Win 2003 防***提升权限设置IIS服务器安全配置整理
\Winlogon\Dont-DisplayLastUserName”,把REG_SZ的键值改成1。
tftp.exe、telnet.exe 、netstat.exe、regedit.exe、at.exe、attrib.exe、format.com、
del文件只给 Administrators 组和SYSTEM 的完全 控制权限
��核策略更改 成功 失败
\Interfaces\interface
Tcpip\ Parameters:DefaultTTL REG_DWORD 0-0xff(0-255 十进制,默认值128)改成一个莫名其妙的数字如258,起码让那些小菜鸟晕上半天,就此放弃***你也不一定哦
\LanmanServer\Parameters:AutoShareServer类型是REG_DWORD把值改为0即可
�资源 建议关闭
@echo off
ECHO.
ECHO.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHo.
ECHo 你现在使用世界网络教研室整理的"一建做安全"脚本
ECHo.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHO.
ECHO.
ECHO. ————————————————————————-
ECHo 请按提示操作备份好注册表,否则修改后无法还原,本人不负责.
ECHO.
ECHO YES=next set NO=exit (this time 30 Second default for n)
ECHO. ————————————————————————-
CHOICE /T 30 /C yn /D n
if errorlevel 2 goto end
if errorlevel 1 goto next
:next
if EXIST backup (echo.)else md backup
if EXIST temp (rmdir /s/q temp|md temp) else md temp
if EXIST backup\backupkey.reg (move backup\backupkey.reg backup\backupkey_old.reg ) else goto run
:run
regedit /e temp\backup-reg1.key1 "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\"
regedit /e temp\backup-reg2.key2 "HKEY_CLASSES_ROOT\"
copy /b /y /v temp\backup-reg1.key1+temp\backup-reg2.key2 backup\backupkey.reg
if exist backup\wshom.ocx (echo 备份已存在) else copy /v/y %SystemRoot%\System32\wshom.ocx backup\wshom.ocx
if exist backup\shell32.dll (echo 备份已存在) else copy /v/y %SystemRoot%\system32\shell32.dll backup\shell32.dll
ECHO 备份已经完成
ECHO.
goto next2
:next2
ECHO.
p>
ECHO. ——————————————————————-
ECHo 修改权限system32目录中不安全的几个exe文件,改为只有Administrators才有权限运行
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. ——————————————————————-
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next3
if errorlevel 1 goto next21
:next21
xcacls.exe %SystemRoot%\system32\net.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\net1.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\cmd.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\tftp.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\netstat.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\regedit.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\at.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\attrib.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\cacls.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\fortmat.com /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\secedit.exe /t /g Administrators:F /y /C
echo "虚拟主机C盘权限设定"
echo "删除C盘的everyone的权限"
cd/
cacls "%SystemDrive%" /r "everyone" /e
cacls "%SystemRoot%" /r "everyone" /e
cacls "%SystemRoot%/Registration" /r "everyone" /e
cacls "%SystemDrive%/Documents and Settings" /r "everyone" /e
echo "删除C盘的所有的users的访问权限"
cacls "%SystemDrive%" /r "users" /e
cacls "%SystemDrive%/Program Files" /r "users" /e
cacls "%SystemDrive%/Documents and Settings" /r "users" /e
cacls "%SystemRoot%" /r "users" /e
cacls "%SystemRoot%/addins" /r "users" /e
cacls "%SystemRoot%/AppPatch" /r "users" /e
cacls "%SystemRoot%/Connection Wizard" /r "users" /e
cacls "%SystemRoot%/Debug" /r "users" /e
cacls "%SystemRoot%/Driver Cache" /r "users" /e
