WEP Introduction

The Wired Equivalent Privacy protocol is incorporated as part of the IEEE
802.11b protocol. Actually, the standard only calls for 40-bit WEP, but almost
all vendors offer up to 128-bit WEP.

To secure data, WEP uses the RC4 algorithm to encrypt the
packets of information as they are sent out from the access point or wireless
network card. This is the same algorithm used in many other Internet
applications that require security, such as
Secure Sockets Layer (SSL). SSL is the most common protocol used by online
stores to encrypt customer information sent over the Internet. This reduces the
risk of a hacker sniffing the customer’s credit card information off the wire
and adds a layer of protection to the transaction process.

RC4 is a secure algorithm, and should remain so for several
years to come. However, in this case it is the specific wireless implementation
of the RC4 algorithm with respect to the initialization vector that is at

In general, it is difficult
to correctly implement strong cryptography. Even if a vendor implements a cipher
that is known to be very strong, many times the implementation can weaken the
cipher or make it ineffective. Implementation oversights could be as simple as
insecure key storage, poor random number generation, or flaws in key generation
routines. All of these functions may comprise a cipher without actually being
part of the cipher itself. The cipher is at the mercy of these outside
functions, and can thus be circumvented or weakened by flaws in those

As you will learn, implementation oversights in WEP include a
small IV space (IV collisions), large amounts of known plaintext in IP traffic,
IV weaknesses, no key exchange/management mechanisms (which leads to the same
shared key for all users), very weak packet integrity protection (CRC32), lack
of replay protection, and a flawed authentication system. Items not addressed by
the 802.11 WEP definitions, such as IV incrementing, also lead to problems with
WEP implementations. Most implementations start IV counters at zero upon card
initialization, and IV
collisions between nodes is very common when users boot in the morning.

RC4 Encryption


As previously mentioned, RC4 is an encryption algorithm used to
scramble data so completely that it would take years to decipher using current
technology. What makes RC4 so powerful is its speed and strength. To analyze
RC4, we must first begin with some definitions.



An algorithm is an explicit set of instructions that
have a defined starting and ending point. For example, the instructions you
would follow to set up a VCR are considered an algorithm (although some might
argue this). In reality, you perform algorithmic steps all the time. Everything
from starting a car to baking a cake can be defined by an algorithm.

Cryptology (Encryption/Decryption)


Cryptology is the study of
encryption and decryption algorithms. Encryption
is simply the scrambling of a message or data through the use of an algorithm;
the opposite of this is decryption.


Encryption is typically accomplished with the assistance of an
external piece of data, which often comes in the form of a user-selected
password or pass phrase. This not only makes the encryption stronger by
enforcing a unique key, but it also keeps anyone who does not know the password
from accessing the data.


There are two main types of encryption: symmetrical and
asymmetrical. Each has its strengths and weaknesses and is best suited to
specific applications.

Symmetrical Encryption


The symmetrical encryption and decryption processes are both accomplished
using the same key. This is the most prevalent form of encryption. As an
example, let’s encrypt the word wireless.

  1. Take the word and separate each letter and place a number 1
    between each letter.
    wireless w 1 i 1 r 1 e 1 l
    1 e 1 s 1 s
  2. Convert the letters into their corresponding alphabetical
    w1i1r1e1l1e1s1s 23 1 9 1
    18 1 5 1 12 1 5 1 19 1 19
  3. Add 2 to each separate value.
    23 1 9 1 18 1 5 1 12 1 5 1 19 1 19 25 3 11 3 20 3 7 3 14 3 7 21 3


You have now performed an encryption algorithm on the word
wireless; to decrypt the ciphertext, simply step
through the previous algorithm in reverse order.

  1. 25 3 11 3 20 3 7 3 14 3 7 21 3 21 (- 2) 23 1 9 1 18 1 5
    1 12 1 5 1 19 1 19
  2. 23 1 9 1 18 1 5 1 12 1 5 1 19 1 19 (convert to alpha value) w1i1r1e1l1e1s1s
  3. w 1 i 1 r 1 e 1 l 1 e 1 s 1 s (remove 1s)


This algorithm is a good example of how computers have
revolutionized data encryption. By hand, this type of processing would require
hours for even the simplest and shortest of messages. However, give a computer
this task, and it will take seconds to decrypt a page’s worth of data.


