澳门新葡亰网址下载win2003 WEB服务器NTFS权限设置图文方法

by admin on 2020年1月28日

为了有助于大家,和减示错误,大部份步骤能够用如下脚本代替,小编生龙活虎度改成脚本cmd,新建一个txt文把,把之类代码,复制到里面后,把扩充名改为.cmd
双击运营,运转后,请按提示backup。

总得来讲,前面一个比较难计划,参谋了人家的片段安顿和团结的片段进行,找到叁个本人以为还针锋相投满足的做法,由于个人水平有限,希望高手建议本人不足的地点,感激。由于近年来忙着其余事,等忙完之后再把IIS配置的有些还会有温馨要照拂的有的资料奉上~~届时候我们能够到论坛www.n0ws.com上去查看,不过本博客也是提供有关材质的下载的。
上边是自己的做法:
首先,配置系列盘下(如:c盘)的权位(已经将IIS的私下认可文件夹删除)
1.系统盘:选中系统盘,属性,安全选项卡,删掉除了administrators和system组的别的组恐怕客商。
2.Program Files
:右键文件夹->接纳属性->接纳“安全”选项卡->点击“高等”选项->选中“允许父项…”和“用在那呈现…”->点击“复制”->点击鲜明,退出高端安全设置->把安全选项卡中除去administrators和system组之外的组只怕客户删除

率先个相比全,推荐使用第叁个

@echo off

高级安全设置功用如下:
  澳门新葡亰网址下载 1

复制代码 代码如下:

ECHO.

3.Program Files/Common File/users :
步入到program files下的common
file文件夹下边,找到system增添users,暗中同意的权杖就可以。所谓暗中同意权限正是你加多这些客户系统活动付与那么些顾客对于操作文件夹大概文件的权能。(或许有人要问为啥要给那几个文件夹设置users的权限?答:这一个局地里面有部分dll文件是asp中createobject的时候须求的)
4.Documents and
Settings:步入系统盘,选中Documents and
Settings文件夹右键,删除掉除了administrator、system、power
users组之外的其余客户也许组。步入到Documents and
Settings文件夹里面,administrator这些文件夹的权力不需求安装。ALL
users文件夹,步向到高级选项选拔“用在这里显示的能够动用到子对象的目录代替全数子对象的权位项目”,显著,到平安选项卡下边删掉除了
administrator和system之外的其余顾客组和客户,点击分明。Default
users文件夹,步入到高等选项选择“用在那彰显的能够利用到子对象的目录代替全体子对象的权柄项目”,分明,到安全选项卡下边删掉除了
administrator、system、power users之外的别样客商组和客商,点击明确。
5.Windows :
右键文件夹->选取属性->采取“安全”选项卡->删除掉除了administrator和system之外的顾客->点击明确。
6.Windows/temp :
右键文件夹->选取属性->选拔“安全”选项卡->增加users组->设置users组只持有读取、写入的权能。
7.其余根目录下的文书夹:右键文件夹->采纳属性->选用“安全”选项卡->点击“高端”选项->选中“允许父项…”和“用在这里显示…”->点击“复制”->点击明确,退出高端安全设置->把“安全”选项卡中除了administrators和system组之外的组恐怕顾客删除
8.批甩卖:接下去的是有的非正规文件夹、文件的权位,一些劳动的改变,危急组件的去除。
批处理的大器晚成都部队分最后附上上面包车型客车保留为*.bat或然直接从自身提供的下载之处下载就可以。

