DDR爱好者之家 Design By 杰米
复制代码 代码如下:
@echo off
echo ----------------------------------
echo ----正在备份注册表 请稍后....----
echo ----------------------------------
reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg
echo ----------------------
echo ----注册表备份完成----
echo ----------------------
ping 127.0.0.1 -n 3 >nul
echo -----------------------------------
echo ----安全配置正在改写 请稍候...----
echo -----------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------
echo ----正在禁用空连接----
echo ----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f
echo --------------------------
echo ----禁用空连接设置完毕----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------
echo ----正在删除默认共享----
echo ------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f
echo ----------------------------
echo ----删除默认共享设置完毕----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在修改TTL值请稍后...----
echo ------------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f
echo -------------------
echo ----TTL修改完毕----
echo -------------------
@ping 127.0.0.1 -n 3 >nul
echo -----------------------
echo ----防止syn洪水攻击----
echo -----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f
echo -------------------------------
echo ----防止syn洪水攻击设置完毕----
echo -------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ------------------------------
echo ---- 系统服务修改 ----
echo ------------------------------
echo ------------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----修改3389端口----
echo --------------------
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f
echo --------------------
echo ----修改PORT完毕----
echo --------------------
@ping 127.0.0.1 -n 3 >nul
echo -------------------------------------
echo ----正在开启系统防火墙 请稍后....----
echo -------------------------------------
sc config sharedaccess start= auto & net start sharedaccess
echo ------------------------
echo ----系统防火墙已开启----
echo ------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭共享打印服务----
echo ----------------------------
@sc config Spooler start= disabled
sc config LanmanServer start= disabled
sc config LmHosts start= disabled
echo --------------------------
echo ----已关闭共享打印服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭远程协助服务----
echo ----------------------------
@sc config RDSessMgr start= disabled
echo --------------------------
echo ----已关闭远程协助服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在关闭远程注册表服务----
echo ------------------------------
@sc config RemoteRegistry start= disabled
echo ----------------------------
echo ----已关闭远程注册表服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----关闭自动硬件播放通知----
echo ----------------------------
sc config ShellHWDetection start= disabled
echo -----------------------
echo ----自动播放通知关闭---
echo -----------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------------------
echo ----正在关闭替换凭据下的启动进程服务----
echo ----------------------------------------
sc config seclogon start= disabled
echo --------------------------
echo ----已关闭启动进程服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------------
echo ----IEEE 802.11 适配器的自动配置----
echo ------------------------------------
sc config WZCSVC start= disabled
echo ------------------
echo ----已关闭IEEE----
echo ------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------
echo ----客户端跟踪服务关闭----
echo --------------------------
sc config TrkSvr start= disabled
sc config MSDTC start= disabled
echo ----------------------------
echo ----已关闭客户端跟踪服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----帮助中心关闭----
echo --------------------
sc config helpsvc start= disabled
echo --------------------------
echo ----已关闭帮助中心服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------------
echo --------------------------------
echo ---- 系统权限加固 ----
echo --------------------------------
echo --------------------------------
echo -------------------------------------------------------
echo ----C盘(系统盘) (administrators,system完全控制权限)----
echo -------------------------------------------------------
cacls C:\ /t /c /g administrators:F system:F
echo -------------------------------------------
echo ----Common Files (everyone用户只读权限)----
echo -------------------------------------------
Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R
echo -------------------------------------------------------------
echo ----IIS Temporary Compressed Files (everyone用户更改权限)----
echo -------------------------------------------------------------
Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C
echo --------------------------------------------
echo ----Microsoft.Net (everyone用户只读权限)----
echo --------------------------------------------
Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo -------------------------------------------
echo ----Registration (everyone用户读取权限)----
echo -------------------------------------------
Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R
echo -----------------------------------
echo ----Temp (everyone用户更改权限)----
echo -----------------------------------
Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C
echo -------------------
@echo off
echo ----------------------------------
echo ----正在备份注册表 请稍后....----
echo ----------------------------------
reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg
echo ----------------------
echo ----注册表备份完成----
echo ----------------------
ping 127.0.0.1 -n 3 >nul
echo -----------------------------------
echo ----安全配置正在改写 请稍候...----
echo -----------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------
echo ----正在禁用空连接----
echo ----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f
echo --------------------------
echo ----禁用空连接设置完毕----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------
echo ----正在删除默认共享----
echo ------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f
echo ----------------------------
echo ----删除默认共享设置完毕----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在修改TTL值请稍后...----
echo ------------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f
echo -------------------
echo ----TTL修改完毕----
echo -------------------
@ping 127.0.0.1 -n 3 >nul
echo -----------------------
echo ----防止syn洪水攻击----
echo -----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f
echo -------------------------------
echo ----防止syn洪水攻击设置完毕----
echo -------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ------------------------------
echo ---- 系统服务修改 ----
echo ------------------------------
echo ------------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----修改3389端口----
echo --------------------
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f
echo --------------------
echo ----修改PORT完毕----
echo --------------------
@ping 127.0.0.1 -n 3 >nul
echo -------------------------------------
echo ----正在开启系统防火墙 请稍后....----
echo -------------------------------------
sc config sharedaccess start= auto & net start sharedaccess
echo ------------------------
echo ----系统防火墙已开启----
echo ------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭共享打印服务----
echo ----------------------------
@sc config Spooler start= disabled
sc config LanmanServer start= disabled
sc config LmHosts start= disabled
echo --------------------------
echo ----已关闭共享打印服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭远程协助服务----
echo ----------------------------
@sc config RDSessMgr start= disabled
echo --------------------------
echo ----已关闭远程协助服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在关闭远程注册表服务----
echo ------------------------------
@sc config RemoteRegistry start= disabled
echo ----------------------------
echo ----已关闭远程注册表服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----关闭自动硬件播放通知----
echo ----------------------------
sc config ShellHWDetection start= disabled
echo -----------------------
echo ----自动播放通知关闭---
echo -----------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------------------
echo ----正在关闭替换凭据下的启动进程服务----
echo ----------------------------------------
sc config seclogon start= disabled
echo --------------------------
echo ----已关闭启动进程服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------------
echo ----IEEE 802.11 适配器的自动配置----
echo ------------------------------------
sc config WZCSVC start= disabled
echo ------------------
echo ----已关闭IEEE----
echo ------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------
echo ----客户端跟踪服务关闭----
echo --------------------------
sc config TrkSvr start= disabled
sc config MSDTC start= disabled
echo ----------------------------
echo ----已关闭客户端跟踪服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----帮助中心关闭----
echo --------------------
sc config helpsvc start= disabled
echo --------------------------
echo ----已关闭帮助中心服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------------
echo --------------------------------
echo ---- 系统权限加固 ----
echo --------------------------------
echo --------------------------------
echo -------------------------------------------------------
echo ----C盘(系统盘) (administrators,system完全控制权限)----
echo -------------------------------------------------------
cacls C:\ /t /c /g administrators:F system:F
echo -------------------------------------------
echo ----Common Files (everyone用户只读权限)----
echo -------------------------------------------
Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R
echo -------------------------------------------------------------
echo ----IIS Temporary Compressed Files (everyone用户更改权限)----
echo -------------------------------------------------------------
Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C
echo --------------------------------------------
echo ----Microsoft.Net (everyone用户只读权限)----
echo --------------------------------------------
Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo -------------------------------------------
echo ----Registration (everyone用户读取权限)----
echo -------------------------------------------
Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R
echo -----------------------------------
echo ----Temp (everyone用户更改权限)----
echo -----------------------------------
Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C
echo -------------------
echo ----assembly (everyone用户读取权限)----
echo ---------------------------------------
Cacls C:\WINDOWS\assembly /t /e /c /g everyone:R
echo -------------------------------------
echo ----WinSxS (everyone用户读取权限)----
echo -------------------------------------
