windows 2003 自动安全设置
@echo off
echo.
echo.
echo.
echo 〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓
echo.
echo.
echo windows 2003 自动安全设置程序
echo.
echo "为走过的路做纪念,希望你能记得"
echo.
echo 注: 不要放在根目录执行
echo *请用名为administrator的账号运行
echo. *执行完成后只能用超级管理员登陆*
echo.
echo.
echo.
echo 〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓〓
pause
cls
echo.
echo.
echo.
echo 内容包括:
echo 更改GUTEST和SUPPORT_388945a0的密码
echo 注消危险组件
echo 取消显示上次登陆用户名
echo 防御TELNET登陆
echo 限制一些险的端口的访问,如135,137,138,139,445
echo 限制RADMIN应用
echo 防御密码记录工具NTPass及类似
echo 关闭一些不常用的服务
echo 优化系统和优化组策略安全
echo 设置超级管理员账号并限制只有这个账号能远程
echo 加强DDOS防御能力
echo 禁用cmd
echo 删除SQL2000危险的存储过程
echo 系统磁盘盘权限设定
echo WEB权限安全设置
echo 系统垃圾清理
echo.
echo.
echo.
cls
echo .
echo ---------------------------------------------------
echo 请先替操作系统打上所有更新补丁!特别是SP2这样的
echo 安全设置后打有可能会打不上,请注意
echo ---------------------------------------------------
echo .
pause
set lb=%cd%
cls
echo .
echo ---------------------------------------------------
echo 是否要更改GUTEST和SUPPORT_388945a0的密码
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要更改请按 Y,否请按 N。"
if %errorlevel% equ 2 goto firstgo
net user guest SDFse7%6$3
net user SUPPORT_388945a0 g@#!hao(^$875
:firstgo
cls
echo .
echo ---------------------------------------------------
echo 是否要注消危险组件
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要注消请按 Y,否请按 N。"
if %errorlevel% equ 2 goto secgo
regsvr32 /u /s %SystemRoot%\System32\wshom.ocx
regsvr32 /u /s %SystemRoot%\system32\shell32.dll
regsvr32 /u /s %SystemRoot%\system32\npptools.dll
reg copy "HKEY_CLASSES_ROOT\Shell.Application" "HKEY_CLASSES_ROOT\Shell.Application_sfqas" /s /f
reg delete "HKEY_CLASSES_ROOT\Shell.Application" /f
reg delete "HKEY_CLASSES_ROOT\Shell.Application_sfqas\CLSID" /f
reg add HKEY_CLASSES_ROOT\Shell.Application_sfqas\CLSID /v (默认) /t REG_SZ /d
reg copy "HKEY_CLASSES_ROOT\Shell.Application.1" "HKEY_CLASSES_ROOT\Shell.Application.1_sfqas" /s /f
reg delete "HKEY_CLASSES_ROOT\Shell.Application.1" /f
reg delete "HKEY_CLASSES_ROOT\Shell.Application.1_sfqas\CLSID" /f
reg add HKEY_CLASSES_ROOT\Shell.Application.1_sfqas\CLSID /v (默认) /t REG_SZ /d
:secgo
cls
echo .
echo ---------------------------------------------------
echo 是否取消显示上次登陆用户名
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要取消请按 Y,否请按 N。"
if %errorlevel% equ 2 goto thirdgo
reg add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DontDisplayLastUserName /t reg_dword /d 00000001 /f
:thirdgo
cls
echo .
echo ---------------------------------------------------
echo 是否防御TELNET登陆
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要防御请按 Y,否请按 N。"
if %errorlevel% equ 2 goto sixgo
echo exit>>%SystemRoot%\system32\login.cmd
:sixgo
cls
echo .
echo ---------------------------------------------------
echo 是否限制一些险的端口的访问,如135,137,138,139,
echo 445,593,1025,2745,3127,4489,6129
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要限制请按 Y,否请按 N。"
if %errorlevel% equ 2 goto sevengo
echo 名字为sfqas的安全策略
netsh ipsec static add policy name=sfqas的安全策略
netsh ipsec static add filterlist name=允许列表
netsh ipsec static add filterlist name=拒绝列表
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=135
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=137
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=138
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=139
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=445
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=593
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=1025
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=2745
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=3127
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=4489
netsh ipsec static add filter filterlist=拒绝列表 srcaddr=any dstaddr=me description=别人到我特定访问 protocol=tcp mirrored=yes dstport=6129
netsh ipsec static add filteraction name=充许 action=permit
netsh ipsec static add filteraction name=拒绝 action=block
netsh ipsec static add rule name=拒绝规则 policy=sfqas的安全策略 filterlist=拒绝列表 filteraction=拒绝
netsh ipsec static set policy name=sfqas的安全策略 assign=y
:sevengo
cls
echo .
