IPSec

I’ve been googling on “ipsec driverIPSec.sysIPSEC Services” and the only informative site was M$'s:
http://www.microsoft.com/technet/network/ipsec/ipsecfaq.mspx

However, it’s still not clear to me whether the above are directly related or not, and whether it’s safe to disable the driver (I’ve already disabled the XP service on it) that’s hidden in Device Manager.

[attachment deleted by admin]

ipsec driver is ipsec.sys, and you will find another service entry for ipsec strategy.

I do not myself use ipsec, but i do not see what risk could be associated with its existence.

If it bothers you that much, you can always suppress the corresponding drivers, the only risk being they would be system-dependent and come back upon next reboot.

If you don’t use IPsec you shouldn’t get any problems if you disable the driver. But if it returns after a reboot, just let it be there. But I doubt it should be needed for Windows to work.
I don’t think it’s such a big security vulnerability :wink:

Cheers,
Ragwing

Thanks. I was just looking into drivers that I don’t need that can be disabled or better uninstalled so that they don’t load at all.

Check there (change the OS, on the left, for the pertinent one):
http://www.blackviper.com/WinXP/servicecfg.htm

You can always try not only to disable, but to suppress what is uneeded:
the only risk you are taking is automatic reinstallation at reboot, or searching for the CD if the service is supposed to be necessary.

That’s the reason why, excepting what is obviously not needed and that can be uninstalled (ie IIS or Outlook Express depending on how you work), i suppress only third-party left over services, keeeping window’s ones desactivated (not manual).

For security reasons, one could think of suppressing ie telnet, remote registry and assistance (including Netmeeting if not used).

:-TD I tested it today and somehow by disabling the IPSec driver, it caused the TCP/IP driver to malfunction with an exclamation mark in a yellow triangle symbol. Of course that meant no internet. Luckily I only disabled it to test instead of uninstalling :o

Whoa! :o
That seems like some really bad stuff. So we better leave the IPsec driver alone then :wink:

Lars could learn a thing or 2 here. He’s been trying to break the world record for having the least # of running processes (still seeking files to “clean up” delete).