Cacls C:\WINDOWS\WinSxS /t /e /c /g everyone:R
echo ------------------------------------
echo ----Fonts (everyone用户读取权限)----
echo ------------------------------------
Cacls C:\WINDOWS\Fonts /t /e /c /g everyone:R
echo ---------------------------------------
echo ----System32 (everyone用户读取权限)----
echo ---------------------------------------
Cacls C:\WINDOWS\System32 /t /e /c /g everyone:R
echo ------------------------------------------
echo ----msdtc (networkservice用户更改权限)----
echo ------------------------------------------
Cacls C:\windows\system32\msdtc /t /e /c /g networkservice:C
echo -----------------------------------------------------
echo ----ASP Compiled Templates (everyone用户更改权限)----
echo -----------------------------------------------------
Cacls "C:\WINDOWS\system32\inetsrv\ASP Compiled Templates" /t /e /c /g everyone:C
echo ------------------------------------
echo ----*.exe (去除everyone用户权限)----
echo ------------------------------------
Cacls C:\WINDOWS\System32\*.exe /e /c /r everyone
echo ------------------------------------
echo ----cmd.exe (去除system用户权限)----
echo ------------------------------------
Cacls C:\WINDOWS\System32\cmd.exe /e /c /r system
echo ------------------------------------
echo ----net.exe (去除system用户权限)----
echo ------------------------------------
Cacls C:\WINDOWS\System32 et.exe /e /c /r system
echo -------------------------------------
echo ----net1.exe (去除system用户权限)----
echo -------------------------------------
Cacls C:\WINDOWS\System32 et1.exe /e /c /r system
echo ----------------------------------------
echo ----msdtc.exe (everyone用户读取权限)----
echo ----------------------------------------
Cacls C:\WINDOWS\System32\msdtc.exe /e /c /g everyone:R
echo ------------------------------------------
echo ----dllhost.exe (everyone用户读取权限)----
echo ------------------------------------------
Cacls C:\WINDOWS\System32\dllhost.exe /e /c /g everyone:R
echo ------------------------------------------
echo ----svchost.exe (everyone用户读取权限)----
echo ------------------------------------------
Cacls C:\WINDOWS\System32\svchost.exe /e /c /g everyone:R
echo --------------------
echo --------------------
echo ----系统加固完毕----
echo --------------------
echo --------------------
@ping 127.0.0.1 -n 3 >nul
echo -----------------------------
echo ----安全设置完毕 欢迎使用----
echo -----------------------------
echo ------------------
echo ----重启服务器----
echo ------------------
@ping 127.0.0.1
shutdown -r
@pause
将上面的代码保存为1.cmd或1.bat,双击运行下即可。
@echo off
echo ----------------------------------
echo ----正在备份注册表 请稍后....----
echo ----------------------------------
reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg
echo ----------------------
echo ----注册表备份完成----
echo ----------------------
ping 127.0.0.1 -n 3 >nul
echo -----------------------------------
echo ----安全配置正在改写 请稍候...----
echo -----------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------
echo ----正在禁用空连接----
echo ----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f
echo --------------------------
echo ----禁用空连接设置完毕----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------
echo ----正在删除默认共享----
echo ------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f
echo ----------------------------
echo ----删除默认共享设置完毕----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在修改TTL值请稍后...----
echo ------------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f
echo -------------------
echo ----TTL修改完毕----
echo -------------------
@ping 127.0.0.1 -n 3 >nul
echo -----------------------
echo ----防止syn洪水攻击----
echo -----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f
echo -------------------------------
echo ----防止syn洪水攻击设置完毕----
echo -------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ------------------------------
echo ---- 系统服务修改 ----
echo ------------------------------
echo ------------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----修改3389端口----
echo --------------------
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f
echo --------------------
echo ----修改PORT完毕----
echo --------------------
@ping 127.0.0.1 -n 3 >nul
echo -------------------------------------
echo ----正在开启系统防火墙 请稍后....----
echo -------------------------------------
sc config sharedaccess start= auto & net start sharedaccess
echo ------------------------
echo ----系统防火墙已开启----
echo ------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭共享打印服务----
echo ----------------------------
@sc config Spooler start= disabled
sc config LanmanServer start= disabled
sc config LmHosts start= disabled
echo --------------------------
echo ----已关闭共享打印服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭远程协助服务----
echo ----------------------------
@sc config RDSessMgr start= disabled
echo --------------------------
echo ----已关闭远程协助服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在关闭远程注册表服务----
echo ------------------------------
@sc config RemoteRegistry start= disabled
echo ----------------------------
echo ----已关闭远程注册表服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----关闭自动硬件播放通知----
echo ----------------------------
sc config ShellHWDetection start= disabled
echo -----------------------
echo ----自动播放通知关闭---
