Win2003环境下的一键系统安全批处理

复制代码 代码如下:

@echo off

echo ----------------------------------

echo ----正在备份注册表 请稍后....----

echo ----------------------------------

  reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg

echo ----------------------

echo ----注册表备份完成----

echo ----------------------

  ping 127.0.0.1 -n 3 >nul

echo -----------------------------------

echo ----安全配置正在改写 请稍候...----

echo -----------------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------

echo ----正在禁用空连接----

echo ----------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f

echo --------------------------

echo ----禁用空连接设置完毕----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------

echo ----正在删除默认共享----

echo ------------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f

echo ----------------------------

echo ----删除默认共享设置完毕----

echo ----------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------

echo ----正在修改TTL值请稍后...----

echo ------------------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f

echo -------------------

echo ----TTL修改完毕----

echo -------------------

  @ping 127.0.0.1 -n 3 >nul

echo -----------------------

echo ----防止syn洪水攻击----

echo -----------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f

echo -------------------------------

echo ----防止syn洪水攻击设置完毕----

echo -------------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------

echo ------------------------------

echo ---- 系统服务修改 ----

echo ------------------------------

echo ------------------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------

echo ----修改3389端口----

echo --------------------

  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f

  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f

echo --------------------

echo ----修改PORT完毕----

echo --------------------

  @ping 127.0.0.1 -n 3 >nul

echo -------------------------------------

echo ----正在开启系统防火墙 请稍后....----

echo -------------------------------------

  sc config sharedaccess start= auto & net start sharedaccess

echo ------------------------

echo ----系统防火墙已开启----

echo ------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------

echo ----正在关闭共享打印服务----

echo ----------------------------

  @sc config Spooler start= disabled

  sc config LanmanServer start= disabled

  sc config LmHosts start= disabled

echo --------------------------

echo ----已关闭共享打印服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------

echo ----正在关闭远程协助服务----

echo ----------------------------

  @sc config RDSessMgr start= disabled

echo --------------------------

echo ----已关闭远程协助服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------

echo ----正在关闭远程注册表服务----

echo ------------------------------

  @sc config RemoteRegistry start= disabled

echo ----------------------------

echo ----已关闭远程注册表服务----

echo ----------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------

echo ----关闭自动硬件播放通知----

echo ----------------------------

  sc config ShellHWDetection start= disabled

echo -----------------------

echo ----自动播放通知关闭---

echo -----------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------------------

echo ----正在关闭替换凭据下的启动进程服务----

echo ----------------------------------------

  sc config seclogon start= disabled

echo --------------------------

echo ----已关闭启动进程服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------------

echo ----IEEE 802.11 适配器的自动配置----

echo ------------------------------------

  sc config WZCSVC start= disabled

echo ------------------

echo ----已关闭IEEE----

echo ------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------------

echo ----客户端跟踪服务关闭----

echo --------------------------

  sc config TrkSvr start= disabled

  sc config MSDTC start= disabled

echo ----------------------------

echo ----已关闭客户端跟踪服务----

echo ----------------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------

echo ----帮助中心关闭----

echo --------------------

  sc config helpsvc start= disabled

echo --------------------------

echo ----已关闭帮助中心服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------------------

echo --------------------------------

echo ---- 系统权限加固 ----

echo --------------------------------

echo --------------------------------

echo -------------------------------------------------------

echo ----C盘(系统盘) (administrators,system完全控制权限)----

echo -------------------------------------------------------

  cacls C:\ /t /c /g administrators:F system:F

echo -------------------------------------------

echo ----Common Files (everyone用户只读权限)----

echo -------------------------------------------

  Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R

echo -------------------------------------------------------------

echo ----IIS Temporary Compressed Files (everyone用户更改权限)----

echo -------------------------------------------------------------

  Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C

echo --------------------------------------------

echo ----Microsoft.Net (everyone用户只读权限)----

echo --------------------------------------------

  Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R

echo ------------------------------------------------------

echo ----Temporary ASP.NET Files (everyone用户更改权限)----

echo ------------------------------------------------------

  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C

echo ------------------------------------------------------

echo ----Temporary ASP.NET Files (everyone用户更改权限)----

echo ------------------------------------------------------

  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C

echo -------------------------------------------

echo ----Registration (everyone用户读取权限)----

echo -------------------------------------------

  Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R

echo -----------------------------------

echo ----Temp (everyone用户更改权限)----

echo -----------------------------------

  Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C

echo -------------------

目前创新互联已为上千多家的企业提供了网站建设、域名、网页空间、网站托管、企业网站设计、邵原网站维护等服务,公司将坚持客户导向、应用为本的策略,正道将秉承"和谐、参与、激情"的文化,与客户和合作伙伴齐心协力一起成长,共同发展。