@ECHO OFF
CLS
TITLE SERVER SAFE SETUP PRO
COLOR 0A
echo y|cacls.exe C: /p Administrators:f system:f “network service”:r
echo y|cacls.exe D: /p Administrators:f system:f servU:f “network
service”:r
echo y|cacls.exe E: /p Administrators:f system:f servU:f “network
service”:r
echo y|cacls.exe “C:Program Files” /t /p Administrators:f system:f
everyone:r
echo y|cacls.exe “C:Program FilesCommon Files” /t /g
Administrators:f system:f everyone:r
echo y|cacls.exe c:windows /p Administrators:f system:f
echo y|cacls.exe c:windowssystem32 /p Administrators:f system:f
echo y|cacls.exe C:WINDOWSsystem32inetsrv /p Administrators:f
system:f everyone:r
echo y|cacls.exe “C:Documents and Settings” /p Administrators:f
system:f
echo y|cacls.exe “C:Documents and SettingsAll Users” /t /p
Administrator:f system:f everyone:r
echo y|cacls.exe c:windowstemp /p everyone:f
echo y|cacls.exe %systemroot%system32shell32.dll /p
Administrators:f
echo y|cacls.exe %systemroot%system32wshom.ocx /p Administrators:f
echo y|cacls.exe c:windowssystem32*.exe /p Administrators:f
system:f
echo y|cacls.exe “c:Documents and SettingsAll Users” /e /g
everyone:r
echo y|cacls.exe %systemroot%system32svchost.exe /e /g “network
service”:r
echo y|cacls.exe %systemroot%system32msdtc.exe /e /g “network
service”:r
echo y|cacls.exe %windir%system32mtxex.dll /e /g everyone:r
echo y|cacls.exe c:windowssystem32cmd.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32net.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32net1.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32sc.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32at.exe /p Administrator:f
echo y|cacls.exe %windir%system32dllhost.exe /e /g everyone:r
echo y|cacls.exe c:windowssystem32netsh.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32net.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32cacls.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32cmdkey.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32ftp.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32tftp.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32reg.exe /p Administrator:f
echo y|cacls.exe c:windowssystem32regedt32.exe /p
Administrator:f
echo y|cacls.exe c:windowssystem32regini.exe /p Administrator:f
echo y|cacls.exe %windir%assembly /e /t /g “network service”:r
echo y|cacls.exe %windir%Microsoft.NET /e /t /g everyone:r
echo y|cacls.exe
“%windir%Microsoft.NETFrameworkv1.1.4322Temporary ASP.NET Files”
/e /t /g everyone:f
echo y|cacls.exe %windir%system32mscoree.dll /e /g everyone:r
echo y|cacls.exe %windir%system32ws03res.dll /e /g everyone:r
echo y|cacls.exe %windir%system32msxml*.dll /e /g everyone:r
echo y|cacls.exe C:WINDOWSsystem32urlmon.dll /e /g everyone:r
echo y|cacls.exe C:WINDOWSsystem32mlang.dll /e /g everyone:r
echo y|cacls.exe C:WINDOWSsystem32TAPI32.dll /e /g everyone:r
echo y|cacls.exe C:WINDOWSsystem32WININET.dll /e /g everyone:r
cacls c:windowsassembly /e /t /p “network service”:r
cacls c:windowsMicrosoft.NET /e /t /p “network service”:r
cacls “C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Temporary
ASP.NET Files” /e /t /p “network service”:f
cacls C:WINDOWSsystem32mscoree.dll /e /g everyone:r
cacls C:WINDOWSsystem32ws03res.dll /e /g everyone:r
cacls c:WINDOWS /e /g “network service”:r
if exist c:windows cacls c:windows /e /g “network service”:r
cacls c:windowsMicrosoft.NET /e /t /p “network service”:r
cacls “C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Temporary
ASP.NET Files” /e /t /p “network service”:f
cacls “C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Temporary
ASP.NET Files” /e /t /p “network service”:f
cacls c:windowssystem32 /e /g “network service”:r
cacls c:windowssystem32rasapi32.dll /e /g “network service”:r
echo y|cacls.exe C:WINDOWSsystem32inetsrvadsiis.dll /p
Administrators:f autosystem:f
echo y|cacls.exe C:WINDOWSsystem32inetsrviisadmpwd /p
Administrators:f autosystem:f
echo y|cacls.exe C:WINDOWSsystem32inetsrvMetaBack /p
Administrators:f autosystem:f
cacls C”:Program FilesServ-U” /e /g “servu”:f
cacls d:wwwroot /e /g servU:f
echo 以上设置服务器目录权限

ECHO.

复制代码 代码如下:

net stop Browser
sc config Browser start= disabled
net stop lanmanserver
sc config lanmanserver start= disabled
澳门新葡亰网址下载 ,net share c$ /delete
net share d$ /delete
net share e$ /delete
net share f$ /delete
net share admin$ /delete
net share ipc$ /delete
echo 以上删除暗中认可分享,设置服务项
echo .. delshare.reg …….
echo Windows Registry Editor Version 5.00> c:delshare.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverparameters]>>
c:delshare.reg
echo “AutoShareWks”=dword:00000000>> c:delshare.reg
echo “AutoShareServer”=dword:00000000>> c:delshare.reg
echo .. delshare.reg …..
regedit /s c:delshare.reg
echo .. delshare.reg ….
del c:delshare.reg
echo .
echo ……..
echo .
echo =========================================================
echo .
echo …………………dos….
echo .
echo ………
echo Windows Registry Editor Version 5.00> c:dosforwin.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters]>>
c:dosforwin.reg
echo “EnableICMPRedirect”=dword:00000000>> c:dosforwin.reg
echo “DeadGWDetectDefault”=dword:00000001>> c:dosforwin.reg
echo “DontAddDefaultGatewayDefault”=dword:00000000>>
c:dosforwin.reg
echo “EnableSecurityFilters”=dword:00000000”>> c:dosforwin.reg
echo “AllowUnqualifiedQuery”=dword:00000000>> c:dosforwin.reg
echo “PrioritizeRecordData”=dword:00000001>> c:dosforwin.reg
echo
“ReservedPorts”=hex(7):31,00,34,00,33,00,33,00,2d,00,31,00,34,00,33,00,34,00,>>
c:dosforwin.reg
echo 00,00,00,00>> c:dosforwin.reg
echo “SynAttackProtect”=dword:00000002>> c:dosforwin.reg
echo “EnablePMTUDiscovery”=dword:00000000>> c:dosforwin.reg
echo “NoNameReleaseOnDemand”=dword:00000001>> c:dosforwin.reg
echo “EnableDeadGWDetect”=dword:00000000>> c:dosforwin.reg
echo “KeepAliveTime”=dword:00300000>> c:dosforwin.reg
echo “PerformRouterDiscovery”=dword:00000000>> c:dosforwin.reg
echo “EnableICMPRedirects”=dword:00000000>> c:dosforwin.reg
echo .
echo ==========================================================
echo .. dosforwin.reg …..
regedit /s c:dosforwin.reg
echo .. dosforwin.reg ….
del c:dosforwin.reg
echo ==============================================================
echo .
echo ===============================================================
echo ..Remote Registry Service………..
echo ………
echo .
echo Windows Registry Editor Version 5.00> c:regedit.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteRegistry]>>
c:regedit.reg
echo “Start”=dword:00000004>> c:regedit.reg
echo .
echo .. regedit.reg …..
regedit /s c:regedit.reg
echo .
echo ……
del c:regedit.reg
echo ===============================================================
echo ..Messenger…….
echo ………
echo Windows Registry Editor Version 5.00> c:message.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMessenger]>>
c:message.reg
echo “Start”=dword:00000004>> c:message.reg
echo .
echo .. message.reg …..
regedit /s c:message.reg
echo .
echo .. message.reg
del c:message.reg
echo ===============================================================

ECHO.