As mentioned previously, symmetrical encryption uses pass
phrases or key words to assist it in the encryption of a message. Using the
previous example, we will now encrypt the word wireless using the word wep.

  1. Convert each letter in the message into its alphanumerical
    wireless 23 9 18 5 12 5 19
  2. Convert each letter in the pass phrase into its alphanumerical
    wep 23 5 16
  3. Merge the words together starting from the left, repeating the
    password as necessary.



Thus, you now have an example of symmetric encryption. To
decrypt it, you would need to know (or deduce) that the key was wep. Although our example used a short word, imagine
the output from a page-long key. The results would be a long string of numbers
that have nothing to do with the original value, and would remain worthless
without the password wep.


Symmetric encryption is much faster than
asymmetric encryption. However, the difficulty with symmetric encryption is that
its security depends upon keeping its password secret.

Asymmetrical Encryption


The other type of encryption is
known as asymmetrical encryption. This encryption
is much more complex, but it has the potential to be more secure. A growing
number of applications are incorporating this type of security. Email
applications, VPNs (Chapter
), PKI (Chapter 15),
and even Application Service Providers use asymmetrical encryption.


Asymmetrical encryption requires the use of two keys, one
public and one private. Each key requires the use of the other to decipher a
message. In other words, imagine that your boss wants to send a secure message
to you, and to be fairly confident that only you can open it. She could seal the
message in a box using a padlock for which only you have the key. Thus, without
your private key, not even your boss can reopen the message after it is


Note that asymmetric encryption requires everyone to have
access to a copy of your public “lock,” also known as a public key. Typically, this information is available
from a central server or a Web site and can be retrieved with minimal effort.
However, this one extra step increases the level of
complexity just enough to limit the universal adoption of asymmetric

Disadvantages of Encryption


There are multiple benefits with
encryption. For example, it can be used to authenticate users, authorize access
to resources, ensure data confidentiality, and guarantee data integrity. It can
also be used to provide nonrepudiation for transactions.


However, there are also several potential drawbacks with
encryption. These drawbacks include lost passwords, a false sense of security,
and the processing overhead of using encryption. This section will briefly
address these issues as they apply to wireless networking.

Lost Password


One problem with encryption is what to do in the event
of a lost password. In this case, the only option is to find a method of
cracking the password. However, depending on the method of encryption, it could
be many years before you extract any data. In addition, some countries,
including the United States, consider the very act of cracking a password
illegal—even if the data belongs to you. Just ask security researcher Dmitry
Sklyarov, a programmer for the Russian company Elcomsoft. At the behest of Adobe
Systems, the FBI controversially arrested Sklyarov after he gave an academic
presentation on password recovery.

Using Encryption Does Not Guarantee Security


The second issue is one of the biggest threats to wireless users. Many people
consider their networks to be secure based solely on the fact that they are
using WEP. This assumption is flawed, as the password is usually left blank or
as the default. In addition, WEP does not protect against most traditional
hacker attacks. Finally, WEP itself is fundamentally flawed. As you will see
later in the book, we encourage you to use WEP, but never use it as your only
line of defense.


Password/shared-secret-based keys are only as good as the human
that creates them. If passwords are easily guessed or appear in a dictionary,
then it is far easier to guess/lookup the password/key than to brute-force the
entire keyspace. This applies to all password based authentication/crypto


Additionally, if a crypto system has algorithmic flaws or
implementation flaws, the crypto can be circumvented. WEP is an example of a good cipher (RC4) implemented poorly. RC4 can be
rendered ineffective due to the implementation flaws in WEP.

Encryption Overhead


The last issue also applies to wireless
networking—the overhead or CPU time that it takes to encrypt and decrypt network
data. This overhead can have a serious impact on the productivity of a network
application, and can have detrimental results in time-critical situations.


Any encryption adds overhead to the processing requirements of
a networking system. Encryption delays the transmission process and can also
adversely affect network device processors’ ability to deal with other
critical/needed functions.



When discussing symmetric encryption, there are two main methods by which a
chunk of data can be encrypted. It is important to understand the differences
and the benefits of how they work in order to understand how RC4 encrypts



A block cipher (such as DES or 3DES) takes a large chunk of data and
encrypts it with the key. This process is repeated over and over again until the
whole message is completely encrypted. Typically there is a size variable that
controls how big the chunk of data can be. Regardless of the size, the entire
key is used to encrypt the chunk of data.


