Win2003环境下的一键系统安全批处理

只要将下面的代码保存为1.bat运行一下即可自动设置win2003的安全,完成后自动重启,需要的朋友可以参考下。

@echo off
echo ----------------------------------
echo ----正在备份注册表 请稍后....----
echo ----------------------------------
  reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg
echo ----------------------
echo ----注册表备份完成----
echo ----------------------
  ping 127.0.0.1 -n 3 >nul
echo -----------------------------------
echo ----安全配置正在改写 请稍候...----
echo -----------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------
echo ----正在禁用空连接----
echo ----------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f
echo --------------------------
echo ----禁用空连接设置完毕----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------
echo ----正在删除默认共享----
echo ------------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f
echo ----------------------------
echo ----删除默认共享设置完毕----
echo ----------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在修改TTL值请稍后...----
echo ------------------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f
echo -------------------
echo ----TTL修改完毕----
echo -------------------
  @ping 127.0.0.1 -n 3 >nul
echo -----------------------
echo ----防止syn洪水攻击----
echo -----------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f
echo -------------------------------
echo ----防止syn洪水攻击设置完毕----
echo -------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ------------------------------
echo ---- 系统服务修改 ----
echo ------------------------------
echo ------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----修改3389端口----
echo --------------------
  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f
  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f
echo --------------------
echo ----修改PORT完毕----
echo --------------------
  @ping 127.0.0.1 -n 3 >nul
echo -------------------------------------
echo ----正在开启系统防火墙 请稍后....----
echo -------------------------------------
  sc config sharedaccess start= auto & net start sharedaccess
echo ------------------------
echo ----系统防火墙已开启----
echo ------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭共享打印服务----
echo ----------------------------
  @sc config Spooler start= disabled
  sc config LanmanServer start= disabled
  sc config LmHosts start= disabled
echo --------------------------
echo ----已关闭共享打印服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭远程协助服务----
echo ----------------------------
  @sc config RDSessMgr start= disabled
echo --------------------------
echo ----已关闭远程协助服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在关闭远程注册表服务----
echo ------------------------------
  @sc config RemoteRegistry start= disabled
echo ----------------------------
echo ----已关闭远程注册表服务----
echo ----------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----关闭自动硬件播放通知----
echo ----------------------------
  sc config ShellHWDetection start= disabled
echo -----------------------
echo ----自动播放通知关闭---
echo -----------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------------------
echo ----正在关闭替换凭据下的启动进程服务----
echo ----------------------------------------
  sc config seclogon start= disabled
echo --------------------------
echo ----已关闭启动进程服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------------
echo ----IEEE 802.11 适配器的自动配置----
echo ------------------------------------
  sc config WZCSVC start= disabled
echo ------------------
echo ----已关闭IEEE----
echo ------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------------
echo ----客户端跟踪服务关闭----
echo --------------------------
  sc config TrkSvr start= disabled
  sc config MSDTC start= disabled
echo ----------------------------
echo ----已关闭客户端跟踪服务----
echo ----------------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----帮助中心关闭----
echo --------------------
  sc config helpsvc start= disabled
echo --------------------------
echo ----已关闭帮助中心服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------------------
echo --------------------------------
echo ---- 系统权限加固 ----
echo --------------------------------
echo --------------------------------
echo -------------------------------------------------------
echo ----C盘(系统盘) (administrators,system完全控制权限)----
echo -------------------------------------------------------
  cacls C:\ /t /c /g administrators:F system:F
echo -------------------------------------------
echo ----Common Files (everyone用户只读权限)----
echo -------------------------------------------
  Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R
echo -------------------------------------------------------------
echo ----IIS Temporary Compressed Files (everyone用户更改权限)----
echo -------------------------------------------------------------
  Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C
echo --------------------------------------------
echo ----Microsoft.Net (everyone用户只读权限)----
echo --------------------------------------------
  Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo -------------------------------------------
echo ----Registration (everyone用户读取权限)----
echo -------------------------------------------
  Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R
echo -----------------------------------
echo ----Temp (everyone用户更改权限)----
echo -----------------------------------
  Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C
echo -------------------