@echo off
ECHO.
ECHO.
ECHO.

echo ===============================================================
echo ..lanmanserver…….
echo ………
echo Windows Registry Editor Version 5.00> c:lanmanserver.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserver]>>
c:lanmanserver.reg
echo “Start”=dword:00000004>> c:lanmanserver.reg
echo .
echo .. lanmanserver.reg …..
regedit /s c:lanmanserver.reg
echo .
echo .. lanmanserver.reg
del c:lanmanserver.reg


ECHo.

ECHo
你现在使用世界网络教研室整理的"一建做[安全](http://www.05112.com/)"脚本

ECHo.

ECHO.
ECHo.  
ECHo "windows2003NTFS加固脚本"  
ECHo.  
ECHO.

echo ==============================================================
echo …TCP/IP NetBIOS Helper Service
echo ………
echo Windows Registry Editor Version 5.00> c:netbios.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLmHosts]>>
c:netbios.reg
echo “Start”=dword:00000004>> c:netbios.reg
echo .
echo .. netbios.reg …..
regedit /s c:netbios.reg
echo .
echo .. netbios.reg
del c:netbios.reg
regedit /s forddos.reg

ECHO.

ECHO.
ECHO.

第二个

ECHO.

ECHO.

ECHo 请按提醒操作备份好注册表,不然改良后无法复苏,本身不担任.
ECHO.
ECHO YES=next set NO=exit (this time 30 Second default for n)

复制代码 代码如下:

ECHO.

ECHo 请按提醒操作备份好注册表,不然改良后不能复苏,本人不担当.

ECHO.

ECHO YES=next set NO=exit (this time 30 Second default for n)

ECHO.

CHOICE /T 30 /C yn /D n
if errorlevel 2 goto end
if errorlevel 1 goto next
:next
if EXIST backup (echo.)else md backup
if EXIST temp (rmdir /s/q temp|md temp) else md temp
if EXIST backupbackupkey.reg (move backupbackupkey.reg
backupbackupkey_old.reg ) else goto run
:run
regedit /e tempbackup-reg1.key1
“HKEY_LOCAL_MACHINESYSTEMCurrentControlSet”
regedit /e tempbackup-reg2.key2 “HKEY_CLASSES_ROOT”
copy /b /y /v tempbackup-reg1.key1+tempbackup-reg2.key2
backupbackupkey.reg
if exist backupwshom.ocx (echo 备份已存在State of Qatar else copy /v/y
%SystemRoot%System32wshom.ocx backupwshom.ocx
if exist backupshell32.dll (echo 备份已存在State of Qatar else copy /v/y
%SystemRoot%system32shell32.dll backupshell32.dll
ECHO 备份已经落成
ECHO.
goto next2
:next2
ECHO.