echo ---------------------------------------------------
echo 是否限制RADMIN应用
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要限制请按 Y,否请按 N。"
if %errorlevel% equ 2 goto eightgo
if exist %SystemRoot%\system32\r_server.exe echo " 如果有RADMIM,删除"
r_server.exe /stop
r_server /uninstall /silence
del %SystemRoot%\system32\r_server.exe
del %SystemRoot%\system32\admdll.dll
del %SystemRoot%\system32\radbrv.dll
:eightgo
cls
echo .
echo ---------------------------------------------------
echo 是否防御密码记录工具NTPass及类似
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要防御请按 Y,否请按 N。"
if %errorlevel% equ 2 goto ninego
if exist %SystemRoot%\system32\ntpass.dll ehco "如果有密码记录器NTPass,删除"
echo you are a bitch>%systemroot%\system32\eulagold.txt
rundll32 NTPass.dll,Remove
echo y| cacls %SystemRoot%/system32/eulagold.txt /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/eulagold.txt /t /e /c /r administrators
echo y| cacls %SystemRoot%/system32/eulagold.txt /e /d service /c
echo y| cacls %SystemRoot%/system32/eulagold.txt /e /d batch /c
echo y| cacls %SystemRoot%/system32/eulagold.txt /e /d interactive /c
echo y| cacls %SystemRoot%/system32/eulagold.txt /e /d system /c
echo y| cacls %SystemRoot%/system32/eulagold.txt /e /d users /c
attrib +R +A +S +H %SystemRoot%/system32/eulagold.txt
if exist %SystemRoot%\system32\GinaPwd.txt ehco "如果有密码记录器GinaPwd,删除"
echo you are a bitch>%systemroot%\system32\GinaPwd.txt
echo y| cacls %SystemRoot%/system32/GinaPwd.txt /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/GinaPwd.txt /t /e /c /r administrators
echo y| cacls %SystemRoot%/system32/GinaPwd.txt /e /d service /c
echo y| cacls %SystemRoot%/system32/GinaPwd.txt /e /d batch /c
echo y| cacls %SystemRoot%/system32/GinaPwd.txt /e /d interactive /c
echo y| cacls %SystemRoot%/system32/GinaPwd.txt /e /d system /c
echo y| cacls %SystemRoot%/system32/GinaPwd.txt /e /d users /c
attrib +R +A +S +H %SystemRoot%/system32/GinaPwd.txt
:ninego
cls
echo .
echo ---------------------------------------------------
echo 是否关闭一些不常用的服务
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要关闭请按 Y,否请按 N。"
if %errorlevel% equ 2 goto eightgo
sc config Alerter start= disabled
sc stop Alerter
sc config dfs start= demand
sc stop Browser
sc config messenger start= disabled
sc stop messenger
sc config tlntsvr start= disabled
sc stop tlntsvr
sc config Browser start= DISABLED
sc stop Browser
sc config Spooler start= DISABLED
sc stop Spooler
sc config RemoteRegistry start= DISABLED
sc stop RemoteRegistry
sc config lanmanserver start= DISABLED
sc stop lanmanserver
sc config LmHosts start= DISABLED
sc stop LmHosts
sc config WZCSVC start= DISABLED
sc stop WZCSVC
sc config lanmanworkstation start= DISABLED
sc stop lanmanworkstation
sc config SysmonLog start= disabled
:eightgo
cls
echo .
