Windows xp tcp patch
Увеличение количества одновременных TCP/IP соединений
После установки новых ServicePack’ов для Windows XP различные программы для p2p-сетей типа eMule или uTorrent начинают дико тормозить. Это связано с тем, что количество активных соединений в сетевом драйвере TCPIP.SYS после установки ServicePack’ов принудительно ограничивается до 10. Даже на самодельных пропатченных сборках Windows с увеличенным количеством соединений такая проблема может возникнуть, если будет скачано и установлено обновление KB951748, заменяющее драйвер TCPIP.SYS на новый с прежним количеством соединений. По неофициальной информации такое ограничение введено с целью замедления распространения сетевых червей. Не исключено, что этот драйвер будет заменяться и с какими-нибудь другими очередными обновлениями. Для изменения количества соединений рекомендую воспользоваться утилитой Intelligent TCPIP.SYS patcher от немецкого программиста LvlLord. Последняя версия утилиты 2.23d от 2005 года. Пользоваться ей очень легко. Сразу после запуска вам будет показано текущее количество одновременных подключений, установленных в системе.
Нажмите кнопку «C», введите желаемое количество соединений. Если количество будет более 100, то программа выдаст предупреждение, подтвердите выбранное количество кнопкой «Y».
После этого патч внесет все необходимые изменения в файлы. Если система выдаст предупреждение, что системные файлы изменены, то в окне предупреждения нажмите «Отмена», а затем «Да» на запрос сохранения изменившихся файлов. Изменения вступят в силу сразу после перезагрузки Windows. На всякий случай прикладываю последнюю версию утилиты:
Intelligent TCPIP.SYS patcher 2.23d
Update. В комментариях подсказали еще две аналогичные программы для изменения количества соединений. Первая — Windows Half-open limit fix отечественного производства.
Работает со всеми современными системами, включая Windows Vista 32/64 и бета-версии Windows 7. Удобный многоязычный интерфейс, в том числе и на русском языке. На офсайте вы можете найти подробное описание программы и ответы на часто возникающие вопросы. Скачать Windows Half-open limit fix можно там же, самая новая версия на сегодняшний день 3.6 от февраля 2009 года.
Вторая программа — хорошо известный вам твикер xp-AntiSpy. В сервисных опциях у него также есть функция изменения количества соединений.
Последнюю русифицированную версию xp-AntiSpy 3.97 от 2008 года можно скачать с офсайта или из прикрепленного файла. Версии на других языках ищите на странице загрузки.
xp-AntiSpy 3.97 (русифицированная версия)
Update. Нашел еще одну программу для изменения количества подключений — TCP-Z, последняя версия 2.6.0.66, работает на всех системах до Windows 7 включительно. Кроме патча файла tcpip.sys может выполнять патч драйвера в оперативной памяти. Поэтому если пропатчить файл и данные в памяти, то не понадобится перезагрузка для вступления изменений в силу. Скачать программу и русификатор можно с офсайта. Готовую сборку для x86 с русификатором можно скачать из прикрепленного файла.
TCP-Z v2.6.0.66
Update. Для очень продвинутых специалистов. В следующем приложении текстовый файлик с дизассемблерным листингом файлов srvsvc.dll и srv.sys. В нем отмечены места для патча в целях снятия ограничений LanConnections в Windows XP Home и Windows XP Pro. Информация взята с уже закрытого сайта antiwpa.tk. Готовых патчей нет, только теоретическая выкладка, так что придется вносить нужные изменения в файлы вручную.
Windows LanServer Connection Limit patch
TCP/IP патч (tcpip.sys) для Windows XP SP2 (x86) & Vista SP1 32/64 бита
Пол:
 |
12-Май-2008 17:37
TCP/IP патч (tcpip.sys) для Windows XP SP2 (x86)
Версия в раздаче: EventID 4226 Patcher Version 2.23d (english)
Последняя версия: v2.23d — 2005-05-01
Операционная система: Win
После установки обновления SP2 Windows XP, в файле tcpip.sys находящийся в папке c:\windows\system32\drivers Мелкософт лимитирует количество соединений на 10! Якобы таким образом улучшая нашу безопасность — но на самом деле главная их цель «убить P2P» сети.
Выход оказался прост — изменить это ограничение в большую сторону и всё станет на свои места, как было раньше. Исправить это ограничение, изменив реестр не получится, нужно пропатчить TCPIP.SYS, так как в нём зашито это ограничение.
Увеличиваем этим патчером число соединений с 10 до 512 , после этого Windows XP SP2 должна перестать ругаться на LanScope в Журнале событии и программа работает корректно (при тех настройках, что идут по умолчанию с программой).
Итак, запускаем EvID4226Patch.exe, может выскочить окно и просить дитрибутив — жмём отмена .
