared resources) net view \\ IP
★ View the shared resources of the local host (you can see the local default shared resources) net share
★ Get the user name list of the remote host nbtstat -A IP
★ Get the user list of the local host net user
★ View the current time of the remote host net time \\IP
★ Display the current service net of the local host start
★ Start/stop local service net start service name/y net stop service name/y
★ Map remote *** share: net use z: \\IP\sihochina This command maps the ***share resource named sihochina to the z disk
★ Delete the ***share mapping net use z: /del /y Delete the mapped z disk net use * /del /y Delete all
★ Copy the file to the remote host copy \path\*.exe \\IP\***shared directory name, such as: copy sihochina.exe \\IP\c Copy the current Copy sihochina.exe in the directory to the other party's C drive
★ Remotely add scheduled tasks at \\ip time program name, such as: at \\192.168.0.1 11:00 sihochina.exe 11:00 at Run sihochina.exe on host 192.168.0.1
The method used in this article is mainly tested in the environment of VISTA Ultimate SP2 and XP SP2. Other systems have not been tested, but I believe they are similar. The problems should be similar. I will list all the problems that occurred in my experiments on the two systems for your reference.
In addition, if you are a beginner and have no idea about IPC and DOS commands, please read it together with the previous article "IPC Basics and IPC-DOS Commands".
Let’s get to the point!
The first step is to press WIN+R to pop up a run box (don’t tell me that you don’t know which WIN key it is, it’s hopeless! It’s the key to open the start menu, with WINDOWS on it sign key), type CMD to enter DOS.
In the second step, enter net use \\target IP\ipc$ "password" /user:"username". After entering this, a prompt will be displayed indicating that the command completed successfully. What is worth paying attention to is the syntax format issue. There are four spaces in this syntax. There is a space before and after USE, and there is a space before and after password. In addition, it should be noted that the username and password here are the username and password used to log in to the host's login system, not the broadband dial-up one. During this process, if the target machine is a VISTA system, it can be easily invaded, because Microsoft has turned on the SERVER service by default in the VISTA system, and you can enter as long as you know the user name and password. However, it is closed in XP. If others are using the XP system and you are just doing experiments, then give up. Or if you still don’t want to give up, call someone and ask them to open it! What do you do when someone asks you how to drive? If you don’t know, halo, forget it, good people have done it to the end, I will tell you, so that you don’t have to go to Baidu to find it. Open "Control Panel-Classic View-Administrative Tools-Services" and find the SERVER item in the service item, and then find a way to turn it on yourself! If not, then there’s nothing I can do!
The third step is to enter net view \\target IP to see what privileges the target has opened.
If the other party has shared all the resources on the disk, then it can be said that the invasion is nearing the end (the *** that is turned on by default in ***enjoyment is enabled). But if the other party has not turned on *** sharing, then we have to find a way to solve this problem ourselves. Generally, we use the telnet service to enter the other party's computer, and then help him open the *** privileges you want. So how to enter telnet? This is another relatively big problem. The telnet service is disabled by default in XP, which means you cannot use this service. VISTA does an even better job. It doesn’t even have this item among its service items, but it doesn’t matter, we can add it ourselves. The specific method is as follows: "Control Panel-enter the control panel homepage-turn on or off the WINDOWS function (lower left)-find telnet and add both items." When encountering this kind of situation, those of us who do experiments should give up. If you call the other party again and ask the other party to remove the disable and change it to automatic, then the situation will be different (the modification method is similar to turning on the SERVER just now, so I won’t go into details here). As long as it is not disabled, it doesn’t matter whether his service is available or not. We all have ways to turn it on. Let me introduce to you a relatively simple method. First open "Notepad - enter @net statr telnet" and save it as opentelnet.bat in the C drive! This is implemented using a batch command. I won’t go into details about how it is implemented here, because today’s focus is not on it. Just do it, but what I can tell you is that the effect of this command is to open the disabled telnet service (note that it is disabled rather than disabled). The next thing we have to do is copy this file to the root directory of the target machine. The specific operation is:
The fourth step is to enter copy c:\opentelnet.bat \\target IP\admin$ so that we can copy the file we just created to the root directory of the other party's host. However, some problems may occur during the copying process. When I copied to XP, a problem occurred, and I could not find the problem. However, the specific reasons for the copying failure are as follows. I found them online. Yes, COPY over now.
