Multiple off-the-shelf, new and exciting solutions, including home automation, printing, image processing, audio/video entertainment, kitchen equipment, car networks and similar networks in public gathering places. UPnP is
Distributed and open network architecture, which can fully utilize the functions of TCP/IP and network technology, not only can seamlessly connect similar networks, it can also control network devices and transmit data between them.
Enter information. There is no device driver in the UPnP architecture, instead of a common protocol. UPnP is an independent media. Any programming language can be used in any operating system
UPnP Device.
UPnP is not a simple extension of the plug-and-play model of peripheral devices. In design, it supports 0 settings, the network connection process "invisible", and automatic search for a variety of device types provided by many vendors, such as stars.
In other words, an UPnP Device can automatically connect to a network, automatically obtain an IP address, send out its own capabilities, and learn about other connected devices and their capabilities. Finally
The device can automatically and smoothly disconnect the network without unexpected problems.
UPnP promotes the development of Internet technologies, including IP, TCP, UDP, HTTP, SSDP and XML. The online contract on Intel is based on the wired application protocol.
The Protocol is descriptive, expressed using XML, and transmitted over HTTP. In the same way, the clear design goal of UPnP is to provide such an environment. Furthermore, when the cost, technology, or
Funding and other factors prevent UPnP from providing non-IP protocol media channels through bridging when IP addresses are used in a media or devices connected to them. UPnP is not
Therefore, suppliers can create their own APIs to meet customer needs.
The following is an explanation of UPnP on the Microsoft Official Website:
Q: What is UPnP?
A: Universal plug-and-play (UPnP) is a common architecture for peer-to-peer network connection between PC machines and smart devices (or instruments), especially in the home. UPnP uses
Based on Internet standards and technologies (such as TCP/IP, HTTP, and XML), such devices can automatically connect to and work with each other to enable the network (especially the home network)
) To more people.
Q: What does UPnP mean to consumers?
A: simple, more choices, and more innovative experiences. Network products that contain general plug-and-play technologies only need to be connected to the network to start working normally. In fact, UPnP can work with any network media technology.
(Wired or wireless) collaborative use. For example, this includes: Category 5 ethernet cable, Wi-Fi or 802.11B wireless network, IEEE
1394 ("Firewire"), telephone line network, or power line network. When these devices are connected to PCs, users can take full advantage of a variety of innovative services and applications.
The following is an explanation of UPnP on the official BC Website:
UPnP (Universal Plug and Play) is a general Plug-and-Play protocol. It cannot be simply understood as UPnP = "automatic port ing ". In
In the BitComet download, UPnP contains two layers:
1. For an intranet computer, the UPnP function of BitComet Enables automatic port ing between the NAT module of the gateway or vro to display the port listened by BitComet from the gateway or vro.
It is shot on an intranet computer.
2. The network firewall module of the gateway or router opens this port to other computers on the Internet.
2. Which users need to use the UPnP function?
1. We need to consider UPnP only when we need to use P2P software that supports UPnP, such as BT, eMule, and MSN. If you don't need this
Some software, just browsing the Internet, there is no need to read the following;
2. If you need to use the P2P software, but you are an Internet user, you can skip the following sections, because you can use the P2P software normally without the need for UPnP;
3. If you are an intranet user, but you have manually mapped the ports for these P2P software, for example, you can see "remote" in the "user list" When downloading data using BC ", or use an electric Terminal
After eMule successfully connects to the server, it is displayed as a high ID. You can skip this section.
However, it should be noted that the manual port ing only works for a P2P software. If a new P2P software is used, you still need to configure port ing for the new P2P software.
To;
4. If you are an intranet user, you need to use these P2P software without manual port ing. For example, when you use BC for download, in the "user list", only "local" and "remote" are available.
When using the eMule, it also shows a low ID. In this case, we need to consider the port ing problem!
In this case, we can have two options:
1. for manual port ing, see the link article at above;
2. Enable the UPnP function and perform automatic port ing, which is what we will talk about below;
Summary: objective of UPnP automatic port ing:
Taking BC as an example, both manual port ing and automatic UPnP port ing are used to obtain remote connections. Therefore, users who see "remote" in the "user list, no port ing or
UPnP! UPnP and port ing only need to take one of them. They are equivalent to two different methods to achieve the goal.
