[general] SP2 Tweak 2 get rid of TCP/IP limit


Recommended Posts

Limiting HALF OPEN connections, known as SYN for those who have any idea what is going on, doesn't make it any better.

This is mostly an attempt at stopping SYN scanning techniques which has evaded firewalls for a very long time.

Do you really think that limiting the Half Open connections will do anything beneficial? Why not leave it alone completely, as it should be? Why add the overhead of having to queue pending connection attempts because the current application is using its SP2 alloted quota of 10 current connections? That will give the system MORE things to handle, more memory usage, and slower speeds handling it! And for what? To SLOW DOWN worms? To SLOW DOWN SYN scanners? Do you seriously think its worth that? Not only that but it effects filesharing applications. Do you think its worth it?

If you answered yes feel free to hang up your brain and balls and proceed to the exit marked "AOL+Microsoft love at last".

Wow, rampant ignorance all over the place on this. This will in no way hinder filesharing that's configured properly. The limit is on INCOMPLETE connections, so now with this patch you have 50 incomplete connections at a time instead of 10. Congradulations? It only slows down/blocks connections that would not be completed anyway. It does not prevent you from doing anything at all. I see this change as immensely beneficial and will cause any new worms/trojans to spread far more slowly or not at all. Disabling this protection makes all of us less secure in the future. There is NO GOOD REASON for the avg person to be installing this hack. Ever.

Also, installing a 3rd party hack over something important as tcpip.sys is a really stupid idea that could open you up to vulnerabilities in the future. But you can have as many failed connections as you want though, right?

Since a large torrent takes a good 5 minutes to get all the connections going, I don't see how a delay will affect anything at all. A slowdown must be due to some other bug. I have yet to see anyone post:

Yay, I applied the patch and everything is faster. Microsoft is the suck!

Besides all the torrent clients I've used have connection limits. If there is an issue, it's up to the client authors to work around it. Does anyone really think that Microsoft can implement a one shot kill to P2P sharing?

From what i tested on my computer. I found out that some p2p apps aren't affected and some are.

Not affected

Kazaa Lite

Kazaa

Bittorrent clients

DirectConnect

Affected

Gnutella, Gnutella 2 based clients

Edonkey, Overnet, Emule clients

Ares, Warez P2P

It's interesting to see everyone arguing over the TCP/IP limit fix. Some of you say it does affect speed and file sharing, while others say it doesn't affect it at all.

Well, when I was using file sharing, I received really slow connections as soon as I switched to SP2. Also, when I was running these programs and used Internet Explorer, IE's speed was EXTREMELY slow. So I decided to apply this TCPIP.SYS patch for the hell of it and see if it worked. Well folks, it did. My file sharing proggies run as fast as they did on SP1 and I can use IE and file sharing at the same time without any slowdowns.

So if people on here are saying that applying the patch doesn't really fix anything, then why did it work for me? :blink:

My ED2K speeds are again as fast as they were while using SP1. The speeds were at a crawl before installing this patch.

Does the automated patch set the concurrent number of connections to 50 or unlimited, and where did you get it?

PS "You can overcome this by modifying the registry," -Where in the registry?

Edited by shatter_my_spinal_cord

God, I hate it when people do this. You don't like limits...even when they're practical?

Their motivation? To stop (1) Port scanning (2)DoS attacks (3)(just a guess) to hurt P2P file sharing and thats bad.

Ok... So we've proven that #3 is bull****. So I guess this patch is just helping people do portscans and DoS attacks. Yeah, go on, keep patching...

...idiots...

God, I hate it when people do this. You don't like limits...even when they're practical?

Ok... So we've proven that #3 is bull****. So I guess this patch is just helping people do portscans and DoS attacks. Yeah, go on, keep patching...

...idiots...

Ok, for those of us that DO have antivirus installed and running realtime, and DO have a firewall in place, and in some cases, more than one, and DO decide to use this patch because it simply puts the TCP/IP stack back to the way it was in vanilla XP and SP1...are we still idiots?

:rolleyes:

Ok, for those of us that DO have antivirus installed and running realtime, and DO have a firewall in place, and in some cases, more than one, and DO decide to use this patch because it simply puts the TCP/IP stack back to the way it was in  vanilla XP and SP1...are we still idiots?

:rolleyes:

That is what I have been arguing in another post.

https://www.neowin.net/forum/index.php?showtopic=204016&st=15

Ok, for those of us that DO have antivirus installed and running realtime, and DO have a firewall in place, and in some cases, more than one, and DO decide to use this patch because it simply puts the TCP/IP stack back to the way it was in vanilla XP and SP1...are we still idiots?

Yes, unless you're somehow under the impression that having the TCP/IP stack back the way it was in vanilla XP and SP1 made them the pinnacle of security... :rolleyes:

And BTW, running two firewalls is like wearing two condoms, its stupid and may hinder more than help you.

And is it just me, or have the mods deleted fully 2/3rds of your total posts?

Yes, unless you're somehow under the impression that having the TCP/IP stack back the way it was in vanilla XP and SP1 made them the pinnacle of security... :rolleyes:

And BTW, running two firewalls is like wearing two condoms, its stupid and may hinder more than help you.

And is it just me, or have the mods deleted fully 2/3rds of your total posts?

Not the pinnacle of security, but I don't like the restriction if I don't feel it's neccesary. I threw the patched file into my slipstream disc and install it from there. Big deal.

And BTW, I have XP's firewall running and these PCs are sitting behind a WiFi firewall/router. So it's not "hindering" anything. Notice I didn't specify two *software* firewalls, but way to assume.

Sorry, I don't need a high post count to know an idiot when I see one, trust me. If you want to patch, go ahead. If not, don't. I just don't understand why you're bitching and moaning about something such as this. Chances are, if someone has the knowledge level required to even understand what this patch is for or fixes, they are probably "safe" enough to take care of themselves and aren't the ones Microsoft is probably worrying about.

But I'll let you get back to knowing everything. Don't strain yourself too much.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.