Step 2: Making the changes

Security scans taking a long time? Starting with Windows XP SP2, Microsoft put a limitation on TCP connections. Improve your security scan speed by using a tcpip.sys hack.

If you don't want this Microsoft-imposed limitation on your TCP/IP stack, all you have to do is run Event ID 4226 Patcher's executable EvID4226Patch.exe. It's as simple as downloading it, unzipping it and running it as shown in Figure 1.

Figure 1. Simply download, unzip and run Event ID 4226 Patcher.

When running this program, you'll notice the default setting for maximum connections is 10. The program will prompt you to change it to 50. You have to press "Y" to proceed and "Y" again to have it rename tcpip.sys until the patching process is complete. Windows File Protection will likely throw up a warning about files being replaced by unrecognized versions, but you can simply click Cancel and ignore the message.

During the patching process, you can also press "C" to change the maximum concurrent connections to anywhere from 10 to 16,777,214. Go with the default of 50 first and see how that works for starters. Just keep an eye on your system log for 4226 warnings. I've recently experienced these warnings in my system log, so I'll likely be bumping up my setting. Just be careful, since raising it too high may cause problems with your local system or the systems you're testing.

Hack to speed up security scans

 Home: Introduction
 Step 1: Understanding the limitation
 Step 2: Making the changes
 Step 3: Be forewarned

Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC. He has more than 17 years of experience in IT and specializes in performing information security assessments. Beaver has written five books, including Hacking For Dummies (John Wiley & Sons, Inc.), the brand new Hacking Wireless Networks For Dummies and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach Publications). He can be reached at [email protected].
Copyright 2005 TechTarget

Read more on IT risk management