Therefore, if your system or hardware does not support the UPnP function, you don't have to worry about it. You can do port ing manually according to the method in the 3rd-point link article. The effect is the same;
Iii. Conditions for UPnP implementation:
Three conditions must be met simultaneously:
1. the Modem must support the UPnP function: Check the instruction documents or consult the manufacturer. Generally, the Modem must also support the routing function, unless you have a separate
Vro;
2. Operating System Support: In the article about UPnP mentioned at the beginning of this article, only windows XP supports UPnP, but Microsoft's official website claims
Windows Me already supports UPnP. However, I have never used Windows Me. You can test it on your own;
3. The software must support UPnP functions, such as BC, eMule, and MSN;
4. How to enable the UPnP Function
1. Enable UPnP in Modem or ROUTE
2. Enable the UPnP function in the operating system
If you are using an XP SP2 system, go to Control Panel> add or delete Programs> Add/delete windows Components, select "UPnP user field" in "Network Service"
",
3. Open the corresponding UPnP service in windows:
Go to "Control Panel-> Administrative Tools-> services" and find SSDP Discovery Service and Universal Plug and Play
Device Host services
Q: I just got on the broadband network. I heard that using the "UPNP" protocol can speed up Internet access. What does the "UPNP" protocol mean? How to apply it?
A: The full name of UPNP is Universal Plug and Play. The UPnP specification is based on the TCP/IP protocol and the new
Internet protocol. In fact, UPNP is designed to allow all devices connected to the Internet to communicate with each other without being blocked by the gateway in the future. For example, use MSN
Messager transfers files more quickly and conveniently
How can we use UPNP?
First, you need to go to the Web control interface of the router to enable the router's UPNP function. Enter the router address in the browser, enter the router Management page, and find the UPNP function,
And set it to Enable.
Then we can go to Windows XP settings. In Windows XP, the UPNP support module is not installed by default. Therefore, follow these steps:
Manual installation:
In the "add or delete programs" dialog box, click "Add/delete Windows Components ". In the "Windows component wizard", click "network service", click "details", and then select
Select the "General Plug and Play" check box. After the restart, Windows XP prompts you to find the new hardware. after entering the network neighbor, you will find the vro, indicating that the UNNP function is enabled. Today's Market
Almost all broadband routers support the UPNP function. With our reasonable configuration, we can enjoy a better experience and faster speed in point-to-point file transmission. (GSF)
The unified Plug-and-Play English is Universal Plug and Play, abbreviated as UPnP. To describe the Plug-and-Play of computer peripherals
(PnP). You may be familiar with it, but most people may feel confused about uniform plug-and-play. Windows xp supports UPnP and is detected to have serious security issues.
Problem, so, at a time, it makes UPnP famous. Coincidentally, I have read the technical whitepaper on UPnP and also read in detail about the security defects found this time. Because
This is an opportunity to disclose the details of UPnP and security defects.
I. What is UPnP used?
The Network has evolved to the present, it allows us to surf the Internet, send and receive emails, hear the sound sent from afar, search for content of interest, download software, on-demand programs, instant chats, and so on ...... implementation
There seem to be a lot of functions, but there is no end to human desires. People still want to enjoy happiness, and there are still many goals that have not been achieved: for example, how can we make us on the Internet, operations on air conditioners,
What about electric fans, kitchen appliances, or electrical equipment on the far end of the network? How can we use computer resources on the network to make "Remote Control" more intelligent? Even write a series of related controls to a script to use
Customize your favorite control process ?...... And so on. To achieve such an effect, it will be an application technology with a huge demand. If we use UPnP to control home devices through the network, it will bring us
Great convenience and many new experiences. For example:
1. before you get off work, or on the way back, you can first open the air conditioner and kitchen equipment in your house and wait for you to enter the house, immediately it was a pleasant environment-the meals in the kitchen were ready. Room Temperature
The level and the process of cooking in the kitchen are based on the "script" program designed in advance, which is absolutely reliable.
2. If you are a top-notch music enthusiast, you must have strict requirements on the music listening environment: Speaker position, volume, light and shade, and curtain pulling. Manual control is needed. After all
Inconvenient. If you want to use UPnP, everything will work for you. You can also write the audio volume, light brightness, and speaker height that you are used to into the execution script with the parameters you think are the best.
This prevails. If you have your own specialized audio room, as long as you open the door of the audio room, the above environment will be set up immediately. The UPnP system will turn off the audio and turn it off.
Turn off the lights and draw the curtains.
