Tuesday, September 28, 2010

Skyworth the secret of surviving


Nothing better than having a private business owner in trouble even worse things.

Late last year, Skyworth Digital (0751.HK) Stephen Wong, founder and leader of the legal issues encountered so many people can ride out the storm began to question the Skyworth. As private enterprises grew up fast, 10 years seems to have been troubled Skyworth, though always at a crucial moment before the head off, but the bosses who do not believe the trouble will not bring turmoil.

But after a few months but did not Skyworth performance as bad as people imagine. 2000, color TV market in China is still a small role in the Skyworth, 4-year period has been the first leap into the field Army. September 30, 2004 April 1, 2005 during the day, Skyworth's turnover of 4.349 billion Hong Kong dollars, the same period the previous year's 3.644 billion dollar increase of 30.86%; net profit of 187 million Hong Kong dollars, the same period the previous year's 081 million Hong Kong dollar soared 130%. Huang Hongsheng cause ridden in time, Skyworth has not stuck in mud, on the contrary, the high rate of business growth is actually rare in recent years, can be financially very rare that a good year.

At present, the past did not pay too much attention to competitors amazed Skyworth Skyworth excellent market performance, start it as a major competitor. "Skyworth took four years to nearly 5 billion yuan sales volume achieved from nearly 10 billion yuan, mainly R & D and market integration than good." Has more than one industry on the development of such a characterization of Skyworth. It usually does not Visible of Skyworth, R & D and the market in the end in what pattern?

Institute of multifunctional

Skyworth Research Institute at the New Komeito town Skyworth 15 mu production base in a corner, through the busy clutter of the workshop, the Institute three-storey building looks like a workshop. Boxes piled around the street, next to a plant in the workers are from the 4th floor, leaned out the window of a home-made using slide down to send foam packaging. This is probably the most we have seen crude research environment where, for comparison, many companies institute always has the most bright and comfortable office environment.

In fact, Skyworth Institute of itself really is a productive sector. In the third floor of the Institute has six different types on the production line, which is Skyworth Institute pilot and production departments. Original new product is a small trial and pilot on the production sector to carry out large-scale production line, once one part of the problem, a line of a hundred people had to stop to wait for changes. To avoid this, after the Institute of reform put into research and development testing phase, trying to design the product itself and in the R & D department to resolve the issue. As a result, the organizational structure of the Institute after the original innovation is simply engaged in scientific research, now transformed into an independent research entity, and entered the industrialization stage, not only do technology also start the process.

Skyworth Institute now has 700 people, about 200 developers, managers have twenty or thirty people, the rest are as skilled workers. New product came out, the first small-batch test and improve. That can be invested, and then into the pilot line production of 200 units to 2,000. Wait until sufficient production efficiency, process no problem, product maturity and then submitted to the production sector for large-scale production.

Skyworth's engineering strength of the weak, which is chosen to produce the phase section on the Institute to complete one of the reasons. Interestingly, the Institute's pilot line can support themselves, they do not test planned for the production department for processing, production departments to pay the appropriate fees, such as the Institute will make its annual funding of several million dollars.

In addition to volume production new products, the Institute will bear the test marketing of new products, such as pilot line to be first produced in 2000, sets new products to market for the first test market, the advantage of doing R & D in the first time to know how the sales of new products, there is any problems, shorten product development and industrialization process. Finished before the design transferred to production systems, production finished go to sales, production will become the information center and then back to R & D, but now simply open up a direct chain R & D and market access.

Dean Lihong An introduction, when Vice-President Zhang Zhihua, said with a smile Zhang Zhihua, "name pushed, name Tuitui Tui", research vice president Zhang Zhihua is responsible for promoting the veterans department, because the new products come out, the R & D also responsible for new technology and new product introductions to the production and sales. "Because the market a new product do not know what kind of advantage, so R & D personnel to branch offices around the country to go on all the technical training and introducing new products." Zhang Zhihua said.