 @echo off

echo ----------------------------------

echo ----正在备份注册表 请稍后....----

echo ----------------------------------

  reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg

echo ----------------------

echo ----注册表备份完成----

echo ----------------------

  ping 127.0.0.1 -n 3 >nul

echo -----------------------------------

echo ----安全配置正在改写 请稍候...----

echo -----------------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------

echo ----正在禁用空连接----

echo ----------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f

echo --------------------------

echo ----禁用空连接设置完毕----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------

echo ----正在删除默认共享----

echo ------------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f

echo ----------------------------

echo ----删除默认共享设置完毕----

echo ----------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------

echo ----正在修改TTL值请稍后...----

echo ------------------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f

echo -------------------

echo ----TTL修改完毕----

echo -------------------

  @ping 127.0.0.1 -n 3 >nul

echo -----------------------

echo ----防止syn洪水攻击----

echo -----------------------

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f

  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f

echo -------------------------------

echo ----防止syn洪水攻击设置完毕----

echo -------------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------

echo ------------------------------

echo ---- 系统服务修改 ----

echo ------------------------------

echo ------------------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------

echo ----修改3389端口----

echo --------------------

  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f

  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f

echo --------------------

echo ----修改PORT完毕----

echo --------------------

  @ping 127.0.0.1 -n 3 >nul

echo -------------------------------------

echo ----正在开启系统防火墙 请稍后....----

echo -------------------------------------

  sc config sharedaccess start= auto & net start sharedaccess

echo ------------------------

echo ----系统防火墙已开启----

echo ------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------

echo ----正在关闭共享打印服务----

echo ----------------------------

  @sc config Spooler start= disabled

  sc config LanmanServer start= disabled

  sc config LmHosts start= disabled

echo --------------------------

echo ----已关闭共享打印服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------

echo ----正在关闭远程协助服务----

echo ----------------------------

  @sc config RDSessMgr start= disabled

echo --------------------------

echo ----已关闭远程协助服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------

echo ----正在关闭远程注册表服务----

echo ------------------------------

  @sc config RemoteRegistry start= disabled

echo ----------------------------

echo ----已关闭远程注册表服务----

echo ----------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------

echo ----关闭自动硬件播放通知----

echo ----------------------------

  sc config ShellHWDetection start= disabled

echo -----------------------

echo ----自动播放通知关闭---

echo -----------------------

  @ping 127.0.0.1 -n 3 >nul

echo ----------------------------------------

echo ----正在关闭替换凭据下的启动进程服务----

echo ----------------------------------------

  sc config seclogon start= disabled

echo --------------------------

echo ----已关闭启动进程服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo ------------------------------------