 @echo off
echo ----------------------------------
echo ----正在备份注册表 请稍后....----
echo ----------------------------------
  reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg
echo ----------------------
echo ----注册表备份完成----
echo ----------------------
  ping 127.0.0.1 -n 3 >nul
echo -----------------------------------
echo ----安全配置正在改写 请稍候...----
echo -----------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------
echo ----正在禁用空连接----
echo ----------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v restrictanonymous /t reg_dword /d 1 /f
echo --------------------------
echo ----禁用空连接设置完毕----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------
echo ----正在删除默认共享----
echo ------------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t reg_dword /d 0 /f
echo ----------------------------
echo ----删除默认共享设置完毕----
echo ----------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在修改TTL值请稍后...----
echo ------------------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v DefaultTTL /t reg_dword /d 53 /f
echo -------------------
echo ----TTL修改完毕----
echo -------------------
  @ping 127.0.0.1 -n 3 >nul
echo -----------------------
echo ----防止syn洪水攻击----
echo -----------------------
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v SynAttackProtect /t reg_dword /d 2 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v KeepAliveTime /t reg_dword /d 300000 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f
echo -------------------------------
echo ----防止syn洪水攻击设置完毕----
echo -------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ------------------------------
echo ---- 系统服务修改 ----
echo ------------------------------
echo ------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----修改3389端口----
echo --------------------
  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds dpwd\Tds\tcp" /v PortNumber /t reg_dword /d 44454 /f
  reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro1Set\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t reg_dword /d 44454 /f
echo --------------------
echo ----修改PORT完毕----
echo --------------------
  @ping 127.0.0.1 -n 3 >nul
echo -------------------------------------
echo ----正在开启系统防火墙 请稍后....----
echo -------------------------------------
  sc config sharedaccess start= auto & net start sharedaccess
echo ------------------------
echo ----系统防火墙已开启----
echo ------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭共享打印服务----
echo ----------------------------
  @sc config Spooler start= disabled
  sc config LanmanServer start= disabled
  sc config LmHosts start= disabled
echo --------------------------
echo ----已关闭共享打印服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----正在关闭远程协助服务----
echo ----------------------------
  @sc config RDSessMgr start= disabled
echo --------------------------
echo ----已关闭远程协助服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在关闭远程注册表服务----
echo ------------------------------
  @sc config RemoteRegistry start= disabled
echo ----------------------------
echo ----已关闭远程注册表服务----
echo ----------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------
echo ----关闭自动硬件播放通知----
echo ----------------------------
  sc config ShellHWDetection start= disabled
echo -----------------------
echo ----自动播放通知关闭---
echo -----------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------------------------
echo ----正在关闭替换凭据下的启动进程服务----
echo ----------------------------------------
  sc config seclogon start= disabled
echo --------------------------
echo ----已关闭启动进程服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------------
echo ----IEEE 802.11 适配器的自动配置----
echo ------------------------------------
  sc config WZCSVC start= disabled
echo ------------------
echo ----已关闭IEEE----
echo ------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------------
echo ----客户端跟踪服务关闭----
echo --------------------------
  sc config TrkSvr start= disabled
  sc config MSDTC start= disabled
echo ----------------------------
echo ----已关闭客户端跟踪服务----
echo ----------------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------
echo ----帮助中心关闭----
echo --------------------
  sc config helpsvc start= disabled
echo --------------------------
echo ----已关闭帮助中心服务----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------------------
echo --------------------------------
echo ---- 系统权限加固 ----
echo --------------------------------
echo --------------------------------
echo -------------------------------------------------------
echo ----C盘(系统盘) (administrators,system完全控制权限)----
echo -------------------------------------------------------