Currently, Skyworth set up a special "product committee" members from R & D, marketing, sales, service department related to the composition, generally seven or eight individuals, each month there is joint production, supply and research and to communicate information. If a market product problems, marketing research and a team to go immediately to resolve.

Market Research Institute

Skyworth TV division president Zhang Xuebin recall a time when he assumed office, Stephen Wong called him in the past, the task entrusted to him the first thing is to let him start from the R & D department, investigate product quality problems and find solutions. Because at that time there's a lot of product quality has become a bottleneck in the system. Huang Hongsheng means let him first go to the months of R & D, Zhang Xuebin was spent on R & D department went to two weeks time to do a lap investigation.

In June 2001 long before the period of time, Skyworth's R & D by sector of the four groups; Institute of Software, Hardware Institute, Institute of Electronics Research Institute and HD, for each group by a boss. They would each go to the upper reaches of IC companies understand the new technology to the other experimental techniques are being developed to take over. Risks of doing so is either developed and market the products are out of touch, not the market needed products; or found out some products that do no use; or the IC itself is not mature, and blindly follow some of conceptual experimental products, the company invested huge, often for others to experiment, Guer losses.

In addition, the product developed, the R & D no further processes, such as a lack of first test and pilot the process and can not check the product R & D products directly out of production, something has gone wrong and come back again and again affected stability of product quality.

In fact, from June 2001 Skyworth Academia Sinica Lihong An now, was appointed chief scientist, has overall responsibility for research and development, to Zhang Xuebin to set up after the TV business unit during the period before, seems to have set out to find Skyworth solution. But wound up in the Skyworth, the solution has to be developed not just a part of the problem, but the entire business process and organizational structure of the adjustment, so until May 21, 2001 Zhang Xuebin the TV division was established integrated production and marketing research really began, and R & D innovation also will started.

It is said, after an extended stay, Zhang Xuebin first thing to do is to link research and development and sales. R & D personnel at the time of performance evaluation is not a standard, previously viewed not come to work, and whether the overtime was, and how each government department to do, and are more qualitative rather than quantitative indicators.

April 18, 2001 is the Skyworth annual technology conference in the conference relates to the recognition of science and technology R & D personnel, money allocated for the practice of Zhang Xuebin raised a new idea, based on the contribution of corporate profits to consider incentives for R & D personnel, new incentive program will be in accordance with the group who designed the designer of these products ultimately sold in the market to extract the ratio of the number of profit incentives. This new program has been supported by Lihong An Dean, because he started from 2000, tried to effective structural reform, trying to develop into a stable profit center.

"The designer of the technology and market profits bonuses linked to the completion of market-oriented, focus on efficiency change is the foundation of all." Xue-Bin Zhang recalls.

Risk and risk aversion

To open up R & D and market access, while the R & D personnel and market linked incentive mechanism makes R & D R & D project teams from product planning, technical solutions, such as matching production to market through the track in the end, can achieve rapid market reaction, but which also contains certain risks.

This risk is often competitors Skyworth question: This makes a certain product items may be over-dependent on one person or several people, the group's backbone once they left, the project may be paralyzed.

"We have been exploring this problem, and now a lot lower this risk. One is thinking of the design platform, the design of all the basic platform to share, many things are standardized, the second is to strengthen the management of each step completed, the results should be written into a file, people go, the file is still there; third of each project is not a person to do, is a group. in arranging a project consciously arrange replacement, in a project group where two people may or three people doing the same role, but for a different focus. Through these methods avoid the risk that the method from scratch with the end of the current would indeed greatly increase efficiency, researchers would be very concerned about his product, they often go to market see the technology has no problem selling status. "Lihong An said.

Zhang Xuebin said Skyworth Group R & D investment has accounted for sales of 1 / 4, but Skyworth Research Institute has been trying to save costs as much as possible through various channels. For example they will actively participate in national research and development projects, from a subsidy; joint upstream businesses invest in new product development, but also with the development of the joint tube factory dies. When they push "flat Storm" is the time to find manufacturers willing to do joint development of the mold tube. "Because of the high cost of a mold, tube manufacturers will be out some money, thus reducing our risk." Research vice president Zhang Zhihua said.