echo.
echo ——————————————————
echo.
echo ………..
echo.
net share c$ /delete
net share d$ /delete
net share e$ /delete
net share f$ /delete
net share admin$ /delete
net share ipc$ /delete
net stop Server
net start Server
echo.
echo ……….
echo.
echo ——————————————————
echo.
echo ……………..
echo.
echo .. delshare.reg …….
echo Windows Registry Editor Version 5.00> c:delshare.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverparameters]>>
c:delshare.reg
echo “AutoShareWks”=dword:00000000>> c:delshare.reg
echo “AutoShareServer”=dword:00000000>> c:delshare.reg
echo .. delshare.reg …..
regedit /s c:delshare.reg
echo .. delshare.reg ….
del c:delshare.reg
echo .
echo ……..
echo .
echo =========================================================
echo .
echo …………………dos….
echo .
echo ………
echo Windows Registry Editor Version 5.00> c:dosforwin.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters]>>
c:dosforwin.reg
echo “EnableICMPRedirect”=dword:00000000>> c:dosforwin.reg
echo “DeadGWDetectDefault”=dword:00000001>> c:dosforwin.reg
echo “DontAddDefaultGatewayDefault”=dword:00000000>>
c:dosforwin.reg
echo “EnableSecurityFilters”=dword:00000000”>> c:dosforwin.reg
echo “AllowUnqualifiedQuery”=dword:00000000>> c:dosforwin.reg
echo “PrioritizeRecordData”=dword:00000001>> c:dosforwin.reg
echo
“ReservedPorts”=hex(7):31,00,34,00,33,00,33,00,2d,00,31,00,34,00,33,00,34,00,>>
c:dosforwin.reg
echo 00,00,00,00>> c:dosforwin.reg
echo “SynAttackProtect”=dword:00000002>> c:dosforwin.reg
echo “EnablePMTUDiscovery”=dword:00000000>> c:dosforwin.reg
echo “NoNameReleaseOnDemand”=dword:00000001>> c:dosforwin.reg
echo “EnableDeadGWDetect”=dword:00000000>> c:dosforwin.reg
echo “KeepAliveTime”=dword:00300000>> c:dosforwin.reg
echo “PerformRouterDiscovery”=dword:00000000>> c:dosforwin.reg
echo “EnableICMPRedirects”=dword:00000000>> c:dosforwin.reg
echo …….
echo ==========================================================
echo .. dosforwin.reg …..
regedit /s c:dosforwin.reg
echo .. dosforwin.reg ….
del c:dosforwin.reg
echo ==============================================================
echo .
echo ……….(………………….).
echo .
echo ..telnet,……telnet.
echo ……….
echo Windows Registry Editor Version 5.00> c:telnet.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTlntSvr]>>
c:telnet.reg
echo “Start”=dword:00000004>> c:telnet.reg
echo .
echo .. telnet.reg …..
regedit /s c:telnet.reg
echo .
echo .. telnet.reg ….
del c:telnet.reg
echo .
echo ===============================================================
echo ..Remote Registry Service………..
echo ………
echo .
echo Windows Registry Editor Version 5.00> c:regedit.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteRegistry]>>
c:regedit.reg
echo “Start”=dword:00000004>> c:regedit.reg
echo .
echo .. regedit.reg …..
regedit /s c:regedit.reg
echo .
echo ……
del c:regedit.reg
echo ===============================================================
echo ..Messenger…….
echo ………
echo Windows Registry Editor Version 5.00> c:message.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMessenger]>>
c:message.reg
echo “Start”=dword:00000004>> c:message.reg
echo .
echo .. message.reg …..
regedit /s c:message.reg
echo .
echo .. message.reg

ECHO.

CHOICE /T 30 /C yn /D n

if errorlevel 2 goto end

if errorlevel 1 goto next

:next

if EXIST backup (echo.)else md backup

if EXIST temp (rmdir /s/q temp|md temp) else md temp

if EXIST backupbackupkey.reg (move backupbackupkey.reg
backupbackupkey_old.reg ) else goto run

:run

regedit /e tempbackup-reg1.key1
“HKEY_LOCAL_MACHINESYSTEMCurrentControlSet”

regedit /e tempbackup-reg2.key2 “HKEY_CLASSES_ROOT”

copy /b /y /v tempbackup-reg1.key1+tempbackup-reg2.key2
backupbackupkey.reg

if exist backupwshom.ocx (echo 备份已存在State of Qatar else copy /v/y
%SystemRoot%System32wshom.ocx backupwshom.ocx

if exist backupshell32.dll (echo 备份已存在卡塔尔(قطر‎ else copy /v/y
%SystemRoot%system32shell32.dll backupshell32.dll

ECHO 备份已经成功

ECHO.

goto next2

:next2

ECHO.

ECHO.

ECHo
改善权限system32索引中不安全的几个exe文件,改为唯有Administrators才有权力运转
ECHO YES=next set NO=this set ignore (this time 30 Second default for
y)

del c:message.reg

echo ..Telephony……
echo ….
echo Windows Registry Editor Version 5.00> c:Telephony.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTapiSrv]>>
c:Telephony.reg
echo “Start”=dword:00000004>> c:Telephony.reg
echo .
echo .. Telephony.reg
regedit /s c:Telephony.reg
del c:Telephony.reg
echo ==============================================================
echo …TCP/IP NetBIOS Helper Service
echo ………
echo Windows Registry Editor Version 5.00> c:netbios.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLmHosts]>>
c:netbios.reg
echo “Start”=dword:00000004>> c:netbios.reg
echo .
echo .. netbios.reg …..
regedit /s c:netbios.reg
echo .
echo .. netbios.reg
del c:netbios.reg
echo ===============================================================
echo ===============================================================
echo powered by 冬虫草
echo sleepboy82@hotmail.com
echo Jooline Services Set
goto :END

地方的文书下载地址

ECHO.

ECHo
改革权限system32索引中不安全的多少个exe文件,改为唯有Administrators才有权力运转

ECHO YES=next set NO=this set ignore (this time 30 Second default for y)

ECHO.

CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next3
if errorlevel 1 goto next21
:next21
echo y|cacls.exe %SystemRoot%system32net.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32net1.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32cmd.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32tftp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32netstat.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32regedit.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32at.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32attrib.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32cacls.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32fortmat.com /g
Administrators:F
echo y|cacls.exe %SystemDrive%boot.ini /g Administrators:F
echo y|cacls.exe %SystemDrive%AUTOEXEC.BAT /g Administrators:F
echo y|cacls.exe %SystemRoot%/system32ftp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32secedit.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32gpresult.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32gpupdate.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32logoff.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32shutdown.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32telnet.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32wscript.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32doskey.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32help.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32ipconfig.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32nbtstat.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32print.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32debug.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32regedt32.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32reg.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32register.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32replace.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32nwscript.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32share.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32ping.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32ipsec6.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32netsh.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32edit.com /g Administrators:F
echo y|cacls.exe %SystemRoot%system32route.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32tracert.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32powercfg.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32nslookup.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32arp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32rsh.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32netdde.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32mshta.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32mountvol.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32setx.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32find.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32where.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32finger.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32regsvr32.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32sc.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32shadow.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32runas.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%PCHealthHelpCtrBinariesmsconfig.exe
/g Administrators:F
echo y|cacls.exe %SystemRoot%notepad.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%regedit.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%winhelp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%winhlp32.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32edlin.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32posix.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32atsvc.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%system32qbasic.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32runonce.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32syskey.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32cscript.exe /g
Administrators:F
echo y|cacls.exe %SystemRoot%system32sethc.exe /g Administrators:F

