XPSP2 will limit your max. connections/sec

By OptiPlex
in Back Page News

 Share

Recommended Posts

Grand Master

OptiPlex

Posted
Posted (edited)

http://www.warp2search.net/modules.php?nam...ticle&sid=19021

Hi

Just found this in my event-log after starting emule:

"EventID 4226

TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts"

This is what I get from a M$-Guy when i asked him why XPSP2 slows down programs like emule which open many connections to different destinations:

"Thanks very much for responding. This new feature is one of the stack's

"springboards", security features designed to proactively reduce the

future threat from attacks like blaster and Sasser that typically spread

by opening connections to random addresses. In fact, if this feature had

already been deployed, Sasser would have taken much longer to spread.

It's not likely to help stop the spread of spam unless spammers are

trying to reach open email relays in the same way, by opening

connections on smtp ports of random IP addresses.

This is new with XP SP2 and we're trying to get it right so that it does

not interfere with normal system operation or performance of normal,

legitimate applications, but does slow the spread of viral code. New

connection attempts over the limit for half-open connections get queued

and worked off at a certain (limited rate)."

Possible fix:

http://bink.nu/DesktopModules/ArticleDetai...?ArticleID=2208

Edited by OptiPlex
Mentor

MipScript

Posted
Posted

They should add an on/off service for sertain programs like they do with the Port Access in the firewall settings, this is a good feature if they impliment it correctly. No doubt Worms like Blaster and Sasser in the future will attack this part of SP2 and deactivate it though

Grand Master

OptiPlex

Posted
  • Author
Posted

We'll see what happens when SP2 is finalized and released. :yes:

No doubt Worms like Blaster and Sasser in the future will attack this part of SP2 and deactivate it though

yea, Microsoft needs to do a lot of work on this part. Maybe make the setting adjustable only during windows setup/sysprep mode ...

The user would definitely know something is wrong when their computer is going back to setup mode :rofl:

Mentor

Raven

Posted
Posted
You all complain you want better security now you get it you compalin again :rolleyes:

Restricting my activities on the net is NOT better security. Follow that chain of thought and M$ could just limit us to one connection and a bandwidth of 10k. That will stop the spammers and the worm people.... but we suffer. If M$ hadn't built crap-code to begin with we wouldn't be in the mess.

Veteran

Jason

Posted
Posted
Restricting my activities on the net is NOT better security. Follow that chain of thought and M$ could just limit us to one connection and a bandwidth of 10k. That will stop the spammers and the worm people.... but we suffer. If M$ hadn't built crap-code to begin with we wouldn't be in the mess.

Security was never going to make using the PC easier.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.