Skyworth Institute definition of innovation itself has been adjusted, and their principle is innovative but not too much ahead. "We think the year ahead after." Lihong An said, "As long as a year ahead to products, product technology R & D may be a few years to do well, we are likely to become victims of the industry." He felt that combining the actual situation of Skyworth and industrial location, put out the satellite products uneconomical. "Products ahead of 3 months to 6 months is the best time to market, rivals such as large-scale investment, the market matured, Skyworth and then accelerated forward, to obtain high profits."

Today, however, Skyworth is facing greater challenges Academy. In 2004, Skyworth Group, the purpose of the establishment of the Academia Sinica in the hope that they will not only TV division is responsible, but also for the new industrial technology research and development companies. Skyworth has always pursued "with fewer people doing more things," was only about 200 R & D team under enormous pressure. "This year, the pace of product development research institute to reach last year's 1.7 times." One researcher said, "We estimate that during the New Year I am afraid that can not rest."

In fact, Skyworth Institute now finds itself a bit confusing law and order, Gong Ming Town, attracting R & D personnel disadvantage. The Research Institute to meet the Group's 100 billion yuan in 2015 to achieve the scale of need in research and development to make some changes in the layout. Example, need to pay more attention to more sophisticated techniques, but "we are now considering a 3 to 5 years of product, but it does not take into account the product after 10 years; In fact, when conditions permit, we really hope that the Institute of Environment and equipment can be improved. "






Recommended links:



power nas campus network solution EDUCATION



Wizard Timers And Time Synch



New Year's gift wish Beijing won three business awards to



Of! The RELATIONSHIP between SEO and UCD



Pop-up window killer (on)



View from the MIS MIS success or failure of their OWN



AVI to FLV



Bonus OF sight [2]



MPEG To 3GPP



DivX To IPhone



Calm "fixed Monthly Fee," Such As: Put Off Indefinitely



Review Science - Screen Savers



Good Chat And Instant Messaging



3 Accounting in a drama, colorful festival Foshan accounting



BOE Holdings East TPV regulators have not yet Ratified Difficult



News About Trace And Ping Tools



Thursday, September 16, 2010

IDS weaknesses and limitations (2)




1.2.5 Intrusion variant
1.2.5.1 HTTP attack variant
Repeat the directory separator ,'/'' into'//''銆?br />The current directory, '/ cgi-bin/phf''into the' / cgi-bin/./phf''.
Parent directory, '/ cgi-bin/phf''into the' / cgi-bin/xxx/../phf''.
URL encoding, '/ cgi-bin /''becomes'% 2fcgi-bin /''.
Use TAB instead of spaces and other separators.
NULL method, 'GET% 00/cgi-bin/phf''.
GET outside use other methods such as POST.
Change the parameters of the order, add the unwanted parameters.
For IIS, there are the following:
DOS / Win under the directory separator, '/ winnt/system32/cmd.exe''into the' / winntsystem32cmd.exe''.
Case conversion, such as cmd.exe into CMD.EXE.
IIS second decoder, such as cmd.exe into% 2563md.exe,% 25 and then decoded to decode% 63''%'', as''c''.
UNICODE encoding, such as cmd.exe into the% c0% 63md.exe. UNICODE encoding more complex because there are very few NIDS can decode it.

1.2.5.2 Telnet attack variant
Use the backspace key.
Using the Tab key for command padded.
Use Shell to execute attack code.
Using macros.
Add a useless argument.
In fact very difficult to detect those NIDS Telnet to connect to the server through the local after the attack.

1.2.6 TCP / IP protocol limitations
As TCP / IP design did not consider good security, so now IPV4 security is worrying, in addition to the above problems arising due to network structure, there are some limitations below.