cacls "%SystemRoot%/Help" /r "users" /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /r "users" /e
cacls "%SystemRoot%/java" /r "users" /e
cacls "%SystemRoot%/msagent" /r "users" /e
cacls "%SystemRoot%/mui" /r "users" /e
cacls "%SystemRoot%/repair" /r "users" /e
cacls "%SystemRoot%/Resources" /r "users" /e
cacls "%SystemRoot%/security" /r "users" /e
cacls "%SystemRoot%/system" /r "users" /e
cacls "%SystemRoot%/TAPI" /r "users" /e
cacls "%SystemRoot%/Temp" /r "users" /e
cacls "%SystemRoot%/twain_32" /r "users" /e
cacls "%SystemRoot%/Web" /r "users" /e
cacls "%SystemRoot%/system32/3com_dmi" /r "users" /e
cacls "%
SystemRoot%/system32/administration" /r "users" /e
cacls "%SystemRoot%/system32/Cache" /r "users" /e
cacls "%SystemRoot%/system32/CatRoot2" /r "users" /e
cacls "%SystemRoot%/system32/Com" /r "users" /e
cacls "%SystemRoot%/system32/config" /r "users" /e
cacls "%SystemRoot%/system32/dhcp" /r "users" /e
cacls "%SystemRoot%/system32/drivers" /r "users" /e
cacls "%SystemRoot%/system32/export" /r "users" /e
cacls "%SystemRoot%/system32/icsxml" /r "users" /e
cacls "%SystemRoot%/system32/lls" /r "users" /e
cacls "%SystemRoot%/system32/LogFiles" /r "users" /e
cacls "%SystemRoot%/system32/MicrosoftPassport" /r "users" /e
cacls "%SystemRoot%/system32/mui" /r "users" /e
cacls "%SystemRoot%/system32/oobe" /r "users" /e
cacls "%SystemRoot%/system32/ShellExt" /r "users" /e
cacls "%SystemRoot%/system32/wbem" /r "users" /e
echo "添加iis_wpg的访问权限"
cacls "%SystemRoot%" /g iis_wpg:r /e
cacls "%SystemDrive%/Program Files/Common Files" /g iis_wpg:r /e
cacls "%SystemRoot%/Downloaded Program Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Help" /g iis_wpg:c /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Offline Web Pages" /g iis_wpg:c /e
cacls "%SystemRoot%/System32" /g iis_wpg:c /e
cacls "%SystemRoot%/WinSxS" /g iis_wpg:c /e
cacls "%SystemRoot%/WinSxS" /r "users" /e
cacls "%SystemRoot%/Tasks" /g iis_wpg:c /e
cacls "%SystemRoot%/Temp" /g iis_wpg:c /e
cacls "%SystemRoot%/Web" /g iis_wpg:c /e
echo "添加iis_wpg的访问权限[.net专用]"
cacls "%SystemRoot%/Assembly" /g iis_wpg:c /e
cacls "%SystemRoot%/Microsoft.NET" /g iis_wpg:c /e
echo "添加iis_wpg的访问权限[装了MACFEE的软件专用]"
cacls "%SystemDrive%/Program Files/Network Associates" /g iis_wpg:r /e
echo "添加users的访问权限"
cacls "%SystemRoot%/temp" /g users:c /e
goto next3
:next3
ECHO.
ECHO.
ECHO. ————————————————————————
ECHo 禁止不必要的服务,如果要退出请按Ctrl+C
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. ————————————————————————
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next4
if errorlevel 1 goto next31
:next31
echo Windows Registry Editor Version 5.00 >temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter] >>temp\Services.reg
t color="#ff00ff">echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dfs] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Scheduler] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LmHosts] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtmsSvc] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDE] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDEdsdm] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
regedit /s temp\Services.reg
ECHO.
goto next4
:next4
ECHO.