echo ---------------------------------------------------
echo 是否优化系统和优化组策略安全
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要优化请,*(注意优化后只能用超级管理员登陆)按 Y,否请按 N。"
if %errorlevel% equ 2 goto tengo
echo 优化系统
reg add "HKCU\Control Panel\Desktop" /v AutoEndTasks /t REG_DWORD /d 1 /f
reg add "HKCU\Control Panel\Desktop" /v HungAppTimeout /d 50 /f
reg add "HKCU\Control Panel\Desktop" /v WaitToKillAppTimeout /d 200 /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v EnablePrefetcher /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug" /v Auto /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v SFCDisable /t REG_DWORD /d 4294967197 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v MaxConnectionsPer1_0Server /t REG_DWORD /d 8 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v MaxConnectionsPerServer /t REG_DWORD /d 8 /f
reg add HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer /v Link /t REG_BINARY /d 00000000 /f
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer /v NoLowDiskSpaceChecks /t REG_DWORD /d 1 /f
reg add HKLM\SYSTEM\CurrentControlSet\Control\FileSystem /v ConfigFileAllocSize /t REG_DWORD /d 500 /f
reg add HKCU\Console /v LoadConIme /t REG_DWORD /d 0 /f
reg add HKLM\SYSTEM\ControlSet001\Control\CrashControl /v AutoReboot /t REG_DWORD /d 1 /f
reg add HKLM\SYSTEM\ControlSet001\Control\CrashControl /v CrashDumpEnabled /t REG_DWORD /d 0 /f
reg add HKLM\SYSTEM\ControlSet001\Control\CrashControl /v DumpFile /t REG_EXPAND_SZ /d %SystemRoot%\MEMORY.DMP /f
reg add HKLM\SYSTEM\ControlSet001\Control\CrashControl /v LogEvent /t REG_DWORD /d 0 /f
reg add HKLM\SYSTEM\ControlSet001\Control\CrashControl /v MinidumpDir /t REG_EXPAND_SZ /d %SystemRoot%\Minidump /f
reg add HKLM\SYSTEM\ControlSet001\Control\CrashControl /v Overwrite /t REG_DWORD /d 1 /f
reg add HKLM\SYSTEM\ControlSet001\Control\CrashControl /v SendAlert /t REG_DWORD /d 0 /f
reg add HKLM\SOFTWARE\Microsoft\PCHealth\ErrorReporting /v DoReport /t REG_DWORD /d 0 /f
reg add HKLM\SOFTWARE\Microsoft\PCHealth\ErrorReporting /v ShowUI /t REG_DWORD /d 0 /f
echo 优化组策略安全
cd /d %lb%
echo [Unicode] >sfqas.inf
echo Unicode=yes >>sfqas.inf
echo [System Access] >>sfqas.inf
echo MinimumPasswordAge = 2 >>sfqas.inf
echo MaximumPasswordAge = 42 >>sfqas.inf
echo MinimumPasswordLength = 0 >>sfqas.inf
echo PasswordComplexity = 0 >>sfqas.inf
echo PasswordHistorySize = 24 >>sfqas.inf
echo LockoutBadCount = 5 >>sfqas.inf
echo ResetLockoutCount = 3 >>sfqas.inf
echo LockoutDuration = 3 >>sfqas.inf
echo RequireLogonToChangePassword = 0 >>sfqas.inf
echo ForceLogoffWhenHourExpire = 0 >>sfqas.inf
echo NewGuestName = "MyGuestOne" >>sfqas.inf
echo ClearTextPassword = 0 >>sfqas.inf
echo LSAAnonymousNameLookup = 0 >>sfqas.inf
echo EnableAdminAccount = 1 >>sfqas.inf
echo EnableGuestAccount = 0 >>sfqas.inf
echo [Event Audit] >>sfqas.inf
echo AuditSystemEvents = 3 >>sfqas.inf
echo AuditLogonEvents = 3 >>sfqas.inf
echo AuditObjectAccess = 0 >>sfqas.inf
echo AuditPrivilegeUse = 3 >>sfqas.inf
echo AuditPolicyChange = 3 >>sfqas.inf
echo AuditAccountManage = 3 >>sfqas.inf
echo AuditProcessTracking = 0 >>sfqas.inf
echo AuditDSAccess = 0 >>sfqas.inf
echo AuditAccountLogon = 3 >>sfqas.inf
echo [Registry Values] >>sfqas.inf
echo MACHINE\Software\Microsoft\Driver Signing\Policy=3,1 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel=4,0 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SetCommand=4,0 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,"0" >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASD=1,"0" >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,"0" >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,"10" >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogon=4,1 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\PasswordExpiryWarning=4,14 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOption=1,"0" >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableCAD=4,0 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLastUserName=4,1 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText=7, >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ScForceOption=4,0 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon=4,0 >>sfqas.inf
echo MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon=4,0 >>sfqas.inf
echo MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\AuthenticodeEnabled=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,5 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDrivers=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactPaths\Machine=7, >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\Machine=7, >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitive=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems\optional=7,Posix >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionPipes=7, >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionShares=7, >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RestrictNullSessAccess=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignature=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignature=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswordChange=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\MaximumPasswordAge=4,30 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey=4,0 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1 >>sfqas.inf
echo MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1 >>sfqas.inf
echo [Privilege Rights] >>sfqas.inf
echo SeNetworkLogonRight = IUSR_%COMPUTERNAME%,IWAM_%COMPUTERNAME%,ASPNET,Guests,everyone >>sfqas.inf
echo SeRemoteShutdownPrivilege = Administrators >>sfqas.inf
echo SeIncreaseBasePriorityPrivilege = Administrators >>sfqas.inf
echo SeLoadDriverPrivilege = administrator >>sfqas.inf
echo SeSecurityPrivilege = Administrators >>sfqas.inf
echo SeSystemEnvironmentPrivilege = Administrators >>sfqas.inf
echo SeSystemProfilePrivilege = Administrators >>sfqas.inf
echo SeTakeOwnershipPrivilege = Administrators >>sfqas.inf
echo SeDenyNetworkLogonRight = Administrators >>sfqas.inf
echo SeManageVolumePrivilege = Administrators >>sfqas.inf
echo SeRemoteInteractiveLogonRight = administrator >>sfqas.inf
echo [Version] >>sfqas.inf
echo signature="$CHICAGO$" >>sfqas.inf
echo Revision=1 >>sfqas.inf
secedit /configure /db sfqas.sdb /cfg sfqas.inf /log sfqas.log /overwrite /quiet
del sfqas.*
:tengo
cls
echo .