1.2.6.1 IP fragmentation
Packet fragmentation, some NIDS can not restructure IP fragmentation, or more than its capacity, you can bypass the NIDS.
A maximum of 8192 IP datagram fragmentation, NIDS performance parameters of a reorganization shall be able to slice the largest number of IP.
NIDS every IP received a new IP datagram fragmentation when the fragment will start a restructuring process, after the reorganization is complete, or timeout (typically 15 seconds of overtime) Close this restructuring process, NIDS performance parameters of a shall simultaneously restructuring the number of IP packets.
An IP datagram maximum 64K, as ready to receive a IP datagram, NIDS will be ready enough memory to accommodate the upcoming follow-up fragments, NIDS performance parameters of a reorganization shall be to the largest IP datagram .
Combining above three parameters, namely, in the time-out time NIDS (for example 15 seconds) while preparing for maximum internal energy (for example, 64K) The number of IP datagram reorganization.
If the NIDS received packets over the limit, NIDS have packet loss, which occurred DoS attacks.

1.2.6.2 IP fragment overlap
IP packet fragmentation in the reorganization of the time, if met, then overlapping fragments, each operating system is not the same approach, for example, some systems will use the first received fragment (Windows and Solaris), some will be adopted after the closing to the slice (BSD and Linux), if the overlapping fragment of data is not the same thing, and NIDS approach is different with the protected host, it will lead to NIDS packet after the reorganization of the protected host and the packet is inconsistent, NIDS to bypass the detection.
For example, TCP or UDP can overlap the destination port, and then penetrate through most firewalls now, and may bypass the NIDS.
You can also overlap TCP flags, so that NIDS can not correctly detect the TCP FIN packet, so that NIDS soon to be able to simultaneously monitor the maximum number of TCP connections; to NIDS can not correctly detect TCP SYN packet, so that NIDS can not detect TCP connection due.

1.2.6.3 TCP segmentation
If the NIDS can not be re-TCP stream, you can bypass the TCP segmentation to NIDS.
Some unusual TCP segmentation will confuse some of NIDS.

1.2.6.4 TCP un-sync
Sent the wrong in the TCP sequence number, send the duplicate serial number, reverse the order to send such, it is possible to bypass the NIDS.

1.2.6.5 OOB
Attacker to send OOB data is protected if the host application can handle OOB, as NIDS can not predict the protected buffer when the host received OOB data in the number of normal, they may bypass the NIDS.
Some systems, when dealing with OOB will be the beginning of a byte of data discarded (such as Linux, the Apache, but IIS is not), then by sending in more than one TCP segment, including options with OOB TCP segment, then NIDS may lead to the data stream after the reorganization of the host and the protected application is inconsistent, and thus bypass the NIDS.

1.2.6.6 T / TCP
If the destination host can handle things TCP (currently very few systems support), an attacker can send transaction TCP, NIDS may not be protected with the host application on the same treatment, which may bypass the NIDS.

1.3 Resource and capacity constraints

The DoS attack against the NIDS 1.3.1.

1.3.1.1 the impact of high flow
Attacker to the protected network to send large amounts of data, more than NIDS processing power is limited, the situation of packet loss will occur, which may lead to acts of omission of the invasion.
NIDS network packet capture capabilities associated with a number of factors. For example, 1500 bytes in each packet case, NIDS will be over 100MB / s of processing power, even to more than 500MB / s of processing power, but if only 50 bytes per packet, 100MB / s of traffic means that 2 million package / s, most of which will exceed the current handling capacity of cards and switches.

1.3.1.2 IP fragmentation attacks
Attacker to the protected network to send a large number of IP fragments (such as TARGA3 attacks), more than NIDS IP fragments can be simultaneously restructuring capacity, leading technology through IP fragmentation attacks omitted.

1.3.1.3 TCP Connect Flooding
Attacker to create or simulate a large number of TCP connections (described by the above method of IP fragment overlap), while more than NIDS to monitor the maximum number of TCP connections, resulting in unnecessary TCP connection can not be monitored.

