导读今天小编跟大家讲解下有关科技常识:Win2003环境下的一键系统安全批处理,相信小伙伴们对这个话题应该也很关注吧,小编也收集到了有关科技
今天小编跟大家讲解下有关科技常识:Win2003环境下的一键系统安全批处理,相信小伙伴们对这个话题应该也很关注吧,小编也收集到了有关科技常识:Win2003环境下的一键系统安全批处理的相关资料,希望小伙伴会喜欢也能够帮助大家。
复制代码 代码如下:@echo off echo ---------------------------------- echo ----正在备份注册表 请稍后....---- echo ---------------------------------- reg export"HKEY_LOCAL_MACHINE"C:/reg_backup.reg echo ---------------------- echo ----注册表备份完成---- echo ---------------------- ping 127.0.0.1 -n 3 >nul echo ----------------------------------- echo ----安全配置正在改写 请稍候...---- echo ----------------------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------- echo ----正在禁用空连接---- echo ---------------------- reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f echo -------------------------- echo ----禁用空连接设置完毕---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------ echo ----正在删除默认共享---- echo ------------------------ reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f echo ---------------------------- echo ----删除默认共享设置完毕---- echo ---------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------ echo ----正在修改TTL值请稍后...---- echo ------------------------------ reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f echo ------------------- echo ----TTL修改完毕---- echo ------------------- @ping 127.0.0.1 -n 3 >nul echo ----------------------- echo ----防止syn洪水攻击---- echo ----------------------- reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f echo ------------------------------- echo ----防止syn洪水攻击设置完毕---- echo ------------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------ echo ------------------------------ echo ---- 系统服务修改 ---- echo ------------------------------ echo ------------------------------ @ping 127.0.0.1 -n 3 >nul echo -------------------- echo ----修改3389端口---- echo -------------------- reg add"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp"/v PortNumber /t reg_dword /d 44454 /f reg add"HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp"/v PortNumber /t reg_dword /d 44454 /f echo -------------------- echo ----修改PORT完毕---- echo -------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------------- echo ----正在开启系统防火墙 请稍后....---- echo ------------------------------------- sc config sharedaccess start= auto & net start sharedaccess echo ------------------------ echo ----系统防火墙已开启---- echo ------------------------ @ping 127.0.0.1 -n 3 >nul echo ---------------------------- echo ----正在关闭共享打印服务---- echo ---------------------------- @sc config Spooler start= disabled sc config LanmanServer start= disabled sc config LmHosts start= disabled echo -------------------------- echo ----已关闭共享打印服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------------- echo ----正在关闭远程协助服务---- echo ---------------------------- @sc config RDSessMgr start= disabled echo -------------------------- echo ----已关闭远程协助服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------ echo ----正在关闭远程注册表服务---- echo ------------------------------ @sc config RemoteRegistry start= disabled echo ---------------------------- echo ----已关闭远程注册表服务---- echo ---------------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------------- echo ----关闭自动硬件播放通知---- echo ---------------------------- sc config ShellHWDetection start= disabled echo ----------------------- echo ----自动播放通知关闭--- echo ----------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------------------------- echo ----正在关闭替换凭据下的启动进程服务---- echo ---------------------------------------- sc config seclogon start= disabled echo -------------------------- echo ----已关闭启动进程服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------------ echo ----IEEE 802.11 适配器的自动配置---- echo ------------------------------------ sc config WZCSVC start= disabled echo ------------------ echo ----已关闭IEEE---- echo ------------------ @ping 127.0.0.1 -n 3 >nul echo -------------------------- echo ----客户端跟踪服务关闭---- echo -------------------------- sc config TrkSvr start= disabled sc config MSDTC start= disabled echo ---------------------------- echo ----已关闭客户端跟踪服务---- echo ---------------------------- @ping 127.0.0.1 -n 3 >nul echo -------------------- echo ----帮助中心关闭---- echo -------------------- sc config helpsvc start= disabled echo -------------------------- echo ----已关闭帮助中心服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo -------------------------------- echo -------------------------------- echo ---- 系统权限加固 ---- echo -------------------------------- echo -------------------------------- echo ------------------------------------------------------- echo ----C盘(系统盘) (administrators,system完全控制权限)---- echo ------------------------------------------------------- cacls C:\ /t /c /g administrators:F system:F echo ------------------------------------------- echo ----Common Files (everyone用户只读权限)---- echo ------------------------------------------- Cacls"C:\Program Files\Common Files"/t /e /c /g everyone:R echo ------------------------------------------------------------- echo ----IIS Temporary Compressed Files (everyone用户更改权限)---- echo ------------------------------------------------------------- Cacls"C:\WINDOWS\IIS Temporary Compressed Files"/t /e /c /g everyone:C echo -------------------------------------------- echo ----Microsoft.Net (everyone用户只读权限)---- echo -------------------------------------------- Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R echo ------------------------------------------------------ echo ----Temporary ASP.NET Files (everyone用户更改权限)---- echo ------------------------------------------------------ Cacls"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files"/t /e /c /g everyone:C echo ------------------------------------------------------ echo ----Temporary ASP.NET Files (everyone用户更改权限)---- echo ------------------------------------------------------ Cacls"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files"/t /e /c /g everyone:C echo ------------------------------------------- echo ----Registration (everyone用户读取权限)---- echo ------------------------------------------- Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R echo ----------------------------------- echo ----Temp (everyone用户更改权限)---- echo ----------------------------------- Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C echo ------------------- @echo off echo ---------------------------------- echo ----正在备份注册表 请稍后....---- echo ---------------------------------- reg export"HKEY_LOCAL_MACHINE"C:/reg_backup.reg echo ---------------------- echo ----注册表备份完成---- echo ---------------------- ping 127.0.0.1 -n 3 >nul echo ----------------------------------- echo ----安全配置正在改写 请稍候...---- echo ----------------------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------- echo ----正在禁用空连接---- echo ---------------------- reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f echo -------------------------- echo ----禁用空连接设置完毕---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------ echo ----正在删除默认共享---- echo ------------------------ reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f echo ---------------------------- echo ----删除默认共享设置完毕---- echo ---------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------ echo ----正在修改TTL值请稍后...---- echo ------------------------------ reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f echo ------------------- echo ----TTL修改完毕---- echo ------------------- @ping 127.0.0.1 -n 3 >nul echo ----------------------- echo ----防止syn洪水攻击---- echo ----------------------- reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f echo ------------------------------- echo ----防止syn洪水攻击设置完毕---- echo ------------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------ echo ------------------------------ echo ---- 系统服务修改 ---- echo ------------------------------ echo ------------------------------ @ping 127.0.0.1 -n 3 >nul echo -------------------- echo ----修改3389端口---- echo -------------------- reg add"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp"/v PortNumber /t reg_dword /d 44454 /f reg add"HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp"/v PortNumber /t reg_dword /d 44454 /f echo -------------------- echo ----修改PORT完毕---- echo -------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------------- echo ----正在开启系统防火墙 请稍后....---- echo ------------------------------------- sc config sharedaccess start= auto & net start sharedaccess echo ------------------------ echo ----系统防火墙已开启---- echo ------------------------ @ping 127.0.0.1 -n 3 >nul echo ---------------------------- echo ----正在关闭共享打印服务---- echo ---------------------------- @sc config Spooler start= disabled sc config LanmanServer start= disabled sc config LmHosts start= disabled echo -------------------------- echo ----已关闭共享打印服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------------- echo ----正在关闭远程协助服务---- echo ---------------------------- @sc config RDSessMgr start= disabled echo -------------------------- echo ----已关闭远程协助服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------ echo ----正在关闭远程注册表服务---- echo ------------------------------ @sc config RemoteRegistry start= disabled echo ---------------------------- echo ----已关闭远程注册表服务---- echo ---------------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------------- echo ----关闭自动硬件播放通知---- echo ---------------------------- sc config ShellHWDetection start= disabled echo ----------------------- echo ----自动播放通知关闭--- echo ----------------------- @ping 127.0.0.1 -n 3 >nul echo ---------------------------------------- echo ----正在关闭替换凭据下的启动进程服务---- echo ---------------------------------------- sc config seclogon start= disabled echo -------------------------- echo ----已关闭启动进程服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo ------------------------------------ echo ----IEEE 802.11 适配器的自动配置---- echo ------------------------------------ sc config WZCSVC start= disabled echo ------------------ echo ----已关闭IEEE---- echo ------------------ @ping 127.0.0.1 -n 3 >nul echo -------------------------- echo ----客户端跟踪服务关闭---- echo -------------------------- sc config TrkSvr start= disabled sc config MSDTC start= disabled echo ---------------------------- echo ----已关闭客户端跟踪服务---- echo ---------------------------- @ping 127.0.0.1 -n 3 >nul echo -------------------- echo ----帮助中心关闭---- echo -------------------- sc config helpsvc start= disabled echo -------------------------- echo ----已关闭帮助中心服务---- echo -------------------------- @ping 127.0.0.1 -n 3 >nul echo -------------------------------- echo -------------------------------- echo ---- 系统权限加固 ---- echo -------------------------------- echo -------------------------------- echo ------------------------------------------------------- echo ----C盘(系统盘) (administrators,system完全控制权限)---- echo ------------------------------------------------------- cacls C:\ /t /c /g administrators:F system:F echo ------------------------------------------- echo ----Common Files (everyone用户只读权限)---- echo ------------------------------------------- Cacls"C:\Program Files\Common Files"/t /e /c /g everyone:R echo ------------------------------------------------------------- echo ----IIS Temporary Compressed Files (everyone用户更改权限)---- echo ------------------------------------------------------------- Cacls"C:\WINDOWS\IIS Temporary Compressed Files"/t /e /c /g everyone:C echo -------------------------------------------- echo ----Microsoft.Net (everyone用户只读权限)---- echo -------------------------------------------- Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R echo ------------------------------------------------------ echo ----Temporary ASP.NET Files (everyone用户更改权限)---- echo ------------------------------------------------------ Cacls"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files"/t /e /c /g everyone:C echo ------------------------------------------------------ echo ----Temporary ASP.NET Files (everyone用户更改权限)---- echo ------------------------------------------------------ Cacls"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files"/t /e /c /g everyone:C echo ------------------------------------------- echo ----Registration (everyone用户读取权限)---- echo ------------------------------------------- Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R echo ----------------------------------- echo ----Temp (everyone用户更改权限)---- echo ----------------------------------- Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C echo ------------------- echo ----assembly (everyone用户读取权限)---- echo --------------------------------------- Cacls C:\WINDOWS\assembly /t /e /c /g everyone:R echo ------------------------------------- echo ----WinSxS (everyone用户读取权限)---- echo ------------------------------------- Cacls C:\WINDOWS\WinSxS /t /e /c /g everyone:R echo ------------------------------------ echo ----Fonts (everyone用户读取权限)---- echo ------------------------------------ Cacls C:\WINDOWS\Fonts /t /e /c /g everyone:R echo --------------------------------------- echo ----System32 (everyone用户读取权限)---- echo --------------------------------------- Cacls C:\WINDOWS\System32 /t /e /c /g everyone:R echo ------------------------------------------ echo ----msdtc (networkservice用户更改权限)---- echo ------------------------------------------ Cacls C:\windows\system32\msdtc /t /e /c /g networkservice:C echo ----------------------------------------------------- echo ----ASP Compiled Templates (everyone用户更改权限)---- echo ----------------------------------------------------- Cacls"C:\WINDOWS\system32\inetsrv\ASP Compiled Templates"/t /e /c /g everyone:C echo ------------------------------------ echo ----*.exe (去除everyone用户权限)---- echo ------------------------------------ Cacls C:\WINDOWS\System32\*.exe /e /c /r everyone echo ------------------------------------ echo ----cmd.exe (去除system用户权限)---- echo ------------------------------------ Cacls C:\WINDOWS\System32\cmd.exe /e /c /r system echo ------------------------------------ echo ----net.exe (去除system用户权限)---- echo ------------------------------------ Cacls C:\WINDOWS\System32 et.exe /e /c /r system echo ------------------------------------- echo ----net1.exe (去除system用户权限)---- echo ------------------------------------- Cacls C:\WINDOWS\System32 et1.exe /e /c /r system echo ---------------------------------------- echo ----msdtc.exe (everyone用户读取权限)---- echo ---------------------------------------- Cacls C:\WINDOWS\System32\msdtc.exe /e /c /g everyone:R echo ------------------------------------------ echo ----dllhost.exe (everyone用户读取权限)---- echo ------------------------------------------ Cacls C:\WINDOWS\System32\dllhost.exe /e /c /g everyone:R echo ------------------------------------------ echo ----svchost.exe (everyone用户读取权限)---- echo ------------------------------------------ Cacls C:\WINDOWS\System32\svchost.exe /e /c /g everyone:R echo -------------------- echo -------------------- echo ----系统加固完毕---- echo -------------------- echo -------------------- @ping 127.0.0.1 -n 3 >nul echo ----------------------------- echo ----安全设置完毕 欢迎使用---- echo ----------------------------- echo ------------------ echo ----重启服务器---- echo ------------------ @ping 127.0.0.1 shutdown -r @pause 将上面的代码保存为1.cmd或1.bat,双击运行下即可。来源:爱蒂网