echo “C盘权限设定”
cacls “%SystemRoot%/Registration” /r “everyone” /e

echo “删除C盘的windows目录下的create owner的权位”
cd/

cacls “%SystemRoot%/repair” /r “create owner” /e
cacls “%SystemRoot%/system32” /r “create owner” /e
cacls “%SystemDrive%/system32/config” /r “create owner” /e
cacls “%SystemRoot%/system32/wbem” /r “create owner” /e

echo “删除WINDOWS文件夹上面包车型大巴power users的权力”

cacls “%SystemRoot%/repair” /r “Power Users” /e
cacls “%SystemRoot%/system32” /r “Power Users” /e
cacls “%SystemDrive%/system32/config” /r “Power Users” /e
cacls “%SystemRoot%/system32/wbem” /r “Power Users” /e

echo “删除WINDOWS下users的拜会权限”

cacls “%SystemRoot%/addins” /r “users” /e
cacls “%SystemRoot%/AppPatch” /r “users” /e
cacls “%SystemRoot%/Connection Wizard” /r “users” /e
cacls “%SystemRoot%/Debug” /r “users” /e
cacls “%SystemRoot%/Driver Cache” /r “users” /e
cacls “%SystemRoot%/Help” /r “users” /e
cacls “%SystemRoot%/IIS Temporary Compressed Files” /r “users” /e
cacls “%SystemRoot%/java” /r “users” /e
cacls “%SystemRoot%/msagent” /r “users” /e
cacls “%SystemRoot%/mui” /r “users” /e
cacls “%SystemRoot%/repair” /r “users” /e
cacls “%SystemRoot%/Resources” /r “users” /e
cacls “%SystemRoot%/security” /r “users” /e
cacls “%SystemRoot%/system” /r “users” /e
cacls “%SystemRoot%/TAPI” /r “users” /e
cacls “%SystemRoot%/Temp” /r “users” /e
cacls “%SystemRoot%/twain_32” /r “users” /e
cacls “%SystemRoot%/Web” /r “users” /e
cacls “%SystemRoot%/system32/3com_dmi” /r “users” /e
cacls “%SystemRoot%/system32/administration” /r “users” /e
cacls “%SystemRoot%/system32/Cache” /r “users” /e
cacls “%SystemRoot%/system32/CatRoot2” /r “users” /e
cacls “%SystemRoot%/system32/Com” /r “users” /e
cacls “%SystemRoot%/system32/config” /r “users” /e
cacls “%SystemRoot%/system32/dhcp” /r “users” /e
cacls “%SystemRoot%/system32/drivers” /r “users” /e
cacls “%SystemRoot%/system32/export” /r “users” /e
cacls “%SystemRoot%/system32/icsxml” /r “users” /e
cacls “%SystemRoot%/system32/lls” /r “users” /e
cacls “%SystemRoot%/system32/LogFiles” /r “users” /e
cacls “%SystemRoot%/system32/MicrosoftPassport” /r “users” /e
cacls “%SystemRoot%/system32/mui” /r “users” /e
cacls “%SystemRoot%/system32/oobe” /r “users” /e
cacls “%SystemRoot%/system32/ShellExt” /r “users” /e
cacls “%SystemRoot%/system32/wbem” /r “users” /e

goto next3
:next3
ECHO.
ECHO.

ECHO.

CHOICE /T 30 /C yn /D y

if errorlevel 2 goto next3

if errorlevel 1 goto next21

:next21

xcacls.exe %SystemRoot%system32net.exe /t /g Administrators:F /y /C

xcacls.exe %SystemRoot%system32net1.exe /t /g Administrators:F /y /C

xcacls.exe %SystemRoot%system32cmd.exe /t /g Administrators:F /y /C

xcacls.exe %SystemRoot%system32tftp.exe /t /g Administrators:F /y /C

xcacls.exe %SystemRoot%system32netstat.exe /t /g Administrators:F /y
/C

xcacls.exe %SystemRoot%system32regedit.exe /t /g Administrators:F /y
/C

xcacls.exe %SystemRoot%system32at.exe /t /g Administrators:F /y /C

xcacls.exe %SystemRoot%system32attrib.exe /t /g Administrators:F /y
/C

xcacls.exe %SystemRoot%system32cacls.exe /t /g Administrators:F /y
/C

xcacls.exe %SystemRoot%system32fortmat.com /t /g Administrators:F /y
/C

xcacls.exe %SystemRoot%system32secedit.exe /t /g Administrators:F /y
/C

echo “虚构主机C盘权限设定”

echo “删除C盘的everyone的权限”

cd/

cacls “%SystemDrive%” /r “everyone” /e

cacls “%SystemRoot%” /r “everyone” /e

cacls “%SystemRoot%/Registration” /r “everyone” /e

cacls “%SystemDrive%/Documents and Settings” /r “everyone” /e

echo “删除C盘的有所的users的寻访权限”

