The limit for XPHome is 5 and XPPro is 10. Could this message also indicate malicious connection attempts?
Who will shed some light on this issue?
polonus
I have been offline for a time and found this thread.
Just to clarify:
Windows XP all SP's Home and Pro has no practical limit on the number of concurrent TCP/IP connections
for OUTBOUND connections at a given time.
The numbers 5 and 10 quoted is about simultanous INCOMING connections to a shared folder or a shared printer or
other used shared resources.
So the whole point here is that the maximum OUTBOUND CONNECTION ATTEMPTS in a time-frame of one
second is set to 10 in XP SP2 and XP SP3 home and pro. The rationale for this is to stop malware making new connections too fast and thereby reduce the speed of spreading. XP RTM and XP SP1 didn't have this constraint.
Think of a malware wanting to make 1000 connections outbound from your machine.
That will take at least 100 seconds with this new rule instead of 0.00... seconds.
But in this scenario after that time you could have 1000 outbound simultanous connections without problems.
And you would get the warning in Eventlog/System as you mention.
There is no registry setting for this '10 connection attempts per second' rule.
Some people therefore hack the tcpip.sys file which contains this limit and set it to e.g. 100 instead of 10.
The article at speedguide.net contains much info about hacking that file.
Polonus;
I think this answers your original question: Could this message also indicate malicious connection attempts?
Yes, if there is no other reason for a lot of connection attempts in a given time-frame and the message in Eventlog/System is recurring.
HL