– Build of safety copy: 5.1.2600.2892
Found limit position: 0x4F7C6
– Build of safety copy: 5.1.2600.2892
Found limit position: 0x4F7C6
tcpip.zip (440,92 KB, Скачано: 4739 раз)
Пол:
 |
12-Май-2008 19:21 (спустя 1 час 44 минуты)
Все патчи тут (внешний траф). Настоятельно рекомендую мониторить. Ибо вещь, безусловно полезная.
Windows XP SP2 tcpip.sys connection limit patch
In addition to the tweaks already covered in Win 2k/XP Registry Tweaks and More Win 2k/XP Tweaks, the Windows XP Service Pack 2 introduces a few new issues covered in the article below. Please make sure you understand what you are doing before making any changes to your Operating System. Note the information below only applies to Windows XP Service Pack 2.
Remove the limit on TCP connection attempts
Windws XP SP2 introduces a few new twists to TCP/IP in order to babysit users and «reduce the threat» of worms spreading fast without control. In one such attempt, the devs seem to have limited the number of possible TCP connection attempts per second to 10 (from unlimited in SP1). This argumentative feature can possibly affect server and P2P programs that need to open many outbound connections at the same time.
Rant: The forward thinking of Microsoft developers here is that you can only infect 10 new systems per second via TCP/IP . If you also consider that each of those infected computers will infect 10 others at the same rate:
second 1: 1+10 computers
second 2: 10+10*10 computers (110 new ones)
second 3: 10+100*10 computers ( 1110 new ones)
second 4: 10+1000*10 computers (11110 new ones)
.
all the way to 10*60 + 10^60 computers in a single minute (that’s a number with 60 digits, or it would far exceed Earth’s population). Even if we consider that 90% of those computers are unreachable/protected, one would still reach ALL of them within a minute.
In other words, even though it is not going to stop worm spreading, it’s going to delay it a few seconds, limit possible network congestion a bit, and limit the use of your PC to 10 connection attempts per second in the process ! I have no problem with the new default setting limiting outbound connection attempts. Still, users should have the option to easily disable or change this setting. I might be going out on a limb here, but ever since the introduction of Windows XP I can’t help thinking that I dislike all the bult-in Windows «wisardry» in a sense that the system also limits user access. That irritating trend to ease the mental load on end users is somewhat insulting, considering that Windows is to make the more «intelligent» choice instead of the end user, as well as limit their access to tuning such settings.
End of rant.
With the new implementation, if a P2P or some other network program attempts to connect to 100 sites at once, it would only be able to connect to 10 per second, so it would take it 10 seconds to reach all 100. In addition, even though the setting was registry editable in XP SP1, it is now only possible to edit by changing it directly in the system file tcpip.sys. To make matters worse, that file is in use, so you also need to be in Safe mode in order to edit it.
You only need to worry about the number of connection attempts per second if you have noticed a slowdown in network programs requiring a number of connections opened at once. You can check if you’re hitting this limit from the Event Viewer, under System — look for TCP/IP Warnings saying: «TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts». Keep in mind this is a cap only on incomplete outbound connect attempts per second, not total connections. Still, running servers and P2P programs can definitely be affected by this new limitation. Use the fix as you see fit.
To change or remove the limit, you can use the following program:
Event ID 4226 Patcher — A patching program for removing or changing the limit imposed on connection attempts in SP2. The patcher has the ability to restore tcpip.sys back to the original. Still, you might want to back up tcpip.sys, use it at your own risk. The author of this patch can be reached @ http://www.lvllord.de/
Edit tcpip.sys manually to remove the TCP/IP socket creation limit
Another option, for the more adventurous is to modify your tcpip.sys file manually, using a hex editor. The following instructions refer to the final release of XP SP2, with a tcpip.sys file of exactly 359,040 bytes, CRC-32 is 8042A9FB, and MD5 is 9F4B36614A0FC234525BA224957DE55C. Even thouh there might be multiple tcpip.sys files in your system, make sure to work with the one in c:\windows\system32\drives\ directory.
To remove the tcpip.sys socket creation limit:
— Backup your original tcpip.sys file before editing please, this is somewhat important !
— In your hex editor, go to offset 4F322 hex (or 324386 decimal).
— Change 0a 00 00 00 to 00 00 0a 00
All done ! The above change does not require editing of the CRC in offset 130 hex (thanks for the clever solution Thomas Wolf Tompkins).
Notes:
If any of the data above does not match exactly (crc, file size, md5, or the data at offset 4F322) please double-check what you are doing, or abort completely.