For example, suppose you want to send your boss an email using
a block cipher. In this case, you would enter one password, and the entire
message would be encrypted at one time. The following equation illustrates the
simplicity of this type of encryption, as well as its weakness.
Cipher Function (data, pass phrase) = Output


Note that the entire pass phrase is used each time in its
original form to encrypt the data. With continuous use, a block cipher is
functionally weak. If even two blocks are encrypted with the same cipher, the
pass phrase could be extracted from the ciphertext.


In other words, if an attacker can determine the original data
of just one message, he can compare the ciphertext with the plaintext and
calculate the difference. This difference would then be the code to crack any
future encrypted messages. In addition, the two messages can be analyzed and
compared. Depending on the encryption method, the two messages can be merged,
which would cancel out the encryption, and essentially provide a hacker all
the information he needs to view the data.

Stream Cipher


A stream cipher also uses a pass phrase. However, it
encrypts data on a much smaller scale. Whereas a block cipher might encrypt a
whole page of text at one time, a stream cipher can encrypt the bits that make
up one letter of a page of text. To illustrate, the letter A is equivalent to
the decimal value of 65, which can be converted to one byte, which in turn is
comprised of eight bits (Figure 4.1). A
stream cipher can encrypt that one bit before sending it out, and repeat the
encryption seven more times for just one letter. This can result in thousands of
encrypted values for a complete email or message.
Figure 4.1. Streaming the letter




A streaming cipher is capable of encrypting on a detailed level
because it uses a state condition, in addition to the pass phrase and data. This
means the data is encrypted differently for each chunk that passes through the
encryption program. To perform a stream cipher, two streams are generated, one
that feeds into the other. The first stream is called the key stream, which combines a state value, data value,
and pass phrase value to generate a randomly changing stream of data. The key
stream in turn is used to produce the output cipher by combining the new state
value (from the key stream), data value, and key value. Mathematically, this is
accomplished using two functions, as compared to the one function of a block
cipher. This can be depicted as shown in the following section.

Self-Synchronizing Stream Cipher


The following are the two functions of the
self-synchronizing stream cipher:
State Time+1 = State Function(State Time, Data Time, Password Time) 
Output Time = Cipher Function(State Time, Data Time, Password Time)


As illustrated, the output is now dependent on three variables,
two of which will be changing (the password is constant). The first function is
known as the key stream generator, and the second is the cipher function.


The strength of this type of encryption is found in the fact
that there are now two variables that change. Therefore, even if there is a
predictable value in the data, the state will be randomly different, which
significantly decreases the chances of an attacker being able to extract
relevant data from the cipher.


There are a couple variations of stream ciphers that we need to
define before we discuss weaknesses with the RC4 cipher implementation in WEP.
These are known as synchronous stream ciphers and self-synchronizing stream
ciphers. The difference between the two is found in whether the key stream
relies on the data to produce the stream. The previous example illustrates how a
self-synchronizing stream ciphers, as it relies on the data to produce the key
stream. In contrast, the following example illustrates how a synchronous stream
cipher creates the output. In this type of cipher, the first two functions
combined are considered the key stream generator.
- Stream-2: Synchronous Stream Cipher 
State Time+1 = State Function(State Time, Password Time) 
Stream Value Time = Keystream Function(State Time, Password Time) 
Output Time = Cipher Function(Stream Value Time, Data Time)


Although the synchronous cipher might seem more complicated, it
is actually weaker than the self-synchronizing cipher. Notice from the last
function of this type of cipher that only one “unknown” value is needed to
reverse the encryption. On the other hand, the self-synchronizing encryption
uses three variables.


The previous functions represent a process through which the data is
combined. This process can be comprised of anything ranging from complex
mathematical calculations to a simple addition of the two values. In our case,
for RC4 the last function is an XOR binary addition process. The following will
explain the XOR function, as it is used to produce the final RC4



XOR is a simple logical operation. In our case, it serves as a rudimentary
encryption scheme that combines one segment of data with another to produce a
scrambled output. XOR is one of the most popular methods for encrypting data
because of its speed and the fact that it works at the bit level.


To understand XOR, you must understand logic structures. Table 4.1 illustrates a bit comparison.
See whether you can determine how the final bit is calculated.

