Apparently in Windows Vista, Microsoft still enforce and hard-limit (hard coded in tcpip.sys) the maximum simultaneous half-open (incomplete) outbound TCP connection attempts per second that the system can make, as in Windows XP SP2 TCPIP.SYS Patch for 10 Connection Limit, in order to protect the system from being used by malicious programs, such as viruses and worms, to spread to uninfected computers, or to launch distributed denial of service attack (DDoS). When the limit is hit, in Event Viewer, there will be such an entry:
EventID 4226: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts
Unless Windows XP SP2 which has 10 maximum incomplete connection attempts limit per second, Windows Vista default limit is based on which edition of Vista users are using. For example, Home Basic has maximum limit of 2, and Vista Ultimate is 25 per second. Normal Windows Vista users should not face any problem or slow network connection with the half-open connections limit. However, heavy P2P (peer-to-peer) applications users such as uTorrent, BitTorrent, BitComet, Azureus, ABC, etc, or P2PTV such as TVants, PPLive, PPStream, Sopcast, etc may face some error or slow download and upload speed due to this limit.
Due to enhanced security, to crack the TCP connection limit in Vista is not as easy as in Windows XP. To remove maximum half-open connection limits in Windows Vista, apply the patched tcpip.sys with the following steps:
1. Download patched tcpip.sys: 64-bit tcpip.sys or 32-bit tcpip.sys.
2. Open command prompt, and run the following 2 commands:
Code:
a. takeown /f c:\windows\system32\drivers\tcpip.sys
b. cacls c:\windows\system32\drivers\tcpip.sys /G “username”:F
Replace username with the actual user name that used to log on to Windows Vista currently.
3. Disable the TCP/IP Auto-Tuning feature by running the following command in command prompt:
Code:
netsh int tcp set global autotuninglevel=disable
4. For 64-bit Windows Vista (x64), the integrity checks need to be disabled as it need all drivers to be signed. So run the following command in DOS prompt:
Code:
bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
5. Replace the tcpip.sys in C:\windows\system32\drivers folder with the patched tcpip.sys downloaded from step 1 (remember the use the correct x64 or x86 version). Normally, this procedure can be done by simply login to Windows Vista with administrator account. However, if the process failed, reboot the computer and then press F8 to boot up in Safe Mode, and then copy and paste overwrite the tcpip.sys.
6. Next, the maximum number of TCP half complete connection limits need to be set in registry. Open registry editor (regedit), and navigate to the following registry key:
Code:
HKEY_LOCALL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
7. Right click on the right pane, select “New”, then select “DWORD value”. Enter the new value name as “TcpNumConnections” (without quotes).
8. Double click on TcpNumConnections registry value, and modify the value data to the desired maximum TCP/IP connection limit that you want to allow, in decimal value. For example, enter 500 as the value data for TcpNumConnections. You can use any limit that you prefer. Alternatively, download this registry registration file that when executed, will set the TCP simultaneous connection limit to 16777214 (you can always modify the value in the file or in the registry after applied).
9. Restart computer.
The TCP connection limit which trigger Event ID 4226 has now increased to 500 (or any other value you set).
Bookmarks