echo ---------------------------------------------------
echo 是否加强DDOS防御能力
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要加强请按 Y,否请按 N。"
if %errorlevel% equ 2 goto elego
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpTimedWaitDelay /t reg_dword /d 00000030 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v SynAttackProtect /t reg_dword /d 00000002 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxHalfOpen /t reg_dword /d 00000200 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxHalfOpenRetried /t reg_dword /d 00000096 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxConnectResponseRetransmissions /t reg_dword /d 00000003 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxDataRetransmissions /t reg_dword /d 00000005 /f
:elego
cls
echo ---------------------------------------------------
echo 是否启用服务器的网络共享?(共享服务可提供网络文件共享实现远程备份,比如NAS备份)
echo 如果前面限制了端口请不指派sfqas的安全策略并删除该策略
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "是请按Y,否请按N。"
echo .
echo ---------------------------------------------------
if %errorlevel% equ 2 goto noshare
reg add HKLM\SOFTWARE\Microsoft\Ole /v EnableDCOM /d Y /f
reg add HKLM\SOFTWARE\Microsoft\Rpc /v "DCOM Protocols" /t REG_MULTI_SZ /d ncacn_ip_tcp\0 /f
reg add HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters /v SMBDeviceEnabled /t REG_DWORD /d 1 /f
sc config MSDTC start= AUTO
sc config lanmanworkstation start= AUTO
sc config lanmanserver start= AUTO
sc config Browser start= AUTO
echo y| cacls %SystemRoot%\system32\activeds.dll /G administrators:F SYSTEM:F IIS_WPG:R
sc start MSDTC
sc start lanmanworkstation
sc start lanmanserver
sc start Browser
:noshare
cls
echo .
echo ---------------------------------------------------
echo 是否禁用注册表工具
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要禁用请按 Y,否请按 N。"
if %errorlevel% equ 2 goto fourthgo
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableRegistryTools /t reg_dword /d 00000001 /f
:fourthgo
cls
echo .
echo ---------------------------------------------------
echo 是否禁用cmd
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要禁用请按 Y,否请按 N。"
if %errorlevel% equ 2 goto fifthgo
reg add "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System" /v DisableCMD /t reg_dword /d 00000001 /f
:fifthgo
cls
echo .
echo ---------------------------------------------------
echo 是否开启WINDOWS防火墙,并只开放3389.FTP.80,和自己的远程端口,允许PING
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "要开启请按 Y,否请按 N。"
if %errorlevel% equ 2 goto firewallgo
sc config ShareAccess start= auto
sc start ShareAccess
netsh firewall set opmode mode = ENABLE
netsh firewall set icmpsetting 8
netsh firewall set portopening tcp 3389
netsh firewall set portopening tcp 21 sfqas_ftplink
netsh firewall set portopening tcp 20 sfqas_ftpdata
netsh firewall set portopening tcp 80 sfqas_web
echo .
CHOICE /C YN /M "远程端口是不是3389,要设置请按 Y,否请按 N。"
if %errorlevel% equ 2 goto firewallgo1
set mstscnumb1=
:numnogo
cls
set /p mstscnumb1=你的远程端口号:
if not defined mstscnumb1 goto numnogo
echo 你的远程端口号是:%mstscnumb1%
netsh firewall set portopening tcp %mstscnumb1% sfqas_mstsc
:firewallgo1
:firewallgo
cls
echo .
echo ---------------------------------------------------
echo 是否删除SQL2000危险的存储过程(如无安装SQL请不要运行!)
