Windows XP SP2 and Event ID 4226April 29, 2005
Keywords: tcpip connection limit Windows XP SP2 Event ID 4226 patch lvlord
Update 10 April 2007
It looks as if Windows Vista comes with similar half-open outbound connections limit as Windows XP SP2 did. In fact Vista Home Basic is even more limited with only 2 connections allowed!
Torrentfreak has a great write up on how to patch Windows Vista (32/64-bit) to increase the TCP connections and improve your BitTorrent (p2p) experience.
If you are using Windows XP, you must have noticed all the fuss about Service Pack 2. It introduced an array of security "enhancements": dual direction firewall, several long overdue IE improvements, memory protection and the crippling of the TCP/IP stack.
Hang on, how is crippling of the TCP/IP stack a security enhancement?
Windows XP SP2 limits half-open connections (SYN) to a maximum of 10 (the previous limit was over 65,000). This is supposed to slow down certain viruses because their spreading strategy is to try to connect to a high amount of random IP numbers.
The drawback with this connection limit is that other legitimate network intensive applications can be slowed down as well. Applications like security network scanners, peer-to-peer (P2P) applications or a combination of network applications that a power user may be using (VPN, FTP, p2p, RDP, SSH, "Firefox on steroids" and more).
To me it sounds awfully lot like treating the symptoms instead of the cause which would have been to tighten up Windows security to prevent virus infections in the first place.