3. You are in the office, but you cannot put your children at home. With UPnP, you only need to install a camera at home to establish a connection with the network. Enable WEBTV for desktop computers in the office
After the network is connected, you can monitor your child's movements at home instantly.
There are a lot of conveniences and temptations to use.
In fact, this is not a scientific fantasy, nor an expert prediction. Currently, these operations can be implemented using the UPnP protocol! This is why windows XP is eager to join UPnP. Because
As UPnP is a protocol, UPnP can be used across a variety of operating system platforms, and development of applications is not limited by development languages. It can work in various forms of network structures. And only use the current network facilities
Based on the UPnP protocol, you do not need to add new facilities or re-set up network media!
The UPnP Protocol has the following features:
1. Take the network as the application environment, and do not consider computers in the "Island.
2. It is based on TCP/IP and the entire Internet. This is "neutral" and does not depend on any operating system or application. It does not use specific API functions and is not subject to programming languages.
Limitations. Allows seamless access to traditional networks.
3. devices can enter the network dynamically, and then obtain the IP address, "Learn", or find information about the operations and services they should perform. "Sense" whether other devices exist and their functions and
The current status. All of these should be automatically completed.
4. Each device can read its own specific status and parameters. After the control operation is completed, it should send a response signal of "Operation completed. If the control fails, a signal of control failure should be sent.
Ii. UPnP protocol layer:
The final purpose of UPnP Protocol is to establish an available device model. Because of the length, the entire structure is not analyzed in detail, but you should remember the following main features:
1. UPnP is a framework system composed of multiple layers of Protocols. Each layer is based on adjacent lower layers and is also the basis of adjacent upper layers. Until the application layer is reached. The bottom of the figure is
There are two layers of IP and TCP, responsible for the IP address of the device.
2. The three layers are HTTP, HTTPU, and HTTPMU, which should be familiar to everyone and belong to the transport protocol layer. What is transmitted is that the content is encapsulated and stored in a specific XML
File. The corresponding SSDP, GENA, and SOAP refer to the data format stored in the XML file. At this layer, the IP address and transfer information of the UPnP Device have been solved.
3. The fourth layer is the definition of the UPnP Device system. It is just an abstract and common device model. This layer must be used by any UPnP Device.
4. The fifth layer is the device definition layer of the various professional committees of the UPnP forum. In this forum, different electrical equipment is defined by different professional committees. For example, the Television Committee is only responsible for defining network electricity.
Depending on the device part, the air conditioner board is only responsible for defining the part of the network air conditioner... and so on. All different types of devices are defined as a dedicated architecture or template for use when a device is created.
It can be inferred that the device has been specified for a specific purpose when it enters this layer. Of course, these must all comply with standardized specifications. At present, UPnP can support most devices: Outside the computer and computer.
With the popularization of this system, more manufacturers may recognize this standard and eventually, may evolve into accepted industry standards.
5. The top layer, that is, the application layer, defined by the UPnP Device manufacturer. This layer of information is "filled" by the device manufacturer.
The underlying code for standby control and operation, that is, the name serial number, vendor information, and so on.
Iii. Details of the Agreement
There is only such a five-layer UPnP protocol, but there is only a framework for mutual compliance. How is the actual UPnP system constructed?
The complete UPnP service system is composed of a network supporting UPnP and devices complying with UPnP specifications.
The entire system is composed of three parts: device, service, and control pointer.
Device:
This is a device that complies with UPnP specifications. An UPnP Device can be considered as a "Container" that contains services and contains general devices ". For example, an UPnP VCR (video recorder) Device
It can include the tape transfer service, the tuning service, and the clock service. That is to say, devices under UPnP should not only be understood as hardware devices, but should include service functions.
Different types of UPnP devices are associated with different settings, services, and embedded devices. For example, printers and VCR are devices of different purposes, and services cannot be defined as the same.
Service:
A device executes the user request control process, which can be divided into several very small stages or units. Each unit is called a service. Each service is manifested as a specific behavior and pattern, and behavior and pattern.
You can also describe the status and variable values. As long as it can be described by numerical values, it is easy to process in the computer. For example, to simulate a clock, there is only one working mode: This mode is used to simulate and display the current
. There are two types of actions for a clock (and there are only two ):
1. Set the time (used to "the table that is usually said ").
2. Get the time (used to display the time ).
Other device services are described and defined in this way. A device can also define multiple services. The device definition information and service description information are stored in an XML file,
This file is also part of the UPnP protocol. When a device establishes and uses services, XML files can be associated with them.