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "删除请按 Y,否请按 N。"
if %errorlevel% equ 2 goto ynono
echo ---------------------------------------------------
echo 请在弹出窗口内点击上方的绿色三角运行里面的代码才生效!准备好请按y
echo ---------------------------------------------------
if %errorlevel% equ 2 goto nono
echo use master
echo exec sp_dropextendedproc 'xp_cmdshell' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_enumgroups' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_loginconfig' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_regaddmultistring' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_regdeletekey' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_regdeletevalue' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_regread' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_regremovemultistring' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_regwrite' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_enumerrorlogs' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_getfiledetails' >>sql.sql
echo go >>sql.sql
echo exec sp_dropextendedproc 'xp_regenumvalues' >>sql.sql
echo go >>sql.sql
copy /Y sql.sql "C:\Documents and Settings\All Users\「开始」菜单\程序\Microsoft SQL Server\sql.sql"
start /d "C:\Documents and Settings\All Users\「开始」菜单\程序\Microsoft SQL Server" 查询分析器 -d master -E -f "C:\Documents and Settings\All Users\「开始」菜单\程序\Microsoft SQL Server\sql.sql"
echo ---------------------------------------------------
echo 请在弹出窗口内点击上方的绿色三角运行里面的代码才生效!你点了么?请按任意键继续. . .
echo ---------------------------------------------------
pause
del sql.sql
del "%systemdrive%\Documents and Settings\All Users\「开始」菜单\程序\Microsoft SQL Server\sql.sql"
:ynono
:nono
cls
echo 系统磁盘盘权限设定
echo 删除C盘的根目录的权限
echo y| Cacls %systemdrive%\ /e /c /r everyone
echo y| Cacls %systemdrive%\ /e /c /r "creator owner"
echo y| Cacls %systemdrive%\ /e /c /r users
echo y| Cacls "%systemdrive%\Documents and Settings\All Users\Documents" /e /c /r "creator owner"
echo y| Cacls "%systemdrive%\Documents and Settings\All Users\Documents" /e /c /r "power users"
echo y| Cacls "%systemdrive%\Documents and Settings\All Users\Documents" /e /c /r users
echo y| Cacls "%systemdrive%\Documents and Settings" /e /c /r everyone
echo y| Cacls "%systemdrive%\Documents and Settings\Administrator\「开始」菜单\程序\启动" /e /c /r administrators
echo y| Cacls "%systemdrive%\Documents and Settings\Administrator\「开始」菜单\程序\启动" /e /c /r system
echo y| Cacls "%systemdrive%\Documents and Settings\All Users\「开始」菜单\程序\启动" /e /c /r system
echo y| Cacls "%systemdrive%\Documents and Settings\All Users\「开始」菜单\程序\启动" /e /c /r administrators
attrib +R +A +S +H %systemdrive%\wmpub
echo y| Cacls %systemdrive%\wmpub /e /c /r "creator owner"
echo y| Cacls %systemdrive%\wmpub /e /c /r "power users"
echo y| Cacls %systemdrive%\wmpub /e /c /r users
echo y| Cacls %systemdrive%\wmpub /e /c /r administrators
echo y| Cacls %systemdrive%\wmpub /e /c /r system
echo y| Cacls %systemdrive%\wmpub /e /c /r administrators
echo y| Cacls %systemdrive%\wmpub /e /c /r system
attrib +R +A +S +H %systemdrive%\WINDOWS\addins
echo y| Cacls %systemdrive%\WINDOWS\addins /e /c /r "creator owner"
echo y| Cacls %systemdrive%\WINDOWS\addins /e /c /r "power users"
echo y| Cacls %systemdrive%\WINDOWS\addins /e /c /r users
echo y| Cacls %systemdrive%\WINDOWS\addins /e /c /r administrators
echo y| Cacls %systemdrive%\WINDOWS\addins /e /c /r system
echo y| Cacls %systemdrive%\WINDOWS\addins /e /c /r administrators
echo y| Cacls %systemdrive%\WINDOWS\addins /e /c /r system
echo .
echo ---------------------------------------------------
echo 如果你的WEB以前用的USERS或是everyone权限,下面的操作可能会导致无权限访问,是否操作?
