Discussion in 'Windows Desktop Systems' started by Tuffgong4, Aug 11, 2004.
why is there a modded version of this file for sp2 going around all over the internet?
SP2 limits the number of concurrent network connections that can be made. It's a security feature to prevent the spread of worms. People claim that this new change has the side-effect of slowing down or stopping P2P transfers (since P2P apps also open up multiple concurrent connections) and causing error messages to be generated in the Event Log.
I'm not so sure that's true though, since I personally haven't noticed any slowdowns with BitTorrent after installing SP2. Other P2P apps may be affected...I'm not sure since I don't use anything else, but it could also be unnecessary rumors caused by a widespread placebo effect. According to a quote I saw somewhere, SP2 only limits the number of unsuccessful concurrent connections made. If that is the case, I don't really see how it would adversely affect anything.
Personally, I'm not messing with the new TCP stack. Microsoft made the changes for a reason, and since I haven't had a problem with BitTorrent, I see no need to patch the file.
ok cool...just wondering
While on the topic...has anyone here actually experienced problems while using P2P software, specifically after installing SP2?
I haven't run SP2 on my main system yet but the P2P program that will likely notice this the most would be eDonkey2000/Overnet and the clones.
Right now I lack the time to install SP2 and worry about conflicts and then resolve them. I'll let other people do the testing and probably wait until the end of the month.
so far bittorrent has been fine...that's really the only one that I use so I don't know anything else
I'm still using k-lite at the moment until I get a newer system (too lazy to get away from k-lite) but I haven't noticed any problems with it, actually, it seems to work better.
Peer to peer and XP service pack 2
A quick note for peer to peer users.
XP service pack two (and I think a previous security update) has altered the way TCP/IP works with multiple connections especially “half open connections” values.
This could seriously affect the transfer speeds of these systems over the internet. There is a patch (non official for TCPIP.SYS) that I applied some time ago but having yesterday been updated to service pack two the file was overwritten again.
I think it was a German site and if mod’s agree will post the Link if I can remember where it is. As I have not tried it with the new TCPIP.SYS caution is required.
XP antispy 3.81 can I think still allow 10 connections.
Ten connections is not enough for PTP, needs to about forty to fifty when timeouts are taken into account.
Again, please do not apply this unofficial patch unless you are experiencing any problems with P2P apps yourself. By doing so, you are circumventing an important security enhancement that MS put into place in SP2, and you wouldn't want to do this unless it's absolutely necessary.
I use eDonkey and WinMX mostly, and haven't noticed any slowdown yet, but I will make an effort to pay closer attention and post if I notice any change/slowdown. DL'd a 50 meg file pretty quick this afternoon, but haven't tried anything really big lately.
Using BT and emule.... no problems at all. I believe it only puts a limit on unsuccesfull connection attempts. I checked one of the XP logs, and it said the limit was reached a couple of times (System log in computer managerment) but have not noticed any fall off in speeds. (YET ???)
Below is taken from the MS site following error report in TCP/IP reaching its limit.
"TCP/IP has reached the security limit imposed on the number of concurrent (incomplete) TCP connect attempts."
The TCP/IP stack in Windows XP with Service Pack 2 (SP2) installed limits the number of concurrent, incomplete outbound TCP connection attempts. When the limit is reached, subsequent connection attempts are put in a queue and resolved at a fixed rate so that there are only a limited number of connections in the incomplete state. During normal operation, when programs are connecting to available hosts at valid IP addresses, no limit is imposed on the number of connections in the incomplete state. When the number of incomplete connections exceeds the limit, for example, as a result of programs connecting to IP addresses that are not valid, connection-rate limitations are invoked, and this event is logged.
Establishing connection–rate limitations helps to limit the speed at which malicious programs, such as viruses and worms, spread to uninfected computers. Malicious programs often attempt to reach uninfected computers by opening simultaneous connections to random IP addresses. Most of these random addresses result in failed connections, so a burst of such activity on a computer is a signal that it may have been infected by a malicious program.
Connection-rate limitations may cause certain security tools, such as port scanners, to run more slowly."
Thank you for the quote, Dennis. I hope that helps people to understand the issue better.
Agreed. Helps kill all the incorrectness, and people that shouldn't, doing away with security features.
Well I am using bittorrent to download a commercial I saw advertised here and well it's downloading at 50k which is near the fastest I can get. hey gone to 53 k now
I find it highly ironic that the users of P2P apps are going to disable the security feature that would help slow the spread of viruses. And they are the most likely to get them, by downloading stuff via P2P.
It is my understanding that peer-to peer connections using some common programmes already mentioned by others are being “filtered” by certain ISP providers. Here in the UK BT has placed filters on certain ports (4661 being an example) to limit traffic on these peer-to-peer networks. Some of these providers, e-mule for instance have, as a result, blacklisted the ISP’s concerned.
Of course there are ways around this but not for the normal user who will now notice that over the coming months all peer-to-peer systems will slow down considerably as ISP’s conform to Microsoft’s domination or view of the Internet in the guise of stopping either piracy or illegal downloading. This is all done under the same banner or political interference by making it look like a large enhancement for the large cooperates who suffer the most by viral attacks and Trojan’s, music downloads etc. They want to control the internet now as a business tool (toll) and with the added impetus imparted so timely by alleged terrorist activity using the web as their communication tool of choice, will succeed.
Backbone internet providers in the entire western hemisphere are all bending to the pressure. Microsoft of course is at the forefront as it’s not in the same league as some of these countries or even organisations; they will do just what they are told in order to survive. It’s all money from here in.
I love a good conspiracy but I don't think patching XP tcpip so that it can't connect to a million computers is one. Would be no different than an ISP stopping a home user from sending a million emails a day ... what possible reason could they have for such a thing other then being a zombie box?
Also it's true that some ISP's are blocking/throttling P2P traffic. Looking at it from there point of view though, P2P causes many customer complaints from lack of speed (cuz the kid next door is sucking everyones BW so he can grab pr0n all day and night) forcing them to shell out $ to upgrade, to people that actually call there ISP looking for customer support on how to set program X up. </rant>
Agree with both points.