Skip to content

October 4, 2008

Windows Xp and ports

http://www.angryziber.com/w/FAQ:_Crippled_Windows:

However, especially on Windows platforms, the problem can also be caused by TCP connection rate limiting.

Starting from Windows XP SP2 (and on through Vista), Microsoft has crippled down consumer versions of Windows, officially in order to limit the possibilities of insecure Windows machines to act as hosts for Internet attacks executed by worms and trojans. Unfortunately, these changes also made non-server editions of Windows a lot less capable for doing network administrations tasks, such as scanning.

Windows implementation of TCP connection attempt rate limiting limits the number of simultaneous connection attempts to 10 on XP SP2 or 2 to 25, depending on the edition of Vista. The previous limit was over 65,000. You can check if you reach this limit by examining the Event Log after scanning: look for the Event ID 4226, which corresponds to this problem.

For scanning purposes, that means you can have at most this number of scanning threads if you want to get reliable results. The number of scanning threads affects the maximum number of hosts scanned simultaneously and therefore the maximum number of connections made at each moment.

Good to know.

Related Posts:

Read more from Uncategorized, Windows

Share your thoughts, post a comment.

You must be logged in to post a comment.

Traction Theme by The Theme Foundry

Copyright © 2010 Magnus. All rights reserved.

Bad Behavior has blocked 20 access attempts in the last 7 days.