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "是请按 Y,否请按 N。"
if %errorlevel% equ 2 goto confirm1
echo "删除D盘的根目录的权限"
echo y| Cacls D:\ /t /e /c /r everyone
echo y| Cacls D:\ /t /e /c /r "creator owner"
echo y| Cacls D:\ /t /e /c /r users
echo "删除E盘的根目录的权限"
echo y| Cacls E:\ /t /e /c /r everyone
echo y| Cacls E:\ /t /e /c /r "creator owner"
echo y| Cacls E:\ /t /e /c /r users
echo "删除F盘的根目录的权限"
echo y| Cacls F:\ /t /e /c /r everyone
echo y| Cacls F:\ /t /e /c /r "creator owner"
echo y| Cacls F:\ /t /e /c /r users
echo "删除G盘的根目录的权限"
echo y| Cacls G:\ /t /e /c /r everyone
echo y| Cacls G:\ /t /e /c /r "creator owner"
echo y| Cacls G:\ /t /e /c /r users
echo "删除H盘的根目录的权限"
echo y| Cacls H:\ /t /e /c /r everyone
echo y| Cacls H:\ /t /e /c /r "creator owner"
echo y| Cacls H:\ /t /e /c /r users
echo "删除I盘的根目录的权限"
echo y| Cacls I:\ /t /e /c /r everyone
echo y| Cacls I:\ /t /e /c /r "creator owner"
echo y| Cacls I:\ /t /e /c /r users
:confirm1
echo "2003减少C盘的危险文件的访问权限"
attrib +R +A +S +H %SystemRoot%/system32/shell32.dll
echo y| cacls %SystemRoot%/system32/shell32.dll /e /d guests /c
attrib +R +A +S +H %SystemRoot%/system32/wshom.ocx
echo y| cacls %SystemRoot%/system32/wshom.ocx /e /d guests /c
attrib +R +A +S +H %SystemRoot%/system32/npptools.dll
echo y| cacls %SystemRoot%/system32/npptools.dll /e /d users /c
attrib +R +A +S +H %SystemRoot%/system32/Cmd.exe
echo y| cacls %SystemRoot%/system32/Cmd.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/Cmd.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/Cmd.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/Cmd.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/Cmd.exe /e /d telnetclients /c
echo y| cacls %SystemRoot%/system32/Cmd.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/net.exe
echo y| cacls %SystemRoot%/system32/net.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/net.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/net.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/net.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/net.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/net.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/net.exe /e /d users /c
echo y| cacls %SystemRoot%/system32/net.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/reg.exe
echo y| cacls %SystemRoot%/system32/reg.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/reg.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/reg.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/reg.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/reg.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/reg.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/reg.exe /e /d users /c
echo y| cacls %SystemRoot%/system32/reg.exe /e /d system:r /c
attrib +R +A +S +H %SystemRoot%/system32/netsh.exe
echo y| cacls %SystemRoot%/system32/netsh.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/netsh.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/netsh.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/netsh.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/netsh.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/netsh.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/netsh.exe /e /d users /c
echo y| cacls %SystemRoot%/system32/netsh.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/sc.exe
echo y| cacls %SystemRoot%/system32/sc.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/sc.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/sc.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/sc.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/sc.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/sc.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/sc.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/net1.exe
echo y| cacls %SystemRoot%/system32/net1.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/net1.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/net1.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/net1.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/net1.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/net1.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/net1.exe /e /d users /c
echo y| cacls %SystemRoot%/system32/net1.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/netstat.exe
echo y| cacls %SystemRoot%/system32/netstat.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/netstat.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/netstat.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/netstat.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/netstat.exe /e /d batch /c
attrib +R +A +S +H %SystemRoot%/system32/ftp.exe
echo y| cacls %SystemRoot%/system32/ftp.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/ftp.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/ftp.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/ftp.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/ftp.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/ftp.exe /e /d users /c
echo y| cacls %SystemRoot%/system32/ftp.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/dllcache/at.exe
echo y| cacls %SystemRoot%/system32/dllcache/at.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/dllcache/at.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/dllcache/at.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/dllcache/at.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/dllcache/at.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/dllcache/at.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/dllcache/at.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/at.exe
echo y| cacls %SystemRoot%/system32/at.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/at.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/at.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/at.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/at.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/at.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/at.exe /e /d system /c
attrib +R +A +S +H cacls %SystemRoot%/system32/dllcache/utilman.exe
echo y| cacls %SystemRoot%/system32/dllcache/utilman.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/dllcache/utilman.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/dllcache/utilman.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/dllcache/utilman.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/dllcache/utilman.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/dllcache/utilman.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/dllcache/utilman.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/utilman.exe
echo y| cacls %SystemRoot%/system32/utilman.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/utilman.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/utilman.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/utilman.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/utilman.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/utilman.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/utilman.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/dllcache/sethc.exe
