Windows 2003 服务器安全设置-批处理 (附参考链接)

zoukankan html css js c++ java

Windows 2003 服务器安全设置-批处理 (附参考链接)

长期维护windows服务器终结出来的安全设置批处理与大家分享，复制以下全部内容用记事本另存为bat或者cmd执行

===================分隔符号======================

echo. echo ------------------------------------------------------ echo. echo ........... echo. net share c$ /delete net share d$ /delete net share e$ /delete net share f$ /delete net share admin$ /delete net share ipc$ /delete net stop server net stop lanmanworkstation regsvr32/u C:WINDOWSSystem32wshom.ocx regsvr32/u C:WINDOWSsystem32shell32.dll regsvr32/u C:WINdowsSYSTEM32scrrun.DLL cacls c:WINDOWSsystem32shell32.dll /g administrators:f system:f cacls c:WINDOWSsystem32shell.dll /g administrators:f system:f cacls c: /g administrators:f system:f cacls d: /g administrators:f system:f cacls e: /g administrators:f system:f cacls f: /g administrators:f system:f echo. echo .......... echo. echo ------------------------------------------------------ echo. echo ................. echo. echo .. delshare.reg ....... echo Windows Registry Editor Version 5.00> c:delshare.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserverparameters]>> c:delshare.reg echo "AutoShareWks"=dword:00000000>> c:delshare.reg echo "AutoShareServer"=dword:00000000>> c:delshare.reg echo .. delshare.reg ..... regedit /s c:delshare.reg echo .. delshare.reg .... del c:delshare.reg echo . echo ........ echo . echo ========================================================= echo . echo .....................dos.... echo . echo ......... echo Windows Registry Editor Version 5.00> c:dosforwin.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters]>> c:dosforwin.reg echo "EnableICMPRedirect"=dword:00000000>> c:dosforwin.reg echo "DeadGWDetectDefault"=dword:00000001>> c:dosforwin.reg echo "DontAddDefaultGatewayDefault"=dword:00000000>> c:dosforwin.reg echo "EnableSecurityFilters"=dword:00000000">> c:dosforwin.reg echo "AllowUnqualifiedQuery"=dword:00000000>> c:dosforwin.reg echo "PrioritizeRecordData"=dword:00000001>> c:dosforwin.reg echo "ReservedPorts"=hex(7):31,00,34,00,33,00,33,00,2d,00,31,00,34,00,33,00,34,00,>> c:dosforwin.reg echo 00,00,00,00>> c:dosforwin.reg echo "SynAttackProtect"=dword:00000002>> c:dosforwin.reg echo "EnablePMTUDiscovery"=dword:00000000>> c:dosforwin.reg echo "NoNameReleaseOnDemand"=dword:00000001>> c:dosforwin.reg echo "EnableDeadGWDetect"=dword:00000000>> c:dosforwin.reg echo "KeepAliveTime"=dword:00300000>> c:dosforwin.reg echo "PerformRouterDiscovery"=dword:00000000>> c:dosforwin.reg echo "EnableICMPRedirects"=dword:00000000>> c:dosforwin.reg echo . echo ========================================================== echo .. dosforwin.reg ..... regedit /s c:dosforwin.reg echo .. dosforwin.reg .... del c:dosforwin.reg echo ============================================================== echo . echo ..........(......................). echo . echo ..telnet,......telnet. echo .......... echo Windows Registry Editor Version 5.00> c: elnet.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTlntSvr]>> c: elnet.reg echo "Start"=dword:00000004>> c: elnet.reg echo . echo .. telnet.reg ..... regedit /s c: elnet.reg echo . echo .. telnet.reg .... del c: elnet.reg echo . echo =============================================================== echo ..Remote Registry Service........... echo ......... echo . echo Windows Registry Editor Version 5.00> c: egedit.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteRegistry]>> c: egedit.reg echo "Start"=dword:00000004>> c: egedit.reg echo . echo .. regedit.reg ..... regedit /s c: egedit.reg echo . echo ...... del c: egedit.reg echo =============================================================== echo ..Messenger....... echo ......... echo Windows Registry Editor Version 5.00> c:message.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMessenger]>> c:message.reg echo "Start"=dword:00000004>> c:message.reg echo . echo .. message.reg ..... regedit /s c:message.reg echo . echo .. message.reg del c:message.reg echo =============================================================== echo ..lanmanworkstation....... echo ......... echo Windows Registry Editor Version 5.00> c:lanmanworkstation.