Table 4.1. Sample XOR Comparison
Byte 1:
XOR Byte:
Output Byte:


From this example, you should be able to determine a pattern.
By comparing the bits from Byte 1 with the corresponding bits from the XOR byte,
you can quickly deduce the algorithm. When there are similar bit characters (for
example, 0 – 0, 1 – 1) the resulting bit is a 0, and when there are different
bit characters (for example, 0 – 1, 1 -0) the resulting bit is a 1. Figure 4-3
represents the logical XOR

Table 4.2. XOR Comparison Table
Original bit
XOR bit


Although this type of encryption is rapid and operates at the
bit level, it is problematic. To illustrate, let’s examine the XOR calculation
of a series of two bytes. The first will XOR the binary value of letter A, and
the second will XOR the value of NULL (that is, zero), each using the XOR byte
of 1111111. (Tables 4.3, 4.4)

Table 4.3. XOR of the Letter A Using XOR Key of
XOR Byte:
Output Byte:

Table 4.4. XOR of NULL Using XOR Key of
XOR Byte:
Output Byte:


Note that in Table 4.3 the letter A is transformed
into a completely different value, which happens to be equivalent to the tilde
(~) in ACSII. However, in Table
, the resulting value is the same as the XOR key! In other words, if an
attacker can determine that a chunk of data is NULL, he can quickly determine
the XOR key used to encrypt that particular piece of code.


Although this is a security issue, in a
proper implementation of RC4, the state value should randomly change, which then
changes the XOR key. Therefore, any transposing of the XOR value would
occur randomly, and would be almost impossible to predict. For example, if the
key at Time 1 was 10101010, and the data was 01010101, the resulting value would
be 11111111. This value would be the same if at Time 2 the key was 11111111 and
the data was 00000000 (Table

Table 4.5. XOR Key Change
Data T1:
Data T2:
XOR Key T1:
XOR Key T2:
Output T1:
Output T2:


As you can see
from the table, an attacker would have no way of knowing if the resulting value
was a result of a NULL character or the result of a valid piece of data.
However, this is irrelevant if the attacker can determine which packets of data
did contain NULL characters.

Active Directory Lightweight Directory Serivce

AD LDS formerly known as ADAM (Active Directory Application Mode), acts as a data store to store such application-specific information and runs as a non-operating system service that does not require any deployment on a domain controller.

AD LDS is a LDAP (Lightweight Directory Access Protocol) directory service that supports directory-enabled applications to store and retrieve data without requiring the dependencies that AD DS requires. LDAP is an application protocol, which is used to query and modify directory services. A Directory-Enabled application uses a directory as a data store instead of extra Access/SQL/Temporary Database or a flat file. E.g. Global Address Book, Management or HR Applications

What happen to Hyper Terminal in Windows 7?

If you are thinking about using Microsoft Hyper Terminal for remote administration or a Router or Server then you will be amazed in windows 7. You will not found Microsoft Hyper Terminal in Windows 7 then the only question is What happen to Hyper Terminal in windows 7? and How can we use it?

Don’t worry, Microsoft introduced some alternatives in Windows 7 like WINRM (windows remote management) and WINRS (windows remote server management) command tools. If you intended to use the readitional applications then Telnet is also available.

But what happen to Hyper Terminal? well it is a individual tool now so you can use it in windows 7 still by extract the system from windows XP disk. Simply extract HYPERTRM.EXE and HYPERTRM.DLL then run HYPERTRM.EXE simply. No installation or extration needed.



Windows Deployment Service

What is Windows Deployment Services?

The Windows Deployment Services role in Windows Server 2008 is the updated and redesigned version of Remote Installation Services (RIS). Windows Deployment Services enables you to deploy Windows operating systems, particularly Windows Vista® and Windows Server 2008. You can use it to set up new computers by using a network-based installation. This means that you do not have to be physically present at each computer and you do not have to install each operating system directly from a CD or DVD. The components of Windows Deployment Services are organized into the following three categories:

  • Server components. These components include a Pre-Boot Execution Environment (PXE) server and Trivial File Transfer Protocol (TFTP) server for network booting a client to load and install an operating system. Also included is a shared folder and image repository that contains boot images, install images, and files that you need specifically for network booting. There is also a networking layer, a multicast component, and a diagnostics component.
  • Client components. These components include a graphical user interface that runs within the Windows Pre-Installation Environment (Windows PE). When a user selects an operating system image, the client components communicate with the server components to install the image.
  • Management components. These components are a set of tools that you use to manage the server, operating system images, and client computer accounts.