echo ----IEEE 802.11 适配器的自动配置----

echo ------------------------------------

  sc config WZCSVC start= disabled

echo ------------------

echo ----已关闭IEEE----

echo ------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------------

echo ----客户端跟踪服务关闭----

echo --------------------------

  sc config TrkSvr start= disabled

  sc config MSDTC start= disabled

echo ----------------------------

echo ----已关闭客户端跟踪服务----

echo ----------------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------

echo ----帮助中心关闭----

echo --------------------

  sc config helpsvc start= disabled

echo --------------------------

echo ----已关闭帮助中心服务----

echo --------------------------

  @ping 127.0.0.1 -n 3 >nul

echo --------------------------------

echo --------------------------------

echo ---- 系统权限加固 ----

echo --------------------------------

echo --------------------------------

echo -------------------------------------------------------

echo ----C盘(系统盘) (administrators,system完全控制权限)----

echo -------------------------------------------------------

  cacls C:\ /t /c /g administrators:F system:F

echo -------------------------------------------

echo ----Common Files (everyone用户只读权限)----

echo -------------------------------------------

  Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R

echo -------------------------------------------------------------

echo ----IIS Temporary Compressed Files (everyone用户更改权限)----

echo -------------------------------------------------------------

  Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C

echo --------------------------------------------

echo ----Microsoft.Net (everyone用户只读权限)----

echo --------------------------------------------

  Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R

echo ------------------------------------------------------

echo ----Temporary ASP.NET Files (everyone用户更改权限)----

echo ------------------------------------------------------

  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C

echo ------------------------------------------------------

echo ----Temporary ASP.NET Files (everyone用户更改权限)----

echo ------------------------------------------------------

  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C

echo -------------------------------------------

echo ----Registration (everyone用户读取权限)----

echo -------------------------------------------

  Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R

echo -----------------------------------

echo ----Temp (everyone用户更改权限)----

echo -----------------------------------

  Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C

echo -------------------

echo ----assembly (everyone用户读取权限)----

echo ---------------------------------------

  Cacls C:\WINDOWS\assembly /t /e /c /g everyone:R

echo -------------------------------------

echo ----WinSxS (everyone用户读取权限)----

echo -------------------------------------

  Cacls C:\WINDOWS\WinSxS /t /e /c /g everyone:R

echo ------------------------------------

echo ----Fonts (everyone用户读取权限)----

echo ------------------------------------

  Cacls C:\WINDOWS\Fonts /t /e /c /g everyone:R

echo ---------------------------------------

echo ----System32 (everyone用户读取权限)----

echo ---------------------------------------

  Cacls C:\WINDOWS\System32 /t /e /c /g everyone:R

echo ------------------------------------------

echo ----msdtc (networkservice用户更改权限)----

echo ------------------------------------------

  Cacls C:\windows\system32\msdtc /t /e /c /g networkservice:C

echo -----------------------------------------------------

echo ----ASP Compiled Templates (everyone用户更改权限)----

echo -----------------------------------------------------

  Cacls "C:\WINDOWS\system32\inetsrv\ASP Compiled Templates" /t /e /c /g everyone:C

echo ------------------------------------

echo ----*.exe (去除everyone用户权限)----

echo ------------------------------------

  Cacls C:\WINDOWS\System32\*.exe /e /c /r everyone

echo ------------------------------------

echo ----cmd.exe (去除system用户权限)----

echo ------------------------------------

  Cacls C:\WINDOWS\System32\cmd.exe /e /c /r system

echo ------------------------------------

echo ----net.exe (去除system用户权限)----

echo ------------------------------------

  Cacls C:\WINDOWS\System32 et.exe /e /c /r system

echo -------------------------------------

echo ----net1.exe (去除system用户权限)----

echo -------------------------------------

  Cacls C:\WINDOWS\System32 et1.exe /e /c /r system

echo ----------------------------------------

echo ----msdtc.exe (everyone用户读取权限)----

echo ----------------------------------------

  Cacls C:\WINDOWS\System32\msdtc.exe /e /c /g everyone:R

echo ------------------------------------------

echo ----dllhost.exe (everyone用户读取权限)----

echo ------------------------------------------

  Cacls C:\WINDOWS\System32\dllhost.exe /e /c /g everyone:R

echo ------------------------------------------

echo ----svchost.exe (everyone用户读取权限)----

echo ------------------------------------------

  Cacls C:\WINDOWS\System32\svchost.exe /e /c /g everyone:R

echo --------------------

echo --------------------

echo ----系统加固完毕----

echo --------------------

echo --------------------

  @ping 127.0.0.1 -n 3 >nul

echo -----------------------------

echo ----安全设置完毕 欢迎使用----

echo -----------------------------

echo ------------------

echo ----重启服务器----

echo ------------------

  @ping 127.0.0.1

  shutdown -r

  @pause

将上面的代码保存为1.cmd或1.bat,双击运行下即可。

网站标题:Win2003环境下的一键系统安全批处理
本文路径:http://www.gawzjz.com/qtweb/news43/184493.html

网站建设、网络推广公司-创新互联,是专注品牌与效果的网站制作,网络营销seo公司;服务项目有等

广告

声明:本网站发布的内容(图片、视频和文字)以用户投稿、用户转载内容为主,如果涉及侵权请尽快告知,我们将会在第一时间删除。文章观点不代表本网站立场,如需处理请联系客服。电话:028-86922220;邮箱:631063699@qq.com。内容未经允许不得转载,或转载时需注明来源: 创新互联