TCP/IP has reached the security limit imposed on the number of concurrent TCP...

Status
Not open for further replies.
P

poorman

In Runtime
Messages
207
Here is what is going on:
I have to machines a Compaq and HP. In my Compaq I have two network cards. One is connected to my router which is connected to a cable modem. The other is connected to my HP. I have bridged the two network connections together with Windows XP Mac bridge miniport, so both computers can share the internet.
On my Compaq I open the event viewer and at least 3 -5 times a day I get this:

Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 4/29/2006
Time: 11:15:43 AM
User: N/A
Computer: BRETT-1
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........


Now I check my HP's event view logs, never gotten it once. My HP runs a shoutcast server that never gets any listeners and thats about it. My compaq runs normal internet operations.

It's impossible to recreate these warnings as they happen at random but at times when I'm sure I was at the computers.
My question, could using the network bridge cause it to reach its tcp/ip limit faster than a single network connection?
 
It sounds like something is restricting the number of SYN packets you can send to per second. Most likely windows has something built in to restrict it and prevent SYN flood attacks.

Basically with TCP when you connect to a server you send a SYN (synchronise)request. The server then replies with as SYN_ACK. Once you receive the SYN_ACK your connection then moves into the ESTABLISHED state. Before this the connection is not established. Windows by the looks of it is restricting the number of connection requests that you can make per second to avoid potentially SYN flooding the server you are connecting to.

Possible causes for this vary, perhaps you have some badly written software or perhaps a portscanner you use. However the most common cause of this is web browsers simply making too many requests to a webserver. If using Opera go into the properties and make sure it is not set too high. If using firefox type about:config and see if http pipelining is enabled. If so check that it is set to a sensible value also.
 
Thanks for the response! In firefox there is network.http.proxy.pipelining and network.http.pipelining both with a false value. And network.http.pipelining.maxrequests is set at 4. Should I enable pipelining? What exactly is its function? Thanks a lot.
 
poorman said:
Thanks for the response! In firefox there is network.http.proxy.pipelining and network.http.pipelining both with a false value. And network.http.pipelining.maxrequests is set at 4. Should I enable pipelining? What exactly is its function? Thanks a lot.
Click to expand...
http pipelining enables you to make multiple requests to a webserver. It'll speed up the loading of websites if you set it up sensibly read my tutorial on www.tinternet.org.uk for more info.

However, this means that firefox is not the one causing the problem. Unless you are finding problems you might be alright to leave it, however if you can match the time the log says to what application you were using at that time obviously you'll have more chance of finding what application is causing the problem.

i wouldnt worry too much about it, however deffinately make sure you run a virus checker, you dont want to find you have a trojan sitting on your computer attempting taking part in a DOS attack SYN flooding servers.
 
It would make sense that it was firefox but I guess not. I'm going to keep a real close eye on the logs and see. I havn't full scaned my machine in a while so I'll do that too. Your site has some good info on it.
Thanks a lot.
Brett
 
Status
Not open for further replies.

Similar threads

S
Understanding LM and things to do after installation of 19.3 .
Replies
0
Views
1K
Spud1200
S
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
I
I Desperately Need Some Help.
Replies
1
Views
1K
PP Mguire
PP Mguire
C
Hello + Network attacks-HELP me plz
Replies
2
Views
2K
MidnightShadow
MidnightShadow
S
Strong Security for the Paranoid. Somethings I have picked up on.
Replies
2
Views
2K
carnageX
carnageX
Back
Top Bottom