Step-by-step guide: Hack to speed up security scans

Have you ever wondered how you can squeeze an extra 10 to 15 minutes out of each month or several hours out of each year when performing your security scans? Well, if you use Windows XP for security testing, there's a hack that just might buy you this time.

Starting with Windows XP SP2 (and Windows Server 2003 SP1 beta as well), Microsoft throttles the concurrent outbound half-open TCP connections per second -- apparently in the name of security. Pre-Windows XP SP2 systems allowed basically unlimited simultaneous outbound TCP connections, but with this new "enhancement," only 10 of those connections per second are allowed. This may be suitable for regular Windows users, but it hampers us security folks who use programs that open multiple TCP connections simultaneously, such as port scanners and vulnerability assessment tools.

Hack to speed up security scans

 Home: Introduction
 Step 1: Understanding the limitation
 Step 2: Making the changes
 Step 3: Be forewarned

ABOUT THE AUTHOR:

Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC. He has more than 17 years of experience in IT and specializes in performing information security assessments. Beaver has written five books, including Hacking For Dummies (John Wiley & Sons, Inc.), the brand new Hacking Wireless Networks For Dummies and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach Publications). He can be reached at kbeaver@principlelogic.com. Copyright 2005 TechTarget

Rate this Tip To rate tips, you must be a member of SearchCIO-Midmarket.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Information security management for the midmarket San Francisco network lockup justifies CIO fears A cloud computing takeover? Google thinks so An IT spring cleaning for CIOs Single sign-on: Sensible security on scale Spyware defense for the midmarket Federal breach notification stuck in Congress Anti-spam tricks for the midmarket toolbox (expert podcast) Pre-emptive strategy best approach to breach notification CIOs under fire and in front of the camera Compliance-burdened CIOs turning to security management tools Risk management for the midmarket Legal Expert: MDM can advance compliance goals Database security: Limiting access is key San Francisco network lockup justifies CIO fears Security monitoring tools: Better to buy than build? Risk assessment frameworks easy to employ Marquette CIO enhances student safety with virtual patrolling Spyware defense for the midmarket How to choose a DR service provider Data destruction made simple and cheap Spyware menace eludes SMBs Security tools for the midmarket Legal Expert: MDM can advance compliance goals Database security: Limiting access is key San Francisco network lockup justifies CIO fears Security monitoring tools: Better to buy than build? CIO Kathy Lang: Virtual patrolling center enhances campus safety Marquette CIO enhances student safety with virtual patrolling Spyware defense for the midmarket Anti-spam tricks for the midmarket toolbox (expert podcast) Compliance-burdened CIOs turning to security management tools Information security requires organized teams RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.