ECHO. ————————————————————————-
ECHo 防止人侵和***. 如果要退出请按Ctrl+C
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. ————————————————————————-
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next5
if errorlevel 1 goto next41
:next41
echo Windows Registry Editor Version 5.00 >temp\skyd
dos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] >>temp\skyddos.reg
echo "EnableDeadGWDetect"=dword:00000000 >>temp\skyddos.reg
echo "EnableICMPRedirects"=dword:00000000 >>temp\skyddos.reg
echo "PerformRouterDiscovery"=dword:00000000 >>temp\skyddos.reg
echo "NoNameReleaseOnDemand"=dword:00000001 >>temp\skyddos.reg
echo "KeepAliveTime"=dword:000493e0 >>temp\skyddos.reg
echo "EnablePMTUDiscovery"=dword:00000000 >>temp\skyddos.reg
echo "SynAttackProtect"=dword:00000002 >>temp\skyddos.reg
echo "TcpMaxHalfOpen"=dword:00000064 >>temp\skyddos.reg
echo "TcpMaxHalfOpenRetried"=dword:00000050 >>temp\skyddos.reg
echo "TcpMaxConnectResponseRetransmissions"=dword:00000001 >>temp\skyddos.reg
echo "TcpMaxDataRetransmissions"=dword:00000003 >>temp\skyddos.reg
echo "TCPMaxPortsExhausted"=dword:00000005 >>temp\skyddos.reg
echo "DisableIPSourceRouting"=dword:0000002 >>temp\skyddos.reg
echo "TcpTimedWaitDelay"=dword:0000001e >>temp\skyddos.reg
echo "EnableSecurityFilters"=dword:00000001 >>temp\skyddos.reg
echo "TcpNumConnections"=dword:000007d0 >>temp\skyddos.reg
echo "TcpMaxSendFree"=dword:000007d0 >>temp\skyddos.reg
echo "IGMPLevel"=dword:00000000 >>temp\skyddos.reg
echo "DefaultTTL"=dword:00000016 >>temp\skyddos.reg
echo 删除IPC$(Internet Process Connection)是共享“命名管道”的资源
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] >>temp\skyddos.reg
echo "restrictanonymous"=dword:00000001 >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\interfaces] >>temp\skyddos.reg
echo "PerformRouterDiscovery"=dword:00000000 >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >>temp\skyddos.reg
echo "BacklogIncrement"=dword:00000003 >>temp\skyddos.reg
echo "MaxConnBackLog"=dword:000003e8 >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Afd\Parameters] >>temp\skyddos.reg
echo "EnableDynamicBacklog"=dword:00000001 >>temp\skyddos.reg
echo "MinimumDynamicBacklog"=dword:00000014 >>temp\skyddos.reg
echo "MaximumDynamicBacklog"=dword:00002e20 >>temp\skyddos.reg
echo "DynamicBacklogGrowthDelta"=dword:0000000a >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] >>temp\skyddos.reg
echo "autoshareserver"=dword:00000000 >>temp\skyddos.reg
regedit /s temp\skyddos.reg
ECHO.
ECHO.
goto next5
:next5
ECHO.
ECHO. ————————————————————————
ECHo 防止ASP***运行 卸除WScript.Shell, Shell.application, WScript.Network
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. ———————————————————————–
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next6
if errorlevel 1 goto next51
:next51
echo Windows Registry Editor Version 5.00 >temp\del.reg
echo [-HKEY_CLASSES_ROOT\Shell.Application] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\Shell.Application.1] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\CLSID\{13709620-C279-11CE-A49E-444553540000}] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\ADODB.Command\CLSID] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}] >>temp\del.reg
regedit /s temp\del.reg
regsvr32 /u %SystemRoot%\system32\wshom.ocx
del /f/q %SystemRoot%\System32\wshom.ocx
regsvr32 /u %SystemRoot%\system32\shell32.dll
del /f/q %SystemRoot%\System32\shell32.dll
rmdir /q/s temp
ECHO.
goto next6
:next6
ECHO.
ECHO.
ECHO. ———————————————————————
ECHo 设置已经完成重启后才能生效.
ECHO YES=reboot server NO=exit (this time 60 Second default for y)
ECHO. ———————————————————————-
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto end
if errorlevel 1 goto reboot
:reboot
shutdown /r /t 0
:end
if EXIST temp (rmdir /s/q temp|exit) else exit
|
转载于:https://blog.51cto.com/bami8/287600
Win 2003 防***提升权限设置IIS服务器安全配置整理相关推荐
- Windows Server 2003防木马权限设置
Windows 2003作为服务器操作系统,你知道他的安全性能如何保护吗?下面请看防木马权限设置IIS服务器安全配置. 一. 系统的安装 1.按照Windows2003安装光盘的提示安装,默认情况下 ...