  cacls C:\ /t /c /g administrators:F system:F
echo -------------------------------------------
echo ----Common Files (everyone用户只读权限)----
echo -------------------------------------------
  Cacls "C:\Program Files\Common Files" /t /e /c /g everyone:R
echo -------------------------------------------------------------
echo ----IIS Temporary Compressed Files (everyone用户更改权限)----
echo -------------------------------------------------------------
  Cacls "C:\WINDOWS\IIS Temporary Compressed Files" /t /e /c /g everyone:C
echo --------------------------------------------
echo ----Microsoft.Net (everyone用户只读权限)----
echo --------------------------------------------
  Cacls C:\WINDOWS\Microsoft.Net /t /e /c /g everyone:R
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo ------------------------------------------------------
echo ----Temporary ASP.NET Files (everyone用户更改权限)----
echo ------------------------------------------------------
  Cacls "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files" /t /e /c /g everyone:C
echo -------------------------------------------
echo ----Registration (everyone用户读取权限)----
echo -------------------------------------------
  Cacls C:\WINDOWS\Registration /t /e /c /g everyone:R
echo -----------------------------------
echo ----Temp (everyone用户更改权限)----
echo -----------------------------------
  Cacls C:\WINDOWS\Temp /t /e /c /g everyone:C
echo -------------------
echo ----assembly (everyone用户读取权限)----
echo ---------------------------------------
  Cacls C:\WINDOWS\assembly /t /e /c /g everyone:R
echo -------------------------------------
echo ----WinSxS (everyone用户读取权限)----
echo -------------------------------------
  Cacls C:\WINDOWS\WinSxS /t /e /c /g everyone:R
echo ------------------------------------
echo ----Fonts (everyone用户读取权限)----
echo ------------------------------------
  Cacls C:\WINDOWS\Fonts /t /e /c /g everyone:R
echo ---------------------------------------
echo ----System32 (everyone用户读取权限)----
echo ---------------------------------------
  Cacls C:\WINDOWS\System32 /t /e /c /g everyone:R
echo ------------------------------------------
echo ----msdtc (networkservice用户更改权限)----
echo ------------------------------------------
  Cacls C:\windows\system32\msdtc /t /e /c /g networkservice:C
echo -----------------------------------------------------
echo ----ASP Compiled Templates (everyone用户更改权限)----
echo -----------------------------------------------------
  Cacls "C:\WINDOWS\system32\inetsrv\ASP Compiled Templates" /t /e /c /g everyone:C
echo ------------------------------------
echo ----*.exe (去除everyone用户权限)----
echo ------------------------------------
  Cacls C:\WINDOWS\System32\*.exe /e /c /r everyone
echo ------------------------------------
echo ----cmd.exe (去除system用户权限)----
echo ------------------------------------
  Cacls C:\WINDOWS\System32\cmd.exe /e /c /r system
echo ------------------------------------
echo ----net.exe (去除system用户权限)----
echo ------------------------------------
  Cacls C:\WINDOWS\System32 et.exe /e /c /r system
echo -------------------------------------
echo ----net1.exe (去除system用户权限)----
echo -------------------------------------
  Cacls C:\WINDOWS\System32 et1.exe /e /c /r system
echo ----------------------------------------
echo ----msdtc.exe (everyone用户读取权限)----
echo ----------------------------------------
  Cacls C:\WINDOWS\System32\msdtc.exe /e /c /g everyone:R
echo ------------------------------------------
echo ----dllhost.exe (everyone用户读取权限)----
echo ------------------------------------------
  Cacls C:\WINDOWS\System32\dllhost.exe /e /c /g everyone:R
echo ------------------------------------------
echo ----svchost.exe (everyone用户读取权限)----
echo ------------------------------------------
  Cacls C:\WINDOWS\System32\svchost.exe /e /c /g everyone:R
echo --------------------
echo --------------------
echo ----系统加固完毕----
echo --------------------
echo --------------------
  @ping 127.0.0.1 -n 3 >nul
echo -----------------------------
echo ----安全设置完毕 欢迎使用----
echo -----------------------------
echo ------------------
echo ----重启服务器----
echo ------------------
  @ping 127.0.0.1
  shutdown -r
  @pause

将上面的代码保存为1.cmd或1.bat,双击运行下即可。
本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

对于win2003服务器的安全配置方法,脚本之家之前发布了很多类似的文章,但并不完整,所以我们以后会整理下放到论坛里面,大家一起来交流。
Apache是目前最流行的Web服务器端软件之一,它可以运行在几乎所有被广泛使用的计算机平台上。
给mssql降权了,但出现有个问题以前都是利用sql自带的作业来备份数据库,现在不行了.
服务器磁盘权限安全设置批处理,比较方便配置服务器安全的朋友,默认情况下磁盘没有做任何权限设置,设置后就安全了很多
其实DHCP一般都有地址保留地址功能,可以让客户端分配到一个固定的IP地址,在网络使用DHCP的情况下,这能给内网管理带来了极大的方便
执行计划+批处理。设置执行计划,每30分钟执行一个批处理任务。批处理的作用:读取进程列表,查看Serv-U进程是否存在;如果进程不存在,启动该服务并输出日志