The XML file also contains a key "status table", which can be further divided into "service status table" and "event status table ". The status table is running throughout the entire UPnP Device operation process,
When the device status changes, for example, when the parameter changes or the status is refreshed, it is immediately reflected in the "status table. For example, when the control server receives a set time behavior request, it immediately executes the request.
(On-time operation), give a response, and update the relevant data in the status table. Accordingly, the event server is responsible for releasing changes to the status of devices interested in the event. For example, a fire event occurs.
Then, the event server sends the event to the fire alarm, which generates an alarm signal.
Control pointer:
In the UPnP network, user requests are controlled by the control pointer. The control pointer is first a controller capable of controlling other devices and also has the "discovery" Control in the network.
Target capability. After the discovery (control target), the control pointer should:
① Obtain the device description and the list of associated services.
② Obtain the description of the related service.
③ Call to control service behavior.
④ Determine the service event "Source". Whenever the service status changes, the event server immediately sends an event message to the control pointer.
The information mentioned above is stored in an XML file. The information for different purposes and formats are different. Make sure that you can obtain all required information without confusion.
So what is the complete process of UPnP?
UPnP provides communication between control pointers and controlled devices. Network Media, TCP/IP protocol, and HTTP only provide basic connections and IP Address allocation. The entire work process needs to be handled
Address Allocation, device discovery, device description, Device Control, device events, and device expressions.
Address problems:
The IP address is the basic condition for the entire UPnP system.
State Host Configuration Protocol. After the device establishes a connection with the network for the first time, it uses the DHCP service to obtain an IP address. This IP address can be specified by the DHCP system or
Devices that have the ability to select IP addresses must be smart devices! This is the so-called "automatic" ip address.
If you encounter an IP address request outside the local DHCP management scope, you also need to resolve the "friendly device"
Address allocation problem, which is usually solved by the Domain Name Server.
Device found:
There are two scenarios: one is to find available devices in the current network after a request is controlled; in another case, after a device accesses the network and obtains an IP address, it starts
Broadcast has already entered the network, that is, to find control requests.
Device description:
Simply put, this is to declare what kind of device "yourself" is, such as the name, manufacturer, serial number, and so on. After "discovering" a device, the control pointer has little knowledge about the device.
According to ULR, find the description file of the device and read more description information from these files. The description information is generally provided by the manufacturer of the device. The main project descriptions are as follows: Control Mode
Name and mode number, device serial number, manufacturer name, vendor's web ulr ...... and so on. These are generally stored in specific XML files;
Device Control:
After the control pointer finds the device description, it will "extract" the operation to be performed and learn all the services from the description. For each UPnP Device, the descriptions must be accurate and detailed.
It may contain command or behavior list, service response information, used parameters, and so on. Each behavior of a service is accompanied by a description: mainly the variables during the service, the Data Type and availability of the variables.
Value range and event features.
To control a device, the control pointer must first send a control action request, requiring the device to start service, and then send the corresponding control message according to the device's ULR. The control message is placed in the XML file.
Information in the SOAP format. Finally, the service returns a response indicating whether the service is successful or failed.
Device events:
During the entire service period, as long as the variable value changes or the mode status changes, an event is generated. The system will modify the content of the event list mentioned above. As a result, the event service
To broadcast events to the entire network. On the other hand, the control pointer can also reserve event information from the event server in advance to ensure timely and accurate transmission of events of interest to the control pointer.
Broadcast or scheduled events send event messages, which are also stored in XML files in the format of GENA.
Preparations before the device is put into work ------ the initialization process is also an event, and various information required for initialization is also transmitted using event messages. The main content is: the initial value of the variable, the initial state of the pattern.
Status.
Device expression:
Once the device's ULR is obtained, you can obtain the ULR of the device expression page, and then include the expression in the user's local browser. This part also includes the dialog interface with the user and the interface with the user
Process the session.
The entire UPnP system works collaboratively under the "Central Nervous System" command. The general situation is as follows:
All devices with IP addresses must directly use the IP address of the network. However, some devices may not be able to directly use the IP address.
Non-IP devices exchange information with control pointers through the Network Bridge (UPnP Bridge.
IP addresses are directly used: Control pointers (control can be issued on a pocket computer or remote device), local devices, such as VCR and clock, and bridges. Non-IP devices have so-called light devices (such as temperature control)
Devices) and non-UPnP devices (such as lamp control switches ).
