when installa Component in control panel some default ports is open auto,like when install snmp and snmptrap,udp 160,161 is open ,and tcp port 515 for printer etcs,if i unstall snmp and snmptrap,160,161 will no open, udp 500 open by isakmp,udp 4500 open by ipsec-msft,so if unstall isakmp/ipsec-msft,500/4500 will no open,how to unstall isakmp/ipsec-msft,?

ok !I try to net stop "IPSEC Services",500 4500 is nosight!windows 2003 data center :IPSEC Services

Hi There, IPsec as a protocol is embedded into ipv4 and ipv6 and you cannot remove this component . Microsoft has provided you the IPSEC service whichyou can modified according to your requirments.

thank you very much!part of ipsec embedded in Hardware?

Hi There, IPSEC is a protocol and is provided as a driver file ( .sys) file which inturn communicates with the network interface ( in lower level NDIS )

thank you very much!google:NDIS :Network Driver Interface Specification

3 kinds :(integration)(bump-in-the-stack, BITS)(bump-in-the-wire, BITW)---------------------struct_NDIS_PROTOCOL_BLOCK { PNDIS_OPEN_BLOCKOpenQueue;//queueofopensforthisprotocol REFERENCERef;//containsspinlockforOpenQueue UINTLength;//ofthisNDIS_PROTOCOL_BLOCKstruct NDIS50_PROTOCOL_CHARACTERISTICSProtocolCharacteristics;//handleraddresses struct_NDIS_PROTOCOL_BLOCK*NextProtocol;//Linktonext ULONGMaxPatternSize; #ifdefined(NDIS_WRAPPER) // //Protocolfilters // struct_NDIS_PROTOCOL_FILTER*ProtocolFilter[NdisMediumMax+1]; WORK_QUEUE_ITEMWorkItem;//UsedduringNdisRegisterProtocolto //notifyprotocolsofexistingdrivers. KMUTEXMutex;//ForserializationofBind/Unbindrequests PKEVENTDeregEvent;//UsedbyNdisDeregisterProtocol #endif }; typedefstruct_NDIS_PROTOCOL_BLOCKNDIS_PROTOCOL_BLOCK,*PNDIS_PROTOCOL_BLOCK; EXPORT VOID NdisRegisterProtocol( OUTPNDIS_STATUSStatus, OUTPNDIS_PROTOCOL_BLOCKNdisProtocolHandle,/*NDIS_HANDLEPNDIS_PROTOCOL_BLOCK*/ INPNDIS_PROTOCOL_CHARACTERISTICSProtocolCharacteristics, INUINTCharacteristicsLength );http://msdn.microsoft.com/en-us/library/ms894959.aspxipsec 4 Protocol:ahegpikeisakmpwindow/system32/driver:four kinds of NTDS: NDIS.SYS,NDISAPI.SYS,NDISWAN.SYS,NDISIO.SYS

Hi There,Are you still looking for an answer on ipv6 ?

thank you very much!the first step I shoud know IPV6......... FeldBeschreibung Version IP Version (hier also 6) Traffic Class Ermöglichung einer Quality of Service (QOS), dies ermöglicht eine Prioritätsvergabe. Das nach RFC 2474 festgelegte Differentiated Services Feld garantiert hier eine Abwärtskompatibilität zu IPv4 Flow Label Setzt die ID einer virtuellen Ende zu Ende Verbindung fest. Dies ermöglicht es Routern Pakete bereits nach der Erkennung eines bereits bekannten Flow Labels weiter zu leiten, ohne den Rest des Headers zu lesen Payload Length Beschreibt die Länge des nach dem Header angehängten Datenpakets (inklusive Erweiterungs Header) Next Header Hier wird der Header-Typ angezeigt, der direkt nach dem IPv6-Header folgt.Hierbei handelt es sich entweder um den Header eines im OSI-Modell nächst höher angeordneten Protokolls oder um einen Erweiterungs-Header, der eine optionale Erweiterung des IPv6-Headers ermöglicht. Hop Limit Das Hop-Limit entspricht dem Time-to-Live Feld im IPv4 Header. Es beschreibt die maximale Anzahl von Routern, die ein Paket auf dem Weg zum Ziel durchlaufen darf. Source Address IP-Adresse des Quell-Rechners Destination Adress IP-Adresse des Ziel-Rechners =========================isakmp HEADERike header:authip:(only win vista \2008)http://www.secdev.org/projects/scapy/demo.html

hi there,Please find the documetn for IPV6 which i would feel is the first step with respect to microsoft http://download.microsoft.com/download/e/9/b/e9bd20d3-cc8d-4162-aa60-3aa3abc2b2e9/IPv6.docYou can go through the RFC 2460 for more detailed information.

thank you very much!IPV6 so different ipv4!

