XP Pro Point-of-Sale server denying connection from front-of-house terminals - Event log shows possible DoS

Posted on 2008-10-23
Medium Priority
Last Modified: 2013-11-18
We have a point-of-sale fileserver in a restaurant with 7 front-of-house terminals, all running XP Pro. Every other day, the terminals fail to connect to the fileserver, even though I can VNC to them from the fileserver and ping back to the server by NetBIOS name (so they are obviously still connected). Upon searching the Windows Event Logs, I found this: Event ID 2027 - "The server has detected a potential Denial-of-Service attack caused by consuming all the work-items.  Some connections were disconnected to protect against this.  If this is not the case, please raise the MaxWorkItems for the server or disable DoS detection.  This event will not be logged again for 24 hours." I need to know how to prevent this and keep the connections open.

The server has 2 separate NICs - one for the internet connection for credit card processing and remote support (they're 250 miles away from me), and another for the internal POS network. Only the POS network seems to be affected, so I am looking for a way to disable the DoS detection for that NIC, if possible, or another reason for the blocked connections with an appropriate solution.
Question by:TechGuyMike
  • 3
  • 2

Author Comment

ID: 22787023
Already found those solutions, but it sounds like MaxWorkItems should be a dynamic value and I'm hesitant to change it. The event says "OR" disable DoS detection... how do I do that?
LVL 18

Expert Comment

ID: 22787221

Author Comment

ID: 22787437
The Google Books link doesn't provide any information of value for this situation. The NIC in question is on-board, and besides, the site is 250 miles from me, so I am looking for a software config solution I can do remotely.

Accepted Solution

TechGuyMike earned 0 total points
ID: 22787537
Found the specific solution I am looking for. Here is how to disable DoS detection in Windows:
1. Click Start, click Run, type regedit in the Open box, and then click OK.
2. Locate and then click the following registry subkey:
3. On the Edit menu, point to New, and then click DWORD Value.
4. Type DisableDos for the name of the DWORD value, and then press ENTER.
5. Right-click DisableDos, and then click Modify.
6. In the Value data box, type 1 to disable denial of service attack detection, and then click OK.

Note To enable denial of service attack detection, type 0 in the Value data box.
7. Quit Registry Editor.

Thanks anyway...

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

While opting for any web-to-print solution, you need to discuss with your team and some of your end users and know their opinions about your decisions. In this article we list down some questions you need to ask yourself.
Ranking ecommerce websites is a vital process. You need to have a strong SEO (Search Engine Optimization) strategy. If you don’t have one, you are losing out on brand impressions, clicks and sales. Check this guide on how to improve website traffic …
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question