The above information increases the RATE of opening outgoing connections. It has nothing to do with the limit of 10 connections to network shares on a Windows workstation PC for sharing files (a MS imposed limit to force you to upgrade to a server version of the OS). This 10 connections to network shares limit was introduced with NT4 workstation (SP3), and exists in Windows 2k workstation, and Windows XP home/pro/mc. It only applies to authenticated windows services, such as file and print sharing.
For a Vista version of the above tweak, see our Windows Vista tcpip.sys connection limit patck for Event ID 4226 article.
!! Caution: The offset described in manually setting the value is not the same as the offset detected by the latest version of lvllord’s «Event ID 4226 Patcher». I believe this is due to security patches released from Microsoft since the original version of SP2 was released.
BTW, thanks for the useful article. Normally, I like knowing what tools like these are doing under the covers, especially when they don’t come from the manufacturer, themselves.
I attempted to download the (ENGLISH version) of the Event ID 4226 Patcher and NOD32 antivirus found it to be the (Win32/Tool.EvID4226) virus. I also tried downloading the (GERMAN version) and no virus was found. Anyone know why?
Could it have something to do with the fact my system is english operated which, would mean that NOD32 antivirus reads in english?
Also, for those using Norton Antivirus, try running NOD32 on your system, for it found viruses on mine that Norton couldn’t/didn’t.
This Patch Seems to set the setting to 50, but doesn’t solve the problem. I have about 20 Computers on the network in a workgroup enviroment. I want all 20 computer to be able to access one computer for Files. Once ten computers are accessing files on this main computer the 11th one gets a error saying the limit of connections has been reached?? After putting the patch on and it not working for me, I thought I would run the patch again to unistall it. The things when I did that it asked if I was shur I wanted to change my limit from 50 back to 10. So I don’t get why it didn’t work for me when it is saying the Limit is 50??
Anyway any Help would be Great Thanks.
Because you are discussing two different things. Your problem is to do with the numbers of simulatneous network connections that a 2K or XP PC can make. This inlcudes any networked items you are connected to such as networked printers. The limit is to prevent 2K and XP being used as servers. Once one of the connections is finished with then you can connect to another as long as the total is ten or less.
This patch on the other hand is to do with the number of connection attempts allowed in any unit time, i.e. 10 per second. Once one of these attempts succeeds and the connection is opened both ways then the next attempt can start, i.e. the attempts are queued and freed from the queue at 10 a second.
So that in total you could have as many connections as you want, within the limit of your PCs capacity (RAM, CPU speed etc.) the only things is that you can only make 10 attempts a second. If you wanted to make a 100 connection attempts then it would take a total of 10 seconds to make the connections all things being equal. Thus unlike your problem which limits the number of network connections you can make on a LAN to 10, irresepctive of how long you wait, the TCP/IP concurrent limit only limits the speed at which you connect to 10 a second but will allow any number as long as the connections are made at 10 a second. When your system tries to make more than 10 a second then you will see the aforementioned entry in your System Event Viewer.
This worked perfectly for me, both on my laptop and my desktop which has two different versions of SP2,
HELP FOR THOSE LESS FORTUNATE
Virus Warning!!
first make sure you download it from the author’s site, with that said if you get a virus waring just «temperarily» disable you antivirus and run it again that should work.
I386/Sys.ini cannot be changed!!
try running the patch in Safe Mode
Original Setting returns after Reboot!!
Make sure you don’t have a WinXP Setup CD in the drive after reboot
or an installing folder linked in the registry and do it in safe mode
if all 20 computer is to access one computer for files
the main computer should be set to about 100 to 150 to do this just run the patch and press «c» for change limit type in the amount you need and press enter and just continue from there. you should restart when your done changing the settings.
any question just e-mail me if your e-mail is not filtered I’ll try to reply
Workaround to install the patch:
stop the anti-virus
download
reboot
F8 — safe mode + command prompt
apply patch
HAPPY !
cheers: Martin, from Hungary.
WinXP Pro has a limit of 10 connections per host and XP Home only has a 5 connection limit.
Purchase a Client-Server solution.
Or you could use Samba. Not sure if you can run it in Windows though, but it’s trivial to set up a server box running Linux, FreeBSD, or Unix. There isn’t a «hardwired» value of simultaneous connections, but it may be very difficult to get native Windows to accept more. I suggest either paying for a new Windows Server system or taking an old computer and setting up Samba.
For those having problems with the number of people connecting to one share/folder:
Check the number of connections allowed by the individual share by opening the sharing and security option on the context menu. Make sure that the «user limit» is set high enough for your anticipated usage.
BTW: IF you’re going to have 20 systems connected to your shared folder in XP (or any other non-server MS OS) be aware that it’s going to be S_L_O_W! You’re trying to use the system for something it was never intended to be able to support.
Remember that the TCP/IP tweak just affects the # of half-open connections THAT MACHINE can have — it has no effect on on other machines.