An error message appears when copying files. The reasons may be as follows:
1) Blind copying:
Copying a *** that does not exist at all. To share files, you should use the net view \\IP command to check the sharing status of the target host before copying;
2) The default sharing judgment is wrong:
★ ipc$ *** sharing and default *** sharing are two different things. ipc$*** sharing is a named pipe, not a specific folder, and default *** sharing is not a necessary condition for ipc$*** sharing;
★ net view \\IP cannot display the default *** share (because the default *** share is $). We cannot use this command to determine whether the other party has enabled the default *** share.
3) Insufficient user permissions:
★ When an empty connection is copied to all shares (default shares and ordinary shares), in most cases the permissions are Not enough;
★ When copying to the default user share, you must have administrator rights;
★ When copying to the ordinary user share, you must have the corresponding rights (that is, the target The host's preset access rights);
★ The target host prohibits external access to *** through the settings of the firewall or security software;
4) Killed by the firewall or in the LAN
The fifth step is to run this file. This is where our at command is used. The method is as follows: First look at the time of the target machine. Type net time target machine IP. Knowing the target machine time we can give it a task and let it run at the required time. Assume that the time we just saw is 14:20, then we can type at opentelnet.bat 14:30 \\target IP. This line of command will make the target machine run the opentelnet.bat file on time at 14:30.
The sixth step, telnet target IP. This is to establish a telnet connection with the other party. With this connection, we can do anything on other people's computers. It is forbidden to do anything that harms the interests of others, otherwise we will kill without mercy. I won’t write down the specific things that can be done myself. I’m tired, so I’ll copy it:
★ Create a user on the remote host, activate the user, change the user password, join the management group, etc.;
★ Open the ipc$*** sharing of the remote host, default sharing, ordinary sharing operation;
★ Run/close the service of the remote host;
< p>★ Start/kill the process of the remote host.The second application is what we have to do, open the host's IPC$*** share (adding a dollar sign actually means that after opening the *** share, a message will not be displayed on the other party's machine. The symbol of the hand tray)
The seventh step is to exit telnet and enter exit. Then type net use h: \\target IP\c$. The function of this command is to map the other party's C drive to the h drive of the local drive. The h drive cannot be the original drive of the local machine. Mapping, don’t understand? Okay, no rush. Let me explain: it is to reflect other people's things to your own computer, and then you can perform any operations on it, just like your own computer. At this point, congratulations, the intrusion was successfully reported. Additional answer: IPC was originally called "The Institute of The abbreviation of "Printed Circuit", which is the American "Printed Circuit Board Association", was later renamed "The Institute of the Interconnecting and Packing Electronic Circuit" (Electronic Circuit Interconnection and Packaging Association), and in 1999 it was renamed again "Association Of Connecting Electronics" Industries" (Electronic Manufacturing Association). Because IPC is well-known, the logo and abbreviation of IPC remain unchanged after the name change. IPC has more than 2,600 association members, including world-renowned companies engaged in printed circuit board design. , manufacturing, assembly, OEM (Original equipment manufacturer) processing, EMS (electronics manufacture service) outsourcing large companies, IPC, like IEC, ISO, IEEE, JEDC, is the largest electronics manufacturing company in the United States and even the world. One of the most influential organizations in the industry, IPC has developed thousands of standards and specifications.
An organization initiated by member companies, IPC mainly provides industry standards, certification training, market research and policies. promotes and supports a variety of projects to meet the needs of this $1.5 trillion global industry. IPC has offices in Taos, New Mexico, Arlington, Virginia, Garden Grove, California, and Sweden. It has offices in Stockholm and Shanghai, China.
In 2004, IPC established a wholly foreign-owned enterprise (WOFE) - IPC - Aibi Xi International Technology Management Consulting (Shanghai) Co., Ltd. in Shanghai, China. This branch was established to better serve domestic and foreign electronic assembly and printed board companies.
According to the definition, a wholly foreign-owned enterprise refers to an enterprise wholly invested by a foreign enterprise in China. IPC WOFE is a wholly-owned branch of IPC USA, and IPC USA will retain full control and operation rights over the Chinese branch.
This IPC branch will provide many services to the electronics manufacturing industry to strengthen employees. skills, thereby improving the quality of operations of employees; increasing their business through many different tools to obtain more benefits
IPC-AIPC International Technology Management Consulting (Shanghai) Co., Ltd. provides individuals. Provide more professional development opportunities. Its overall solution includes many networking activities, allowing customers to communicate and discuss with many peers and experts in other industries.