This isn't so much a "tweak" per se as it is a mention of the fact that with SP2 comes support for version 6 of the Internet Protocol (IPv6). Those of you running (or wishing to run) IPv6-compatible networks can now install the protocol by clicking "Install
" in the properties dialog for the specified connection.
Limited TCP/IP Connections
After installing SP2, a few users noticed that they were getting messages such as "EventID 4226: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts." This is because, in an effort to reduce the spread of worms through XP, Microsoft has reduced the number of concurrent TCP connections allowed. The reasoning for this is explained by this quote from a Microsoft employee (thanks to http://www.warp2search.net);
"This new feature is one of the stack's "springboards", security features designed to proactively reduce the future threat from attacks like Blaster and Sasser that typically spread by opening connections to random addresses. In fact, if this feature had already been deployed, Sasser would have taken much longer to spread.
It's not likely to help stop the spread of spam unless spammers are trying to reach open email relays in the same way, by opening connections on smtp ports of random IP addresses. This is new with XP SP2 and we're trying to get it right so that it does not interfere with normal system operation or performance of normal, legitimate applications, but does slow the spread of viral code. New connection attempts over the limit for half-open connections get queued and worked off at a certain (limited rate)."
While this goal is a commendable one, it may prove to be a problem for users with many TCP connections - especially those using file-sharing programs. You can change the setting which controls this maximum limit with the Registry Editor. Open the Editor by going to Start } Run
and typing 'regedit
'. Once opened, navigate to
Here, there should be a DWORD value named "TcpNumConnections" - if not, create one, and set it's value depending on the number of connections you want. "0xfffffe" is the value used for unlimited connections, although you may want to set the number far lower if you wish to preserve Microsoft's original intent of slowing the spread of worms. I would recommend incrementing the number slightly (remember the value is hexadecimal) and seeing if you still experience a "maximum connections reached" error before bumping the value up any more.
If you don't find the "TcpNumConnections" value in the "\Parameters" folder, you should check all of the folders in the "\Parameters\Interfaces" folder for the value as well.
If you're still experiencing problems with 4226 error messages popping up, you can try a patch (at your own risk), downloadable here:
The 5th Dimension
Well...not quite. This is a tweak I've only seen floating about since the release of SP2, but I don't see why it wouldn't work with previous releases of XP. Basically, there's an additional "zone" built in to Internet Explorer's Internet Options > Security Tab, apart from the default "Internet", "Local intranet", "Trusted Sites" and "Restricted Sites". This extra zone is "My Computer" - basically allowing you to set security restrictions for your own system.
The actual usefulness of this I'm not too sure on, but if you want to give it a while, open regedit and navigate to:
Then simply alter the key called "Flags" to "1", as below. After a restart, you'll be able to access the "My Computer" zone.
How much to upgrade to x64 Edition?