echo y| cacls %SystemRoot%/system32/dllcache/sethc.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/dllcache/sethc.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/dllcache/sethc.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/dllcache/sethc.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/dllcache/sethc.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/dllcache/sethc.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/dllcache/sethc.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/sethc.exe
echo y| cacls %SystemRoot%/system32/sethc.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/sethc.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/sethc.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/sethc.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/sethc.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/sethc.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/sethc.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/dllcache/magnify.exe
echo y| cacls %SystemRoot%/system32/dllcache/magnify.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/dllcache/magnify.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/dllcache/magnify.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/dllcache/magnify.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/dllcache/magnify.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/dllcache/magnify.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/dllcache/magnify.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/magnify.exe
echo y| cacls %SystemRoot%/system32/magnify.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/magnify.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/magnify.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/magnify.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/magnify.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/magnify.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/magnify.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/dllcache/osk.exe
echo y| cacls %SystemRoot%/system32/dllcache/osk.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/dllcache/osk.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/dllcache/osk.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/dllcache/osk.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/dllcache/osk.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/dllcache/osk.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/dllcache/osk.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/osk.exe
echo y| cacls %SystemRoot%/system32/osk.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/osk.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/osk.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/osk.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/osk.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/osk.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/osk.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/dllcache/cacls.exe
echo y| cacls %SystemRoot%/system32/dllcache/cacls.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/dllcache/cacls.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/dllcache/cacls.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/dllcache/cacls.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/dllcache/cacls.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/dllcache/cacls.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/dllcache/cacls.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/cacls.exe
echo y| cacls %SystemRoot%/system32/cacls.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/cacls.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/cacls.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/cacls.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/cacls.exe /e /d batch /c
attrib +R +A +S +H %SystemRoot%/system32/dllcache/attrib.exe
echo y| cacls %SystemRoot%/system32/dllcache/attrib.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/dllcache/attrib.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/dllcache/attrib.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/dllcache/attrib.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/dllcache/attrib.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/dllcache/attrib.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/dllcache/attrib.exe /e /d system /c
attrib +R +A +S +H %SystemRoot%/system32/attrib.exe
echo y| cacls %SystemRoot%/system32/attrib.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/attrib.exe /e /g administrator:f /c
echo y| cacls %SystemRoot%/system32/attrib.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/attrib.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/attrib.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/attrib.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/attrib.exe /e /d users /c
echo y| cacls %SystemRoot%/system32/attrib.exe /e /d system /c
echo y| cacls %SystemRoot%/system32/secedit.exe /e /g administrator:f /c
cls
echo .
echo ---------------------------------------------------
echo 是否要修改administrator名字,是按Y,否按N?
echo ---------------------------------------------------
echo .
if %errorlevel% equ 2 goto confirml
set username1=
:usernogo
cls
echo 设置超级管理员账号并只允许此账号远程
set /p username1=请输入新的administrator名字:
if not defined username1 goto usernogo
echo 你设置的超级管理员用户名是:%username1%
echo [version] >sfqas.inf
echo signature="$CHICAGO$" >>sfqas.inf
echo Revision=1 >>sfqas.inf
echo [System Access] >>sfqas.inf
echo NewAdministratorName = "%username1%" >>sfqas.inf
secedit /configure /db sfqas.sdb /cfg sfqas.inf /log sfqas.log /overwrite /quiet
del sfqas.*
:confirml
attrib +R +A +S +H %SystemRoot%/system32/secedit.exe
echo y| cacls %SystemRoot%/system32/secedit.exe /e /d guests /c
echo y| cacls %SystemRoot%/system32/secedit.exe /e /r administrators
echo y| cacls %SystemRoot%/system32/secedit.exe /e /d interactive /c
echo y| cacls %SystemRoot%/system32/secedit.exe /e /d service /c
echo y| cacls %SystemRoot%/system32/secedit.exe /e /d batch /c
echo y| cacls %SystemRoot%/system32/secedit.exe /e /d users /c
echo y| cacls %SystemRoot%/system32/secedit.exe /e /d system /c
cls
echo .
echo ---------------------------------------------------
echo 如果你是虚拟主机系统,如hz,此步请选N?
echo ---------------------------------------------------
echo .
CHOICE /C YN /M "不是请按 Y,是请按 N。"
if %errorlevel% equ 2 goto confirm2
echo y| cacls %SystemRoot%/system32/cacls.exe /e /d system /c
echo y| cacls %SystemRoot%/system32/cacls.exe /e /d interactive /c
:confirm2
cls
@echo 索引系统垃圾列表中....
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %systemdrive%\*._mp
del /f /s /q %systemdrive%\*.log
del /f /s /q %systemdrive%\*.gid
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\*.old
del /f /s /q %systemdrive%\recycled\*.*
del /f /s /q %windir%\*.bak
del /f /s /q %windir%\prefetch\*.*
del /s /q %windir%\temp\*.*
del /f /q %userprofile%\cookies\*.*
del /f /q %userprofile%\recent\*.*
del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*"
del /f /s /q "%userprofile%\Local Settings\Temp\*.*"
del /f /s /q "%userprofile%\recent\*.*"
@echo 系统垃圾清理完毕!
windows 2003 自动安全设置的更多相关文章
- windows 2003自动登录的具体步骤
在win2003系统中,使用最多的可能就是远程操作了,关于远程操作的那些事很多用户还是有些迷茫的.如果win2003系统远程重启后,要重新登录系统十分的麻烦,如何才能实现重启后的自动登录呢?让高手告诉 ...