echo -----------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------------------
echo ----正在关闭替换凭据下的启动进程服务----
echo ----------------------------------------
sc config seclogon start= disabled
echo --------------------------
echo ----已关闭启动进程服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------------
echo ----IEEE 802.11 适配器的自动配置----
echo ------------------------------------
sc config WZCSVC start= disabled
echo ------------------
echo ----已关闭IEEE----
echo ------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------
echo ----客户端跟踪服务关闭----
echo --------------------------
sc config TrkSvr start= disabled
sc config MSDTC start= disabled
echo ----------------------------
echo ----已关闭客户端跟踪服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----帮助中心关闭----
echo --------------------
sc config helpsvc start= disabled
echo --------------------------
echo ----已关闭帮助中心服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------------
echo --------------------------------
echo ---- 系统权限加固 ----
echo --------------------------------
echo --------------------------------
echo -------------------------------------------------------
echo ----C盘(系统盘) (administrators,system完全控制权限)----
echo -------------------------------------------------------
cacls C:\ /t /c /g administrators:F system:F
echo -------------------------------------------
echo ----Common Files (everyone用户只读权限)----
echo -------------------------------------------
Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R
echo -------------------------------------------------------------
echo ----IIS Temporary Compressed Files (everyone用户更改权限)----
echo -------------------------------------------------------------
Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C
echo --------------------------------------------
echo ----Microsoft.Net (everyone用户只读权限)----
echo --------------------------------------------
Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo -------------------------------------------
echo ----Registration (everyone用户读取权限)----
echo -------------------------------------------
Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R
echo -----------------------------------
echo ----Temp (everyone用户更改权限)----
echo -----------------------------------
Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C
echo -------------------
@echo off
echo ----------------------------------
echo ----正在备份注册表 请稍后....----
echo ----------------------------------
reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg
echo ----------------------
echo ----注册表备份完成----
echo ----------------------
ping 127.0.0.1 -n 3 >nul
echo -----------------------------------
echo ----安全配置正在改写 请稍候...----
echo -----------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------
echo ----正在禁用空连接----
echo ----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f
echo --------------------------
echo ----禁用空连接设置完毕----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------
echo ----正在删除默认共享----
echo ------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f
echo ----------------------------
echo ----删除默认共享设置完毕----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在修改TTL值请稍后...----
echo ------------------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f
echo -------------------
echo ----TTL修改完毕----
echo -------------------
@ping 127.0.0.1 -n 3 >nul
echo -----------------------
echo ----防止syn洪水攻击----
echo -----------------------
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f
echo -------------------------------
echo ----防止syn洪水攻击设置完毕----
echo -------------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ------------------------------
echo ---- 系统服务修改 ----
echo ------------------------------
echo ------------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----修改3389端口----
echo --------------------
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f
echo --------------------
echo ----修改PORT完毕----
echo --------------------
@ping 127.0.0.1 -n 3 >nul
echo -------------------------------------
echo ----正在开启系统防火墙 请稍后....----
echo -------------------------------------
sc config sharedaccess start= auto & net start sharedaccess
echo ------------------------
echo ----系统防火墙已开启----
echo ------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭共享打印服务----
echo ----------------------------
@sc config Spooler start= disabled
sc config LanmanServer start= disabled
sc config LmHosts start= disabled
echo --------------------------
echo ----已关闭共享打印服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭远程协助服务----
echo ----------------------------
@sc config RDSessMgr start= disabled
echo --------------------------
echo ----已关闭远程协助服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在关闭远程注册表服务----
echo ------------------------------
@sc config RemoteRegistry start= disabled
echo ----------------------------
echo ----已关闭远程注册表服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----关闭自动硬件播放通知----
echo ----------------------------
sc config ShellHWDetection start= disabled
echo -----------------------
echo ----自动播放通知关闭---
echo -----------------------
@ping 127.0.0.1 -n 3 >nul
echo ----------------------------------------
echo ----正在关闭替换凭据下的启动进程服务----