Hi There, Yes IPV6 is different from ipv4 and microsoft have already developed many applications to support IPv6

thank you very much!ICMPv6:IPv6 uses the Internet Control Message Protocol (ICMP) as defined for IPv4 with a number of changes. The resulting protocol is called ICMPv6. MAC header IPv6 header ICMPv6 header ICMPv6 message ::: ICMPv6 header: 0001020304050607080910111213141516171819202122232425262728293031 Type Code Checksum ICMPv6 message ::: Type. 8 bits.Specifies the format of the message. TypeDescriptionReferences 0 1 Destination unreachable. RFC 2463, RFC 4443 2 Packet too big. RFC 2463, RFC 4443 3 Time exceeded. RFC 2463, RFC 4443 4 Parameter problem. RFC 2463, RFC 4443 5-99 100101 Private experimentation. RFC 4443 102-126 127 reserved for expansion of ICMPv6 error messages. RFC 4443 128 Echo request. RFC 2463, RFC 4443 129 Echo reply. RFC 2463, RFC 4443 130 Group Membership Query. RFC 2710 131 Group Membership Report. RFC 2710 132 Group Membership Reduction. RFC 2710 133 Router Solicitation. RFC 2461 134 Router Advertisement. RFC 2461 135 Neighbor Solicitation. RFC 2461 136 Neighbor Advertisement. RFC 2461 137 Redirect. RFC 2461 138 Router Renumbering. RFC 2894 139 ICMP Node Information Query. RFC 4620 140 ICMP Node Information Response. RFC 4620 141 Inverse Neighbor Discovery Solicitation Message. RFC 3122 142 Inverse Neighbor Discovery Advertisement Message. RFC 3122 143 MLDv2 Multicast Listener Report. RFC 3810 144 Home Agent Address Discovery Request Message. RFC 3775 145 Home Agent Address Discovery Reply Message RFC 3775 146 Mobile Prefix Solicitation. RFC 3775 147 Mobile Prefix Advertisement RFC 3775 148 Certification Path Solicitation. RFC 3971 149 Certification Path Advertisement. RFC 3971 150 Experimental mobility protocols. RFC 4065 151 MRD, Multicast Router Advertisement. RFC 4286 152 MRD, Multicast Router Solicitation. RFC 4286 153 MRD, Multicast Router Termination. RFC 4286 154 FMIPv6 messages. RFC 5568 155-199 200201 Private experimentation. RFC 4443 202-254 255 reserved for expansion. RFC 4443 icmpv4: RFC 792 Summary of Message Types 0 Echo Reply 3 Destination Unreachable 4 Source Quench 5 Redirect 8 Echo 11 Time Exceeded 12 Parameter Problem 13 Timestamp 14 Timestamp Reply 15 Information Request 16 Information ReplyRead more: http://www.faqs.org/rfcs/rfc792.html#ixzz0biZTJmnC

Hi there,Please do post your query in english as this is english forum, and with respect to above post , can i know what are you looking at ?

thank you very much! I am sorry very much!I delete it and add rfc -792,I want Compare,icmpv4 and icmpv6: C:\Documents and Settings\user>ipv6 installYou do not have local Administrator privileges. C:\Documents and Settings\user>ping6 0:0:0:0:0:0:0:1Unable to contact IPv6 driver, error code 2.power users group no right install ipv6......======================= 13 kinds icmp-v4 Message Types:some types including some sub-types:below: ping microsoft.com,maybe microsoft.com server forbiden other Message Types echo ,so only echo 11th Type----timed out. ping aol.com,maybe aol.com server forbiden other Message Types echo ,so only echo 3th Type(Code=0)---Destination net unreachablePinging whitehouse.gov ,ok, Message first Types 0-----------------------------------------------------------------------------C:\Documents and Settings\user\My Documents>ping microsoft.com Pinging microsoft.com [207.46.197.32] with 32 bytes of data: Request timed out. Ping statistics for 207.46.197.32: Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),Control-C^CC:\Documents and Settings\user\My Documents>ping aol.com Pinging aol.com [64.12.50.151] with 32 bytes of data: Reply from 64.12.32.122: Destination net unreachable. Ping statistics for 64.12.50.151: Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msControl-CC:\Documents and Settings\user\My Documents>ping whitehouse.gov Pinging whitehouse.gov [118.215.58.135] with 32 bytes of data: Reply from 118.215.58.135: bytes=32 time=68ms TTL=46Reply from 118.215.58.135: bytes=32 time=90ms TTL=46 Ping statistics for 118.215.58.135: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 68ms, Maximum = 90ms, Average = 79ms Parameter Problem Message 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Pointer | unused | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Internet Header + 64 bits of Original Data Datagram | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+Read more: http://www.faqs.org/rfcs/rfc792.html#ixzz0bibMU8Fw