- Windows Server 2003 防木马、权限设置、IIS服务器安全配置整理
一.系统的安装 1.按照Windows2003安装光盘的提示安装,默认情况下2003没有把IIS6.0安装在系统里面. 2.IIS6.0的安装 开始菜单->控制面板->添加或删除程序- ...
- Win2003 防木马、权限设置、IIS服务器安全配置整理
原贴http://hi.baidu.com/zzxap/blog/item/18180000ff921516738b6564.html 2009-02-10 10:45 一.系统的安装 1.按照Win ...
- 服务器不能访问共享文件夹权限,win访问服务器共享文件夹权限设置
win访问服务器共享文件夹权限设置 内容精选 换一换 开发过程中,您有任何问题可以在github上提交issue,或者在华为云对象存储服务论坛中发帖求助.接口参考文档详细介绍了每个接口的参数和使用方法 ...
- vista系统服务器,Vista系统中怎么设置IIS服务器
Vista系统中怎么设置IIS服务器 发布时间:2021-07-22 17:45:04 来源:亿速云 阅读:56 作者:Leah 本篇文章给大家分享的是有关Vista系统中怎么设置IIS服务器,小编觉 ...
- iis服务器 关闭自动启动,设置IIS服务器定时自动重启的方法
最近,有一朋友的IIS服务器老是出现问题,运行一段时间下来就会出现访问服务器上的网站时提示数据库连接出错,然后重启IIS后网站又能正常访问了,实在找不出是什么原因导致了这个问题.不过最终我想到了一个笨 ...
- iis服务器跳转网页怎么设置,设置iis服务器打开网页的方法
设置iis服务器打开网页的方法 让自己电脑上的网页在局域网中可以访问到,就需要我们使用IIS服务器,将网页添加到服务器上的网站,那么设置好IIS服务器之后怎样在浏览器中进行访问呢?下面是小编整理的设置 ...
- 服务器安装 accessdatabaseengine_.net IIS 服务器环境配置
.net IIS 服务器环境配置mp.weixin.qq.com 一.安装.net framework AccessDatabaseEngine.exe 1.下载.net framework 4 ...
- iis服务器怎样配置多张证书,IIS配置多个ssl怎么做?怎么配置?
给服务器添加配置SSL证书是很有必要的,这个也是当下众多网站的一个选择,给网站安装配置了SSL证书之后,网站的安全性也被提升了,这样网站的地址也是值得大家去信赖的,不过不同的网站他们在配置SSL证书的 ...
最新文章
- 每天一个linux命令(20):find命令之exec
- linux篇:查看Linux版本号
- 个人自媒体博客整站模板
- 文本标注工具——doccano
- python切片长度_python的间隔切片技巧
- 前端想要了解的Nginx
- ZeroClipboard插件——复制到剪切板
- iOS中书写代码规范35条小建议
- Atitit js中的依赖注入di ioc的实现
- 电梯里的爱情华科oj
- 消费滚动滴log日志文件(flume监听,kafka消费,zookeeper协同)
- 水经微图与万能地图下载器功能比较
- matlab的double和single类型
- Drupal独到的编程思想
- html id命名规范,CSS常用类/ID命名规范
- codeforces水题100道 第九题 Codeforces Beta Round #63 (Div. 2) Young Physicist (math)
- Excel :模拟投币实验
- bert模型及其应用场景分享
- 利用matlab处理表格数据,/如何用matlab处理多个excel表格中的数据
- c++判断回文,跳过非字母的字符并忽略字母大小写
热门文章
- 动手学深度学习V2——李沐Bilibili直播视频Jupyter Notebook安装
- eclipse java tomcat_java eclipse tomcat
- C# 规则引擎 RulesEngine
- Android 高仿微信发朋友圈浏览图片效果
- 20年+资深审稿人:什么情况下建议文章大小修、拒稿或接收?
- 风控策略分析中常说的事件策略规则都是些什么样的内容
- 毕业设计 基于STM32单片机的汽车防撞与控制系统
- 赛思互动:CRM的成功应用对企业有何好处
- 投影机在笔记本电脑上切换视频的快捷键列表
- 由世纪互联运营的Microsoft Teams携创新功能正式发布,夯实“企业数字中枢”