cacls “%SystemDrive%” /r “users” /e

cacls “%SystemDrive%/Program Files” /r “users” /e

cacls “%SystemDrive%/Documents and Settings” /r “users” /e

cacls “%SystemRoot%” /r “users” /e

cacls “%SystemRoot%/addins” /r “users” /e

cacls “%SystemRoot%/AppPatch” /r “users” /e

cacls “%SystemRoot%/Connection Wizard” /r “users” /e

cacls “%SystemRoot%/Debug” /r “users” /e

cacls “%SystemRoot%/Driver Cache” /r “users” /e

cacls “%SystemRoot%/Help” /r “users” /e

cacls “%SystemRoot%/IIS Temporary Compressed Files” /r “users” /e

cacls “%SystemRoot%/java” /r “users” /e

cacls “%SystemRoot%/msagent” /r “users” /e

cacls “%SystemRoot%/mui” /r “users” /e

cacls “%SystemRoot%/repair” /r “users” /e

cacls “%SystemRoot%/Resources” /r “users” /e

cacls “%SystemRoot%/security” /r “users” /e

cacls “%SystemRoot%/system” /r “users” /e

cacls “%SystemRoot%/TAPI” /r “users” /e

cacls “%SystemRoot%/Temp” /r “users” /e

cacls “%SystemRoot%/twain_32” /r “users” /e

cacls “%SystemRoot%/Web” /r “users” /e

cacls “%SystemRoot%/system32/3com_dmi” /r “users” /e

cacls “%SystemRoot%/system32/administration” /r “users” /e

cacls “%SystemRoot%/system32/Cache” /r “users” /e

cacls “%SystemRoot%/system32/CatRoot2” /r “users” /e

cacls “%SystemRoot%/system32/Com” /r “users” /e

cacls “%SystemRoot%/system32/config” /r “users” /e

cacls “%SystemRoot%/system32/dhcp” /r “users” /e

cacls “%SystemRoot%/system32/drivers” /r “users” /e

cacls “%SystemRoot%/system32/export” /r “users” /e

cacls “%SystemRoot%/system32/icsxml” /r “users” /e

cacls “%SystemRoot%/system32/lls” /r “users” /e

cacls “%SystemRoot%/system32/LogFiles” /r “users” /e

cacls “%SystemRoot%/system32/MicrosoftPassport” /r “users” /e

cacls “%SystemRoot%/system32/mui” /r “users” /e

cacls “%SystemRoot%/system32/oobe” /r “users” /e

cacls “%SystemRoot%/system32/ShellExt” /r “users” /e

cacls “%SystemRoot%/system32/wbem” /r “users” /e

echo “添加iis_wpg的走访权限”

cacls “%SystemRoot%” /g iis_wpg:r /e

cacls “%SystemDrive%/Program Files/Common Files” /g iis_wpg:r /e

cacls “%SystemRoot%/Downloaded Program Files” /g iis_wpg:c /e

cacls “%SystemRoot%/Help” /g iis_wpg:c /e

cacls “%SystemRoot%/IIS Temporary Compressed Files” /g iis_wpg:c /e

cacls “%SystemRoot%/Offline Web Pages” /g iis_wpg:c /e

cacls “%SystemRoot%/System32” /g iis_wpg:c /e

cacls “%SystemRoot%/WinSxS” /g iis_wpg:c /e

cacls “%SystemRoot%/WinSxS” /r “users” /e

cacls “%SystemRoot%/Tasks” /g iis_wpg:c /e

cacls “%SystemRoot%/Temp” /g iis_wpg:c /e

cacls “%SystemRoot%/Web” /g iis_wpg:c /e

echo “添加iis_wpg的拜谒权限[.net专用]”

cacls “%SystemRoot%/Assembly” /g iis_wpg:c /e

cacls “%SystemRoot%/Microsoft.NET” /g iis_wpg:c /e

echo “添加iis_wpg的探问权限[装了MACFEE的软件专项使用]”

cacls “%SystemDrive%/Program Files/Network Associates” /g iis_wpg:r /e

echo “增添users的访谈权限”

cacls “%SystemRoot%/temp” /g users:c /e

goto next3

:next3

ECHO.

ECHO.

ECHO.

ECHo 禁绝不要求的服务,假若要抽离请按Ctrl+C
ECHO YES=next set NO=this set ignore (this time 30 Second default for
y)

ECHO.

ECHo 制止无需的劳务,假诺要退出请按Ctrl+C

ECHO YES=next set NO=this set ignore (this time 30 Second default for y)

ECHO.

CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next4
if errorlevel 1 goto next31
:next31
echo Windows Registry Editor Version 5.00 >tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanworkstation]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAlerter]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesBrowser]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDfs]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesScheduler]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLmHosts]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTlntSvr]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteAccess]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNtmsSvc]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteRegistry]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTrkWks]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesERSvc]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMessenger]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetLogon]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetLogon]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetDDE]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetDDEdsdm]
>>tempServices.reg
echo “Start”=dword:00000004 >>tempServices.reg
regedit /s tempServices.reg

ECHO.
goto next4
:next4
ECHO.

ECHO.

