Step-by-step guide: Hack to speed up security scans

Security scans taking a long time? Starting with Windows XP SP2, Microsoft put a limitation on TCP connections. Improve your security scan speed by using a tcpip.sys hack.

Have you ever wondered how you can squeeze an extra 10 to 15 minutes out of each month or several hours out of each year when performing your security scans? Well, if you use Windows XP for security testing, there's a hack that just might buy you this time.

Starting with Windows XP SP2 (and Windows Server 2003 SP1 beta as well), Microsoft throttles the concurrent outbound half-open TCP connections per second -- apparently in the name of security. Pre-Windows XP SP2 systems allowed basically unlimited simultaneous outbound TCP connections, but with this new "enhancement," only 10 of those connections per second are allowed. This may be suitable for regular Windows users, but it hampers us security folks who use programs that open multiple TCP connections simultaneously, such as port scanners and vulnerability assessment tools.

Hack to speed up security scans

 Home: Introduction
 Step 1: Understanding the limitation
 Step 2: Making the changes
 Step 3: Be forewarned

Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC. He has more than 17 years of experience in IT and specializes in performing information security assessments. Beaver has written five books, including Hacking For Dummies (John Wiley & Sons, Inc.), the brand new Hacking Wireless Networks For Dummies and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach Publications). He can be reached at [email protected].
Copyright 2005 TechTarget

Read more on IT risk management