- Windows 2003 服务器安全设置-批处理 (附参考链接)
长期维护windows服务器终结出来的安全设置批处理与大家分享,复制以下全部内容用记事本另存为bat或者cmd执行 ===================分隔符号=================== ...
- Windows 2003】利用域&&组策略自动部署软件
Windows 2003]利用域&&组策略自动部署软件 转自 http://hi.baidu.com/qu6zhi/item/4c0fa100dc768613cc34ead0 ==== ...
- 如何设置windows 2003的最大远程连接数
在Windows 2003系统上的远程桌面实际上就是终端服务,虽然远程桌面最初在Windows XP上就已经存在,但由于Windows XP的远程桌面功能,只能提供一个用户使用计算机,因此使用率并不高 ...
- 为什么 Windows 10 无论怎么设置一分钟后就自动关屏幕?
为什么 Windows 10 无论怎么设置一分钟后就自动关屏幕? 在设置中设置了很多方法,但不管怎么设置就是不行,不到一分钟一定关屏幕. 开始以为是能源之星引起,查了相关资料说不是,那个能源之星标志只 ...
- Win2003及2008R2重启自动登录设置方法
在windows系统中,使用最多的可能就是远程操作了,关于远程操作的那些事很多用户还是有些迷茫的.如果win2003系统远程重启后,要重新登录系统才能启用远程功能,这就十分的麻烦,如何才能实现重启后的 ...
- 让windows 2003启动后直接进入桌面
windows 2003启动后进入桌面需要解决的几个问题 1.如何去除掉 ctrl+alt+del的提示界面 2.如何设置自动登录的用户名密码 3.在异常启动时会出现关闭事件跟踪程序 也会导致不能直接 ...
- windows下自动删除过期文件的脚本
windows下自动删除过期文件的脚本 前言: 比如日志文件每天都产生,时间长了就会有很大的一堆垃圾.整理一下 定时删除文件的方法. 正文: Windows: 定时删除tomcat日志和缓存.可以保留 ...
- (转)windows 2003 远程桌面关闭 运行程序退出解决
windows 2003 远程桌面关闭 运行程序退出解决 原文:http://2798996.blog.51cto.com/2788996/503365 情况:远程桌面到2003,运行一个程序,然后关 ...
随机推荐
- 华为手机logcat不出日志解决方案
解决方法:在拨打电话界面,录入*#*#2846579#*#* 自动进入开发界面菜单,进入第一个,选择开启logcat.
- WPF的MVVM
一.关于WPF WPF(Windows Presentation Foundation) ,从名字来看,Microsoft想把WPF技术作为Windows程序外观(表现层)的基础.我们知道,现在开发 ...
- DLP底座(威创定制)
品牌:威创 型号:BC06730-1000 生产商:广东威创视讯科技股份有限公司 1.DLP底座说明 DLP底座由威创统一定制,确保了整套系统的完整性和可靠性.材质为钢结构,根据淄川地下管线中心的现场 ...
- box-sizing:content-box
box-sizing:content-box 规定两个并排的带边框的框:
- MFC 在对话框显示图片的多种方法
我们先从简单的开始吧.先分一个类: (一) 非动态显示图片(即图片先通过资源管理器载入,有一个固定ID) (二) 动态载入图片(即只需要在程序中指定图片的路径即可载入) 为方便说明,我们已经建好一 ...
- 14.6.1 Creating InnoDB Tables 创建InnoDB 表:
14.6.1 Creating InnoDB Tables 创建InnoDB 表: 创建一个InnoDB 表,使用CREATE TABLE 语句,你不需要指定 ENGINE=InnoDB子句 如果In ...
- OCA读书笔记(3) - 使用DBCA创建Oracle数据库
Objectives: •Create a database by using the Database Configuration Assistant (DBCA) •Generate databa ...
- Photon的使用
这几个月给公司一个正在做的半吊子游戏加pvp功能,一个人居然要2个多月弄个 PVP 类似 Dota 对战的游戏.我手里有套现成搭建服务端架构都没敢用起来,这服务器还是太初步了,只是验证了 Boost ...
- 第二章排错的工具:调试器Windbg(上)
感谢博主 http://book.51cto.com/art/200711/59731.htm <Windows用户态程序高效排错>第二章主要介绍用户态调试相关的知识和工具.本文主要讲了排 ...
- Android中获取IMEI码
Imei = ((TelephonyManager) getSystemService(TELEPHONY_SERVICE)) .getDeviceId(); 1.加入权限 在manifest.xml ...