CHOICE /T 30 /C yn /D y

if errorlevel 2 goto next4

if errorlevel 1 goto next31

:next31

echo Windows Registry Editor Version 5.00 >tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanworkstation]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAlerter]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesBrowser]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDfs]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesScheduler]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLmHosts]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTlntSvr]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteAccess]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNtmsSvc]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteRegistry]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTrkWks]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesERSvc]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMessenger]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetLogon]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetLogon]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetDDE]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetDDEdsdm]
>>tempServices.reg

echo “Start”=dword:00000004 >>tempServices.reg

regedit /s tempServices.reg

ECHO.

goto next4

:next4

ECHO.

ECHO.

ECHo 防止人侵和攻击. 尽管要退出请按Ctrl+C
ECHO YES=next set NO=this set ignore (this time 30 Second default for
y)

ECHO.

ECHo 防止人侵和攻击. 假若要退出请按Ctrl+C

ECHO YES=next set NO=this set ignore (this time 30 Second default for y)

ECHO.

CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next5
if errorlevel 1 goto next41

:next41
echo Windows Registry Editor Version 5.00 >tempskyddos.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters]
>>tempskyddos.reg
echo “EnableDeadGWDetect”=dword:00000000 >>tempskyddos.reg
echo “EnableICMPRedirects”=dword:00000000 >>tempskyddos.reg
echo “PerformRouterDiscovery”=dword:00000000 >>tempskyddos.reg
echo “NoNameReleaseOnDemand”=dword:00000001 >>tempskyddos.reg
echo “KeepAliveTime”=dword:000493e0 >>tempskyddos.reg
echo “EnablePMTUDiscovery”=dword:00000000 >>tempskyddos.reg
echo “SynAttackProtect”=dword:00000002 >>tempskyddos.reg
echo “TcpMaxHalfOpen”=dword:00000064 >>tempskyddos.reg
echo “TcpMaxHalfOpenRetried”=dword:00000050 >>tempskyddos.reg
echo “TcpMaxConnectResponseRetransmissions”=dword:00000001
>>tempskyddos.reg
echo “TcpMaxDataRetransmissions”=dword:00000003
>>tempskyddos.reg
echo “TCPMaxPortsExhausted”=dword:00000005 >>tempskyddos.reg
echo “DisableIPSourceRouting”=dword:0000002 >>tempskyddos.reg
echo “TcpTimedWaitDelay”=dword:0000001e >>tempskyddos.reg
echo “EnableSecurityFilters”=dword:00000001 >>tempskyddos.reg
echo “TcpNumConnections”=dword:000007d0 >>tempskyddos.reg
echo “TcpMaxSendFree”=dword:000007d0 >>tempskyddos.reg
echo “IGMPLevel”=dword:00000000 >>tempskyddos.reg
echo “DefaultTTL”=dword:00000016 >>tempskyddos.reg
echo 删除IPC$(Internet Process ConnectionState of Qatar是分享“命名管道”的财富
echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
>>tempskyddos.reg
echo “restrictanonymous”=dword:00000001 >>tempskyddos.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfacesinterfaces]
>>tempskyddos.reg
echo “PerformRouterDiscovery”=dword:00000000 >>tempskyddos.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetBTParameters]
>>tempskyddos.reg
echo “BacklogIncrement”=dword:00000003 >>tempskyddos.reg
echo “MaxConnBackLog”=dword:000003e8 >>tempskyddos.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAfdParameters]
>>tempskyddos.reg
echo “EnableDynamicBacklog”=dword:00000001 >>tempskyddos.reg
echo “MinimumDynamicBacklog”=dword:00000014 >>tempskyddos.reg
echo “MaximumDynamicBacklog”=dword:00002e20 >>tempskyddos.reg
echo “DynamicBacklogGrowthDelta”=dword:0000000a
>>tempskyddos.reg
echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverparameters]
>>tempskyddos.reg
echo “autoshareserver”=dword:00000000 >>tempskyddos.reg
regedit /s tempskyddos.reg
ECHO.
ECHO.
goto next5
:next5
ECHO.

ECHO.

CHOICE /T 30 /C yn /D y

if errorlevel 2 goto next5

if errorlevel 1 goto next41

:next41

echo Windows Registry Editor Version 5.00
>tempskyddos.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters]
>>tempskyddos.reg

