You are here: Home > Products > Network Diagram > Online Help

System limitations on scanning TCP/IP opened ports

Microsoft introduces a limit (of 10) to restrict number of allowed simultaneous outgoing half-open TCP connections in Windows XP SP2(x86,x64)/SP3, 2003 Server SP1(x86)/SP2(x86,x64), Vista without SP(x86,x64) and with SP1(x86,x64) to prevent virus or malicious program to make unlimited infectious connections to other systems. These operating systems slow down the IP address range scanning through the connection to a TCP port for all running applications (the ICMP ping is not affected) on a PC. Our program can be affected by this limitation.

When this limitation occurs, you will see the event ID 4226 with error message "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts" in the application Event Log.

The network scanning results provided by our program can be affected by this limitation. Some hosts may not be found and the program can be locked by the system for 10 seconds or more periodically.

If this does happen, please consider the following solutions:

  • Close other programs that can generate many outgoing half-open TCP connections.
  • When you are creating a new network map or scanning IP address ranges for new devices, increase timeouts for TCP port scanning in the Network Scanning Wizard to several seconds so no more than 10 IP addresses to be checked per 10 seconds.
  • Disable TCP port checking when it is not necessary during the network scan or host monitoring.
  • Learn more about disabling the limit below.

The complete removal of the limit for half-open outbound TCP connections, which is defaulted to 10, was finalized with the release of Windows Server 2008 and Vista SP2 Build 17506. In fact, the half-open outgoing TCP connection limit has been bypassed by default since Windows Vista SP2 RC Build 16670.

Microsoft adds a registry key that allows user or administrator to enable (turn on) or disable (turn off) the half-open TCP connections limit in Windows Vista with Service Pack 2 and in Windows Server 2008 with Service Pack 2.

There are a lot of patches for the tcpip.sys driver that disable the limit or raise the number of allowed connections. You can search the Internet for the "half-open TCP connections limit " phrase and find the patches.

 

All products
network inventory program
Network Inventory Explorer
Inventory Hardware and Software on Network Computers
network monitoring program
Network Monitor
Monitor Network Servers, Services, Managed Switches, etc.
visual network mapper and monitor
LANState
Monitor and Manage Network Hosts on a Visual Map, Create Network Maps
bandwidth monitoring program
Bandwidth Monitor
Monitor Network Bandwidth and the Internet Traffic Usage
network diagramming program
Network Diagram
Create Network Diagrams, Discover Network Topology
file searching program for network shares and FTP
Network File Search
Search Files on Network Shares and FTP Servers
share access monitoring program
Connection Monitor
Audit Remote User Access to Shares (Folders and Files)
free port scanner
Network Scanner (NEW!)
Free Program for Scanning Networks, Hosts, and TCP Ports