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanworkstation]>> c:lanmanworkstation.reg echo "Start"=dword:00000004>> c:lanmanworkstation.reg echo . echo .. lanmanworkstation.reg ..... regedit /s c:lanmanworkstation.reg echo . echo .. lanmanworkstation.reg del c:lanmanworkstation.reg echo =============================================================== echo ..lanmanserver....... echo ......... echo Windows Registry Editor Version 5.00> c:lanmanserver.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserver]>> c:lanmanserver.reg echo "Start"=dword:00000004>> c:lanmanserver.reg echo . echo .. lanmanserver.reg ..... regedit /s c:lanmanserver.reg echo . echo .. lanmanserver.reg del c:lanmanserver.reg echo =============================================================== echo ..lanmanserver....... echo ......... echo Windows Registry Editor Version 5.00> c:lanmanserver.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserver]>> c:lanmanserver.reg echo "Start"=dword:00000004>> c:lanmanserver.reg echo . echo .. lanmanserver.reg ..... regedit /s c:lanmanserver.reg echo . echo .. lanmanserver.reg del c:lanmanserver.reg echo =============================================================== echo ..Alerter....... echo ......... echo Windows Registry Editor Version 5.00> c:Alerter.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAlerter]>> c:Alerter.reg echo "Start"=dword:00000004>> c:Alerter.reg echo . echo .. Alerter.reg ..... regedit /s c:Alerter.reg echo . echo .. Alerter.reg del c:Alerter.reg echo =============================================================== echo ..Browser....... echo ......... echo Windows Registry Editor Version 5.00> c:Browser.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesBrowser]>> c:Browser.reg echo "Start"=dword:00000004>> c:Browser.reg echo . echo .. Browser.reg ..... regedit /s c:Browser.reg echo . echo .. Browser.reg del c:Browser.reg echo =============================================================== echo ..Dfs....... echo ......... echo Windows Registry Editor Version 5.00> c:Dfs.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDfs]>> c:Dfs.reg echo "Start"=dword:00000004>> c:Dfs.reg echo . echo .. Dfs.reg ..... regedit /s c:Dfs.reg echo . echo .. Dfs.reg del c:Dfs.reg echo =============================================================== echo ..Spooler....... echo ......... echo Windows Registry Editor Version 5.00> c:Spooler.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSpooler]>> c:Spooler.reg echo "Start"=dword:00000004>> c:Spooler.reg echo . echo .. Spooler.reg ..... regedit /s c:Spooler.reg echo . echo .. Spooler.reg del c:Spooler.reg echo ============================================================== echo ...TCP/IP NetBIOS Helper Service echo ......... echo Windows Registry Editor Version 5.00> c: etbios.reg echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLmHosts]>> c: etbios.reg echo "Start"=dword:00000004>> c: etbios.reg echo . echo .. netbios.reg ..... regedit /s c: etbios.reg echo . echo .. netbios.reg del c: etbios.reg echo =============================================================== echo =============================================================== goto :END

===================分隔符号======================

参考链接
http://support.microsoft.com/kb/324270
http://blog.csdn.net/buleideli/article/details/3268413
http://msdn.microsoft.com/zh-cn/library/ff648853.aspx
http://blog.csdn.net/luojunjing/article/details/286333
http://tech.163.com/06/0624/17/2KD9S74U00091VCV.html
http://social.technet.microsoft.com/Forums/en-US/ce23c17a-d7a8-418e-969c-b7790b9dde64/windows2003tcpipdos
http://blog.csdn.net/tuwen/article/details/2191742
http://hi.baidu.com/sei_zhouyu/item/210d8cde48019911d68ed045

查看全文

相关阅读:
2017.8.07
2017.8.05
2017.8.04
2017.8.03
2017.8.02
2017.8.01
2017.7.31
2017.7.29
2017.7.28
简易日历

原文地址：https://www.cnblogs.com/airoot/p/4131931.html