echo “EnableDeadGWDetect”=dword:00000000
>>tempskyddos.reg

echo “EnableICMPRedirects”=dword:00000000
>>tempskyddos.reg

echo “PerformRouterDiscovery”=dword:00000000
>>tempskyddos.reg

echo “NoNameReleaseOnDemand”=dword:00000001
>>tempskyddos.reg

echo “KeepAliveTime”=dword:000493e0
>>tempskyddos.reg

echo “EnablePMTUDiscovery”=dword:00000000
>>tempskyddos.reg

echo “SynAttackProtect”=dword:00000002
>>tempskyddos.reg

echo “TcpMaxHalfOpen”=dword:00000064
>>tempskyddos.reg

echo “TcpMaxHalfOpenRetried”=dword:00000050
>>tempskyddos.reg

echo “TcpMaxConnectResponseRetransmissions”=dword:00000001
>>tempskyddos.reg

echo “TcpMaxDataRetransmissions”=dword:00000003
>>tempskyddos.reg

echo “TCPMaxPortsExhausted”=dword:00000005
>>tempskyddos.reg

echo “DisableIPSourceRouting”=dword:0000002
>>tempskyddos.reg

echo “TcpTimedWaitDelay”=dword:0000001e
>>tempskyddos.reg

echo “EnableSecurityFilters”=dword:00000001
>>tempskyddos.reg

echo “TcpNumConnections”=dword:000007d0
>>tempskyddos.reg

echo “TcpMaxSendFree”=dword:000007d0
>>tempskyddos.reg

echo “IGMPLevel”=dword:00000000
>>tempskyddos.reg

echo “DefaultTTL”=dword:00000016
>>tempskyddos.reg

echo 删除IPC$(Internet Process Connection卡塔尔国是分享“命名管道”的财富

echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
>>tempskyddos.reg

echo “restrictanonymous”=dword:00000001
>>tempskyddos.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfacesinterfaces]
>>tempskyddos.reg

echo “PerformRouterDiscovery”=dword:00000000
>>tempskyddos.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetBTParameters]
>>tempskyddos.reg

echo “BacklogIncrement”=dword:00000003
>>tempskyddos.reg

echo “MaxConnBackLog”=dword:000003e8
>>tempskyddos.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAfdParameters]
>>tempskyddos.reg

echo “EnableDynamicBacklog”=dword:00000001
>>tempskyddos.reg

echo “MinimumDynamicBacklog”=dword:00000014
>>tempskyddos.reg

echo “MaximumDynamicBacklog”=dword:00002e20
>>tempskyddos.reg

echo “DynamicBacklogGrowthDelta”=dword:0000000a
>>tempskyddos.reg

echo
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverparameters]
>>tempskyddos.reg

echo “autoshareserver”=dword:00000000
>>tempskyddos.reg

regedit /s tempskyddos.reg

ECHO.

ECHO.

goto next5

:next5

ECHO.

ECHO.

ECHo 防止ASP木马运营 卸除WScript.Shell, Shell.application,
WScript.Network
ECHO YES=next set NO=this set ignore (this time 30 Second default for
y)

ECHO.

ECHo 防止ASP木马运行 卸除WScript.Shell,
Shell.application, WScript.Network

ECHO YES=next set NO=this set ignore (this time 30 Second default for y)

ECHO.

CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next6
if errorlevel 1 goto next51
:next51
echo Windows Registry Editor Version 5.00 >tempdel.reg
echo [-HKEY_CLASSES_ROOTShell.Application] >>tempdel.reg
echo [-HKEY_CLASSES_ROOTShell.Application.1]
>>tempdel.reg
echo
[-HKEY_CLASSES_ROOTCLSID{13709620-C279-11CE-A49E-444553540000}]
>>tempdel.reg
echo [-HKEY_CLASSES_ROOTADODB.CommandCLSID]
>>tempdel.reg
echo
[-HKEY_CLASSES_ROOTCLSID{00000566-0000-0010-8000-00AA006D2EA4}]
>>tempdel.reg
regedit /s tempdel.reg
regsvr32 /u %SystemRoot%system32wshom.ocx
del /f/q %SystemRoot%System32wshom.ocx
regsvr32 /u %SystemRoot%system32shell32.dll
del /f/q %SystemRoot%System32shell32.dll
rmdir /q/s temp

ECHO.
goto next6
:next6
ECHO.
ECHO.

ECHO.

CHOICE /T 30 /C yn /D y

if errorlevel 2 goto next6

if errorlevel 1 goto next51

:next51

echo Windows Registry Editor Version 5.00 >tempdel.reg

echo [-HKEY_CLASSES_ROOTShell.Application] >>tempdel.reg

echo [-HKEY_CLASSES_ROOTShell.Application.1] >>tempdel.reg

echo
[-HKEY_CLASSES_ROOTCLSID{13709620-C279-11CE-A49E-444553540000}]
>>tempdel.reg

echo [-HKEY_CLASSES_ROOTADODB.CommandCLSID]
>>tempdel.reg

echo
[-HKEY_CLASSES_ROOTCLSID{00000566-0000-0010-8000-00AA006D2EA4}]
>>tempdel.reg

regedit /s tempdel.reg

regsvr32 /u %SystemRoot%system32wshom.ocx

del /f/q %SystemRoot%System32wshom.ocx

regsvr32 /u %SystemRoot%system32shell32.dll

del /f/q %SystemRoot%System32shell32.dll

rmdir /q/s temp

ECHO.

goto next6

:next6

ECHO.

ECHO.

ECHO.

ECHo 设置已经完毕重启后技术生效.
ECHO YES=reboot server NO=exit (this time 60 Second default for y)

ECHO.

ECHo 设置已经到位重启后才干生效.

ECHO YES=reboot server NO=exit (this time 60 Second default for y)

ECHO.

CHOICE /T 30 /C yn /D y
if errorlevel 2 goto end
if errorlevel 1 goto reboot
:reboot
shutdown /r /t 0
:end
if EXIST temp (rmdir /s/q temp|exit) else exit

ECHO.

CHOICE /T 30 /C yn /D y

if errorlevel 2 goto end

if errorlevel 1 goto reboot

:reboot

shutdown /r /t 0

:end

if EXIST temp (rmdir /s/q temp|exit) else exit

 

摘自骇客风波

发表评论

电子邮件地址不会被公开。 必填项已用*标注

网站地图xml地图