The above introduction is a hardware aspect. Next we will talk about the software as the control SOUL: In the above description, we often mention the information needed to store XML files, because whether it is a control pointer or a device service, A lot
Information, read, outgoing, and UPnP protocols are all stored in specific file XML. Information with different purposes is in different formats in XML files. Therefore, the relevant XML file is a control
The soul of service creation.
Iv. Security defects hidden by UPnP:
There are two security defects discovered this time. The first defect is that there is no check or Restriction on the Use of the Buffer. Attackers can obtain control of the entire system.
Privilege! Because the UPnp function must use computer ports for work, attackers who gain control may also use these ports to achieve the goal of attackers. This defect causes serious consequences, no
In that version of windows, As long as UPnP is run, there is a risk! But strictly speaking, this is not entirely a problem of the UPnP technology itself, but more of it is the sparsity of programming.
Suddenly.
The second defect is related to the working mechanism of UPnP!
This vulnerability exists in the "device discovery" phase when UPnP is working. A device can be found in two situations: if a computer with the UPnP function is successfully booted and connected to the network
The Network sends a "broadcast" that notifies the UPnP Device on the network that you are ready. At the programming level, the broadcast content is a M-SEARCH (Message) indication. This broadcast will
It is "heard" by all devices within the range of "Sound and ". And report relevant information to the computer for subsequent control.
Similarly, if a device is just connected to the network, a "notification" will be sent to the network, indicating that it is ready and can accept control from the network, at the program design level, the notification is
One NOTIFY (Message) indication. It will also be accepted by all computers within the range of "Sound and sound. The computer has reported this device to itself ". In fact, NOTIFY
Other network devices can also hear the instructions.
There is a problem between the above one and the other!
If a hacker sends a NOTIFY (Message) instruction to a user system, the user system receives the NOTIFY (Message) instruction and connects to a specific service under the instruction.
Server, and then request the corresponding server to download the service ------ download the service content to be executed. The server will certainly respond to this request. The UPnP service system will explain the description of the device and send the request
For more files, the server must respond to these requests. In this way, a "request-response" cycle is formed, occupying a large amount of system resources, resulting in slow or even stopped UPnP system services. So, this
Defects will cause "Denial of Service" attacks!
Conclusion
UpnP is approaching us step by step, and now it's full of sound. In the near future, it will inevitably have a huge impact on our work and life. There are unlimited business opportunities. Despite the existing problems
There will be no new problems after it is difficult to protect, but since it reflects the needs and intentions of people, there will be a huge vitality, and the temporary setbacks will not make it stop moving forward!
Transfer Protocol:
HTTP, HTTPU, and HTTPMU are mainly used:
HTTP:
This is a well-known thing. Needless to say, for UPnP systems, both HTTP and its derived protocols are core components.
HTTPU and HTTPMU:
These are derived and defined from the HTTP protocol. It is mainly used to send device messages in the SSDP format.
SSDP:
It is a "Simple Service Discovery Protocol", short for "Simple Service Discovery Protocol", which defines how
Network Service Discovery Method. SSDP also specifies the information format stored in XML files. The transmission of SSDP information relies on HTTPU and HTTPMU. Whether it is a control pointer,
Or an UPnP Device must use SSDP in its work. After the device is connected to the network, it must be used to broadcast its own presence to the network (the broadcast information contains the description of the device location ), in order
The control pointer establishes a connection. The control pointer uses SSDP to search for the device to be controlled? In addition, you can exclude existing devices and control Pointers-only for the active or standby devices.
Party services.
The method by which the control pointer uses SSDP is to send a search request via HTTPU. This request can be very detailed and can be specific to the desired device and service. For example, the request is for a specific VCR
Server to set the clock.
The device uses SSDP to "listen" to messages from Network Ports and find information that matches itself. Once the information that matches itself is found, a response message is sent through HTTPMU.
To the control pointer.
GENA:
This is the Event message format, abbreviated as "general time Notification system Generic Event Notification Architecture. About
Event message, as described above.
SOAP:
That is, The Simple Object Access Protocol uses this Protocol to transmit control messages and return responses from devices to messages. It uses XML and HTTP for remote calls. Use firewall or other network security
The method does not affect the use of SOAP.
Each UPnP control request can be used as a SOAP control message. The control message also contains the description of the control behavior and the parameters used.