首页 > 网站 > 建站经验 > 正文

Win2003环境下的一键系统安全批处理

2019-11-02 14:11:37
字体:
来源:转载
供稿:网友
复制代码 代码如下:
@echo off
echo ----------------------------------
echo ----正在备份注册表 请稍后....----
echo ----------------------------------
  reg export "HKEY_LOCAL_MACHINE" C:/reg_backup.reg
echo ----------------------
echo ----注册表备份完成----
echo ----------------------
  ping 127.0.0.1 -n 3 >nul
echo -----------------------------------
echo ----安全配置正在改写 请稍候...----
echo -----------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ----------------------
echo ----正在禁用空连接----
echo ----------------------
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Lsa /v restrictanonymous /t reg_dword /d 1 /f
echo --------------------------
echo ----禁用空连接设置完毕----
echo --------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------
echo ----正在删除默认共享----
echo ------------------------
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/lanmanserver/parameters /v AutoShareServer /t reg_dword /d 0 /f
echo ----------------------------
echo ----删除默认共享设置完毕----
echo ----------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ----正在修改TTL值请稍后...----
echo ------------------------------
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v DefaultTTL /t reg_dword /d 53 /f
echo -------------------
echo ----TTL修改完毕----
echo -------------------
  @ping 127.0.0.1 -n 3 >nul
echo -----------------------
echo ----防止syn洪水攻击----
echo -----------------------
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v SynAttackProtect /t reg_dword /d 2 /f
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v EnablePMTUDiscovery /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v NoNameReleaseOnDemand /t reg_dword /d 1 /f
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v EnableDeadGWDetect /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v KeepAliveTime /t reg_dword /d 300000 /f
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v PerformRouterDiscovery /t reg_dword /d 0 /f
  reg add HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters /v EnableICMPRedirects /t reg_dword /d 0 /f
echo -------------------------------
echo ----防止syn洪水攻击设置完毕----
echo -------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo ------------------------------
echo ------------------------------
echo ---- 系统服务修改 ----
echo ------------------------------
echo ------------------------------
  @ping 127.0.0.1 -n 3 >nul
echo --------------------
发表评论 共有条评论
用户名: 密码:
验证码: 匿名发表