echo ----------------------------------------
sc config seclogon start= disabled
echo --------------------------
echo ----已关闭启动进程服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo ------------------------------------
echo ----IEEE 802.11 适配器的自动配置----
echo ------------------------------------
sc config WZCSVC start= disabled
echo ------------------
echo ----已关闭IEEE----
echo ------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------
echo ----客户端跟踪服务关闭----
echo --------------------------
sc config TrkSvr start= disabled
sc config MSDTC start= disabled
echo ----------------------------
echo ----已关闭客户端跟踪服务----
echo ----------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----帮助中心关闭----
echo --------------------
sc config helpsvc start= disabled
echo --------------------------
echo ----已关闭帮助中心服务----
echo --------------------------
@ping 127.0.0.1 -n 3 >nul
echo --------------------------------
echo --------------------------------
echo ---- 系统权限加固 ----
echo --------------------------------
echo --------------------------------
echo -------------------------------------------------------
echo ----C盘(系统盘) (administrators,system完全控制权限)----
echo -------------------------------------------------------
cacls C:\ /t /c /g administrators:F system:F
echo -------------------------------------------
echo ----Common Files (everyone用户只读权限)----
echo -------------------------------------------
Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R
echo -------------------------------------------------------------
echo ----IIS Temporary Compressed Files (everyone用户更改权限)----
echo -------------------------------------------------------------
Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C
echo --------------------------------------------
echo ----Microsoft.Net (everyone用户只读权限)----
echo --------------------------------------------
Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo -------------------------------------------
echo ----Registration (everyone用户读取权限)----
echo -------------------------------------------
Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R
echo -----------------------------------
echo ----Temp (everyone用户更改权限)----
echo -----------------------------------
Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C
echo -------------------
echo ----assembly (everyone用户读取权限)----
echo ---------------------------------------
Cacls C:\WINDOWS\assembly /t /e /c /g everyone:R
echo -------------------------------------
echo ----WinSxS (everyone用户读取权限)----
echo -------------------------------------
Cacls C:\WINDOWS\WinSxS /t /e /c /g everyone:R
echo ------------------------------------
echo ----Fonts (everyone用户读取权限)----
echo ------------------------------------
Cacls C:\WINDOWS\Fonts /t /e /c /g everyone:R
echo ---------------------------------------
echo ----System32 (everyone用户读取权限)----
echo ---------------------------------------
Cacls C:\WINDOWS\System32 /t /e /c /g everyone:R
echo ------------------------------------------
echo ----msdtc (networkservice用户更改权限)----
echo ------------------------------------------
Cacls C:\windows\system32\msdtc /t /e /c /g networkservice:C
echo -----------------------------------------------------
echo ----ASP Compiled Templates (everyone用户更改权限)----
echo -----------------------------------------------------
Cacls "C:\WINDOWS\system32\inetsrv\ASP Compiled Templates" /t /e /c /g everyone:C
echo ------------------------------------
echo ----*.exe (去除everyone用户权限)----
echo ------------------------------------
Cacls C:\WINDOWS\System32\*.exe /e /c /r everyone
echo ------------------------------------
echo ----cmd.exe (去除system用户权限)----
echo ------------------------------------
Cacls C:\WINDOWS\System32\cmd.exe /e /c /r system
echo ------------------------------------
echo ----net.exe (去除system用户权限)----
echo ------------------------------------
Cacls C:\WINDOWS\System32 et.exe /e /c /r system
echo -------------------------------------
echo ----net1.exe (去除system用户权限)----
echo -------------------------------------
Cacls C:\WINDOWS\System32 et1.exe /e /c /r system
echo ----------------------------------------
echo ----msdtc.exe (everyone用户读取权限)----
echo ----------------------------------------
Cacls C:\WINDOWS\System32\msdtc.exe /e /c /g everyone:R
echo ------------------------------------------
echo ----dllhost.exe (everyone用户读取权限)----
echo ------------------------------------------
Cacls C:\WINDOWS\System32\dllhost.exe /e /c /g everyone:R
echo ------------------------------------------
echo ----svchost.exe (everyone用户读取权限)----
echo ------------------------------------------
Cacls C:\WINDOWS\System32\svchost.exe /e /c /g everyone:R
echo --------------------
echo --------------------
echo ----系统加固完毕----
echo --------------------
echo --------------------
@ping 127.0.0.1 -n 3 >nul
echo -----------------------------
echo ----安全设置完毕 欢迎使用----
echo -----------------------------
echo ------------------
echo ----重启服务器----
echo ------------------
@ping 127.0.0.1
shutdown -r
@pause
将上面的代码保存为1.cmd或1.bat,双击运行下即可。
DDR爱好者之家 Design By 杰米
广告合作:本站广告合作请联系QQ:858582 申请时备注:广告合作(否则不回)
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!