What’s new in Windows Deployment Services?

Windows Deployment Services for Windows Server 2008 includes several modifications to RIS features. There are also modifications from Windows Deployment Services that you can install onto computers running Windows Server 2003.


Changes from RIS Changes from Windows Deployment Services on Windows Server 2003
  • The ability to deploy Windows Vista and Windows Server 2008.
  • Windows PE is the boot operating system.
  • Image-based installation, using the Windows image (.wim) file.
  • The ability to transmit data and images using multicast functionality.
  • The ability to transmit data and images using by multicast functionality on a standalone server (when you install Transport Server).
  • An extensible and higher-performing PXE server component.
  • A new graphical user interface on the client that you can use to select images.
  • The Windows Deployment Services Microsoft Management Console (MMC) snap-in on the server, which enables you to manage all Windows Deployment Services features.
  • The ability to transmit data and images by using multicast functionality.
  • The ability to transmit data and images using multicast functionality on a standalone server (when you install Transport Server).
  • No support for RISETUP images or OSChooser screens.
  • An enhanced TFTP server.
  • Support for network boots of x64-based computers with Extensible Firmware Interface (EFI).
  • Metric reporting for installations.


Who should use this guide?

Windows Deployment Services is intended for deployment specialists who are responsible for the deployment of Windows operating systems in an organization. This guide assumes that you have a working knowledge of common desktop deployment technologies, as well as networking components such as Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and Active Directory® Domain Services (AD DS). The target audiences are:

  • IT planners or analysts evaluating Windows Vista or Windows Server 2008
  • Enterprise IT planners or designers
  • Deployment specialists interested in deploying images to computers that do not have operating systems installed

Benefits of Windows Deployment Services

Windows Deployment Services provides the following installation and deployment benefits:

  • Reduces the complexity of deployments and the costs associated with inefficient manual installation processes.
  • Allows network-based installation of Windows operating systems, including Windows Vista and Windows Server 2008.
  • Deploys Windows images to computers without operating systems.
  • Supports mixed environments that include Windows Vista, Windows Server 2008, Microsoft Windows XP, and Microsoft Windows Server 2003.
  • Provides an end-to-end solution for the deployment of Windows operating systems to client computers and servers.
  • Uses standard Windows Server 2008 setup technologies, including Windows PE, .wim files, and image-based setup.

Windows Server 2008 Terminal Services

Adding Terminal Services and viewing its status

A company has just purchased a new server. The new computer must run Terminal Services to provide centralized access to individual applications without the necessity of providing Remote Desktop access to each employee.

The administrator performs the following steps to add and configure Terminal Services.

Adding Terminal Services and TS Web Access

The system administrator installs the Terminal Services role on the new computer.

To add Terminal Services and TS Web Access

1.   If Server Manager is not already open, open Server Manager by clicking Start, pointing to Administrative Tools, and then clicking Server Manager.

2.   Add Terminal Services by using the Add Roles Wizard in Server Manager. Select the role services Terminal Server and TS Web Access on the Select Role Services page of the Add Roles Wizard.


The TS Web Access role service depends on Web Server (IIS) and Windows System Resource Manager (WSRM). Server Manager prompts you to install IIS and WSRM if they are not already installed on the computer.

3.   The Terminal Services installation process requires an administrator to specify several configuration options. Complete the configuration pages of the Add Roles Wizard based on what is most appropriate for your organization. For more information about configuring Terminal Services, and detailed step-by-step guides, see the Terminal Services page on the Windows Server TechCenter (http://go.microsoft.com/fwlink/?LinkId=48555).

Managing Terminal Services by using Server Manager

The administrator opens the Terminal Services snap-ins and performs Terminal Services management tasks in the Server Manager window.

To manage Terminal Services by using Server Manager

1.   If Server Manager is not already open, open Server Manager by clicking Start, pointing to Administrative Tools, and then clicking Server Manager.

2.   In the hierarchy pane, expand Roles, and then expand Terminal Services.

3.   If Terminal Services is installed, but Terminal Services snap-ins and management tools do not appear in the hierarchy pane, close and then reopen Server Manager.

4.   Open the Terminal Services Configuration and then the Terminal Services Manager snap-ins by selecting their objects in the hierarchy pane.