1.3.1.4 Alert Flooding
Attacker can detect the light of the rules posted on the network, while the attack would deliberately send a large number of alarm caused by NIDS data (such as stick attack), may exceed the speed NIDS to send alarm, resulting in omission, and to network received a large number of alarm, it is difficult to distinguish real attacks.
If you send 100 bytes can generate an alarm, you can generate per second through dial-up 50 police, 10M LAN can produce 10 thousand per second alarm.

1.3.1.5 Log Flooding
The attacker will send large amounts of data caused by NIDS alarms and eventually led to the space NIDS to be depleted Log, Log to delete the previous record.

1.3.2 RAM and hard drive limit
If the NIDS to improving the ability to process the IP fragments and TCP connection monitoring capabilities restructuring, which will require more memory to do the buffer, if the NIDS's memory allocation and management is not good, will the system cost a lot of exceptional circumstances memory, if the start using virtual memory, it will shake the memory may occur.
Hard drive speed is usually far less than the speed of the network, if the alarm system to produce a large number of records to the hard drive, will cost enormous amounts of system capacity, if the system records the original network data, save a large and high-speed network data will require expensive large-capacity RAID.

1.4 NIDS related to the vulnerability of the system
NIDS itself should have very high security, generally used for monitoring the network cards are not IP addresses, and other card will not open any ports. However, associated with the NIDS system may be attacked.

1.4.1 Console host of security vulnerabilities
Some systems have a separate console, if the attacker can control the console to the host computer, you can control the entire NIDS system.

1.4.2 Sensor and the vulnerability of the console communication
If the communication between sensors and the console may be attacked by a successful attack, will affect the normal use of the system. Such as conducting ARP deception or SYN_Flooding.
If the communication between sensors and console explicit communication or simply use encryption, you may be subject to IP spoofing or replay attacks.

1.4.3 and the system alarm and other equipment related to the vulnerability of communications
If an attacker can successfully attack the system alarm and other related equipment, such as mail servers and so on, will affect the alarm message is sent.

2 HIDS weaknesses and limitations

2.1 Resource constraints
As HIDS installed on protected hosts, so the resources can not be too much occupied, thus limiting the detection method used and the processing performance.

2.2 operating system limitations
Unlike NIDS, manufacturers can customize their own operating system, a sufficient security to ensure their own security NIDS, HIDS where the security of the host operating system under its security restrictions, if the host system is compromised, HIDS will soon be cleared. If the HIDS as stand-alone, it is basically not successful attack can only be detected if the HIDS for the sensor / control panel structure, will be faced with the same NIDS attack on the related systems.
Some HIDS will consider increasing the security of the operating system itself (such as LIDS).

2.3 System log limit
HIDS will monitor the system log to discover through the suspicious behavior, but some procedures are not sufficiently detailed system logs, or no logs. Some of the invasion would not in itself be a system log of the proceedings recorded.
If the system does not install third-party logging system, the system's own log system will soon be intruders or modified, and intrusion detection systems typically do not support third-party logging systems.
If there is no real-time inspection system HIDS log, then use automated tools to attack will be entirely possible to complete the inspection interval and clear of all the attack works in the system log traces.

2.4 The core of the system was modified to fool the paper check
If an intruder to modify the system core, you can fool a tool based on file consistency check. It's like the beginning of certain viruses, when they think that by the time of inspection or to track the original documents or data will be available to the inspection tool or tracking tool.

Detection limit of 2.5 Network
Some HIDS can check the network status, but will face many problems facing the NIDS.







相关链接:



VIDEO conversion software



Health wine listed first off over five



ADO programming in the Definition of the problem encountered by ATL



ps3 Mov



MicroStrategy to SUPPORT Apple? IPhone?



F4V to flv



Effects Authorware word album (2)



Comment Password Managers



Competitive Strategy: Legal spying



best video format



MMS can REPLACE SMS?



Lack of experience quit difficult to do adjust ATTITUDE



XTools provoke the industry division of advertising on CCTV



REVIEWS Trace And Ping Tools



Semiconductor India vied with New Deal