DDR爱好者之家 Design By 杰米
暂无评论...
《魔兽世界》大逃杀!60人新游玩模式《强袭风暴》3月21日上线
暴雪近日发布了《魔兽世界》10.2.6 更新内容,新游玩模式《强袭风暴》即将于3月21 日在亚服上线,届时玩家将前往阿拉希高地展开一场 60 人大逃杀对战。
艾泽拉斯的冒险者已经征服了艾泽拉斯的大地及遥远的彼岸。他们在对抗世界上最致命的敌人时展现出过人的手腕,并且成功阻止终结宇宙等级的威胁。当他们在为即将于《魔兽世界》资料片《地心之战》中来袭的萨拉塔斯势力做战斗准备时,他们还需要在熟悉的阿拉希高地面对一个全新的敌人──那就是彼此。在《巨龙崛起》10.2.6 更新的《强袭风暴》中,玩家将会进入一个全新的海盗主题大逃杀式限时活动,其中包含极高的风险和史诗级的奖励。
《强袭风暴》不是普通的战场,作为一个独立于主游戏之外的活动,玩家可以用大逃杀的风格来体验《魔兽世界》,不分职业、不分装备(除了你在赛局中捡到的),光是技巧和战略的强弱之分就能决定出谁才是能坚持到最后的赢家。本次活动将会开放单人和双人模式,玩家在加入海盗主题的预赛大厅区域前,可以从强袭风暴角色画面新增好友。游玩游戏将可以累计名望轨迹,《巨龙崛起》和《魔兽世界:巫妖王之怒 经典版》的玩家都可以获得奖励。
更新日志
2024年05月12日
2024年05月12日
- 陈楚生《陈楚生歌曲合集》[320K/MP3][138.9MB]
- 群星-中国轻音乐-经典情歌2CD【APE整轨】
- SacredSpaMusicSeries-LettingTheWorldGoBy[蓝色假期]FLA+CUE
- 赵传1996-黑暗英雄[台湾首版][WAV]
- 迟志强《迟志强歌曲合集》[320K/MP3][105.7MB]
- 《KKBOX西洋新歌日榜》[FLAC/分轨][1.1G]
- 群星《群星歌曲合集》[320K/MP3][1.9G][精选经典流行歌曲]
- 姜育恒.2018-遇恒牵情【FLAC】
- 吴克群2010-爱我恨我(荣耀精装改版)[种子音乐][WAV+CUE]
- 陈升.1990-贪婪之歌【滚石】【WAV+CUE】
- 高洪章-《打歌》[wav]
- ABC唱片-《大卫奥伊斯特拉赫.金色小提琴》6N纯银镀膜[WAV+CUE]
- ABC唱片-《模拟万岁.示范古典》6N纯银镀膜[WAV+CUE]
- 群星《群星歌曲合集》[320K/MP3][4.1G][抖音热门歌曲500首]
- 海来阿木《海来阿木歌曲合集》[FLAC/分轨][2.7G]