Event ID - 4226

Event Id4226
SourceTcpip
DescriptionTCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts"
Event Information According to Microsoft :

Resolution :

Reduce the load on the remote computer

If the packets are dropped because of network congestion and poor network performance, reduce the load on, or increase the capacity of, the computer.

Verify :

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To measure network performance, run Performance Monitor:
  1. Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
  2. Type perfmon, and then press ENTER.
  3. Click Continue when prompted by User Account Control, and then provide the administrator password, if requested.
  4. In the Performance Monitor console tree, click Reliability and Performance .
  5. Network, CPU, and memory utilization data are available in the details pane.

If you have recorded Performance Monitor counters in the past, compare the current load to your average loads over time. If you do not have any baseline readings from past performance monitoring, continue to monitor network, CPU, and memory utilization by looking for large fluctuations in performance that might indicate a heavy traffic load or an attack.

----------------------------------------------------------------------------------------------------------------------------

This new feature is one of the stacks

"springboards", security features designed to proactively reduce the

future threat from attacks like blaster and Sasser that typically spread

by opening connections to random addresses. In fact, if this feature had

already been deployed, Sasser would have taken much longer to spread.?

Its not likely to help stop the spread of Spam unless spammers are

trying to reach open email relays in the same way, by opening

connections on SMTP ports of random IP addresses.?

This is new with XP SP2 and were trying to get it right so that it does

not interfere with normal system operation or performance of normal,

legitimate applications, but does slow the spread of viral code. New

connection attempts over the limit for half-open connections get queued

and worked off at a certain (limited rate)."
Reference LinksAn Article from Bink.nu

TCP/IP and NBT configuration parameters for Windows XP

Event ID 4226 from Source tcpip

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh