Windows Vista network stack not so new
In our feature
on Windows Vista a few months back, we expressed concern about how this operating system comes with a brand-spanking new TCP/IP stack
. In matters of security, such newness could be a vulnerability, analysts from Symantec Corp.
reasoned. After all, Vista's new stack has not been hardened by years of daily use and aggressive probing by malicious hackers. By contrast, older versions of Microsoft Windows, we heard, borrowed a well-seasoned stack from the BSD OS.
Well, it turns out this Vista stack is not so fresh after all. Two analysts from network performance management software provider NetQoS Inc. examined the algorithms supporting the new TCP/IP stack
, called Compound TCP, or CTCP. They found that CTCP actually uses a number of previously-tested algorithms, including TCP Reno, TCP Vegas, Fast TCP and High Speed TCP.
But while CTCP is in fact fairly seasoned, NetQoS still recommends testing it on a small scale before rolling it out across the enterprise, thanks to the way Microsoft tweaked CTCP to boost data transfer speeds.According to Microsoft
, CTCP can boost throughput network speeds by dynamically enlarging the transmission window where appropriate. The TCP sliding window judges the amount of network activity overall and scales transmission rates to not overwhelm that network. (The 'window' in this context
is simply the number of packets a host sends out before stopping to wait for an acknowledgement by the computer with which it is exchanging packets.)
The danger here is that Microsoft's new windowing implementation does not appear, at least under initial scrutiny, to be set manually. The 'fact that it's dynamic and self-tuning means you've lost control over it ' that's a scary position for a sysadmin,' the NetQoS analysts write.
Initially, organizations rolling out Enterprise Vista may not have to worry about this problem'CTCP is off by default in that OS. But when Microsoft rolls out the Windows Longhorn server'where CTCP will be the default TCP/IP stack'administrators may want to take a hard look at how it will affect network traffic.
Posted by Joab Jackson on Dec 13, 2006 at 9:39 AM