5.   On the role home page for Terminal Services, open the Summary area and the System Services area, if they are not already open.

6.   In the System Services area, click Stop and then Restart to stop and then restart the Terminal Services service.

7.   In the Server Manager hierarchy pane, expand Diagnostics.

8.   Expand Event Viewer, expand Custom Views, and then expand Server Roles.

9.   If Terminal Services does not appear as a child object of Server Roles, press F5 to refresh the Server Manager console. If Terminal Services still fails to appear, close and then reopen Server Manager.

10.  To check for new event messages, press F5 or right-click the Event Viewer node, and then click Refresh. Check for critical, warning, or informational events for Terminal Services, view event properties, and change filter preferences for events.

Removing Terminal Services by using Server Manager

After several months, the system administrator wants to install Terminal Services on a more powerful computer, and remove Terminal Services completely from the server on which it currently is running.

To remove Terminal Services by using Server Manager

1.   If Server Manager is not already open, open Server Manager by clicking Start, pointing to Administrative Tools, and then clicking Server Manager.

2.   Open the Roles Summary area, if it is not already open.

3.   Click Remove roles.

4.   On the Remove Server Roles page of the Remove Roles Wizard, clear the check box for Terminal Services. Click Next.

5.   After confirming that you want to remove Terminal Services, on the Confirm Removal Selections page, click Remove.

Windows Server 2008 Server Virtualization

Adding Windows Server virtualization

An enterprise wants to use Windows Server® virtualization to run virtual machines. The system administrator installs Windows Server virtualization on the computer, and then manages it by using snap-ins in Server Manager.


The Windows Server virtualization scenario is only for computers running The 64-bit edition of Windows Server 2008, and that have support at the processor level for virtualization. More specific hardware requirements for Windows Server virtualization are described in the Windows Server virtualization Step-by-Step Guide on the Windows Server TechCenter (http://go.microsoft.com/fwlink/?LinkId=98822). It is strongly recommended that you review these hardware requirements before completing any of the tasks in this scenario.

Installing Windows Server virtualization

The administrator’s first task is to run Setup for the two Windows Server virtualization update packages. After the updates are complete, Windows Server virtualization is available for installation by using Server Manager.

To install Windows Server virtualization

1.   Double-click the following two update packages stored in %windir%\WSV to make Windows Server virtualization available for installation by using Server Manager:

  • Windows6.0-KB939854-x64.msu
  • Windows6.0-KB939853-x64.msu

2.   If Server Manager is not already open, open Server Manager by clicking Start, pointing to Administrative Tools, and then clicking Server Manager.

3.   In the Roles Summary area, click Add Roles.

4.   On the Select Server Roles page of the Add Roles Wizard, select Windows Server virtualization.

5.   Complete the Add Roles Wizard. For more information about specific configuration pages and settings for Windows Server virtualization, see the Windows Server virtualization Step-by-Step Guide on the Windows Server TechCenter (http://go.microsoft.com/fwlink/?LinkId=98822).

Managing Windows Server virtualization by using Server Manager

After installing Windows Server virtualization, the administrator uses snap-ins available in Server Manager to manage the role.

To manage Windows Server virtualization by using Server Manager

1.   If Server Manager is not already open, open Server Manager by clicking Start, pointing to Administrative Tools, and then clicking Server Manager.

2.   In the hierarchy pane, expand Roles, and then expand Windows Server Virtualization.

3.   With the Server Manager window active, press F5 to refresh the console if Windows Server virtualization is installed, but Windows Server virtualization snap-ins and management tools do not show in the hierarchy pane.

Removing Windows Server virtualization by using Server Manager

After several months, the company no longer requires this server to be used as a virtual machine running multiple operating systems, and the system administrator removes the Windows Server virtualization role.

To remove Windows Server virtualization by using Server Manager

1.   If Server Manager is not already open, open Server Manager by clicking Start, pointing to Administrative Tools, and then clicking Server Manager.

2.   Open the Roles Summary area if it is not already open. Click Remove roles.

3.   On the Remove Server Roles page of the Remove Roles Wizard, clear the check box for Windows Server virtualization. Click Next.

4.   After confirming that you want to remove Windows Server virtualization, on the Confirm Removal Selections page, click Remove.

5.   Verify that Windows Server virtualization has been removed from the server by refreshing Server Manager and viewing the Roles Summary area.