ECHo 禁止不必要的服务,如果要退出请按Ctrl+C ECHO YES=next set NO=this set ignore (this time 30 Second default for y) ECHO. ------------------------------------------------------------------------ CHOICE /T 30 /C yn /D y if errorlevel 2 goto next4 if errorlevel 1 goto next31 :next31 echo Windows Registry Editor Version 5.00 >temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dfs] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Scheduler] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LmHosts] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtmsSvc] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDE] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDEdsdm] >>temp\Services.reg echo "Start"=dword:00000004 >>temp\Services.reg regedit /s temp\Services.reg ECHO. goto next4 :next4 ECHO. ECHO. ------------------------------------------------------------------------- ECHo 防止人侵和攻击. 如果要退出请按Ctrl+C ECHO YES=next set NO=this set ignore (this time 30 Second default for y) ECHO. ------------------------------------------------------------------------- CHOICE /T 30 /C yn /D y if errorlevel 2 goto next5 if errorlevel 1 goto next41 :next41 echo Windows Registry Editor Version 5.00 >temp\skyddos.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] >>temp\skyddos.reg echo "EnableDeadGWDetect"=dword:00000000 >>temp\skyddos.reg echo "EnableICMPRedirects"=dword:00000000 >>temp\skyddos.reg echo "PerformRouterDiscovery"=dword:00000000 >>temp\skyddos.reg echo "NoNameReleaseOnDemand"=dword:00000001 >>temp\skyddos.reg echo "KeepAliveTime"=dword:000493e0 >>temp\skyddos.reg echo "EnablePMTUDiscovery"=dword:00000000 >>temp\skyddos.reg echo "SynAttackProtect"=dword:00000002 >>temp\skyddos.reg echo "TcpMaxHalfOpen"=dword:00000064 >>temp\skyddos.reg echo "TcpMaxHalfOpenRetried"=dword:00000050 >>temp\skyddos.reg echo "TcpMaxConnectResponseRetransmissions"=dword:00000001 >>temp\skyddos.reg echo "TcpMaxDataRetransmissions"=dword:00000003 >>temp\skyddos.reg echo "TCPMaxPortsExhausted"=dword:00000005 >>temp\skyddos.reg echo "DisableIPSourceRouting"=dword:0000002 >>temp\skyddos.reg echo "TcpTimedWaitDelay"=dword:0000001e >>temp\skyddos.reg echo "EnableSecurityFilters"=dword:00000001 >>temp\skyddos.reg echo "TcpNumConnections"=dword:000007d0 >>temp\skyddos.reg echo "TcpMaxSendFree"=dword:000007d0 >>temp\skyddos.reg echo "IGMPLevel"=dword:00000000 >>temp\skyddos.reg echo "DefaultTTL"=dword:00000016 >>temp\skyddos.reg echo 删除IPC$(Internet Process Connection)是共享“命名管道”的资源 echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] >>temp\skyddos.reg echo "restrictanonymous"=dword:00000001 >>temp\skyddos.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\interfaces] >>temp\skyddos.reg echo "PerformRouterDiscovery"=dword:00000000 >>temp\skyddos.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >>temp\skyddos.reg echo "BacklogIncrement"=dword:00000003 >>temp\skyddos.reg echo "MaxConnBackLog"=dword:000003e8 >>temp\skyddos.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Afd\Parameters] >>temp\skyddos.reg echo "EnableDynamicBacklog"=dword:00000001 >>temp\skyddos.reg echo "MinimumDynamicBacklog"=dword:00000014 >>temp\skyddos.reg echo "MaximumDynamicBacklog"=dword:00002e20 >>temp\skyddos.reg echo "DynamicBacklogGrowthDelta"=dword:0000000a >>temp\skyddos.reg echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] >>temp\skyddos.reg echo "autoshareserver"=dword:00000000 >>temp\skyddos.reg regedit /s temp\skyddos.reg ECHO. ECHO. goto next5 :next5 ECHO. ECHO. ------------------------------------------------------------------------ ECHo 防止ASP木马运行 卸除WScript.Shell, Shell.application, WScript.Network ECHO YES=next set NO=this set ignore (this time 30 Second default for y) ECHO. ----------------------------------------------------------------------- CHOICE /T 30 /C yn /D y if errorlevel 2 goto next6 if errorlevel 1 goto next51 :next51 echo Windows Registry Editor Version 5.00 >temp\del.reg echo [-HKEY_CLASSES_ROOT\Shell.Application] >>temp\del.reg echo [-HKEY_CLASSES_ROOT\Shell.Application.1] >>temp\del.reg echo [-HKEY_CLASSES_ROOT\CLSID\{13709620-C279-11CE-A49E-444553540000}] >>temp\del.reg echo [-HKEY_CLASSES_ROOT\ADODB.Command\CLSID] >>temp\del.reg echo [-HKEY_CLASSES_ROOT\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}] >>temp\del.reg regedit /s temp\del.reg regsvr32 /u %SystemRoot%\system32\wshom.ocx del /f/q %SystemRoot%\System32\wshom.ocx regsvr32 /u %SystemRoot%\system32\shell32.dll del /f/q %SystemRoot%\System32\shell32.dll rmdir /q/s temp ECHO. goto next6 :next6 ECHO. ECHO. ECHO. --------------------------------------------------------------------- ECHo 设置已经完成重启后才能生效. ECHO YES=reboot server NO=exit (this time 60 Second default for y) ECHO. ---------------------------------------------------------------------- CHOICE /T 30 /C yn /D y if errorlevel 2 goto end if errorlevel 1 goto reboot :reboot shutdown /r /t 0 :end if EXIST temp (rmdir /s/q temp|exit) else exit |
|小黑屋|最新主题|手机版|微赢网络技术论坛 ( 苏ICP备08020429号 )
GMT+8, 2024-9-29 23:24 , Processed in 0.244082 second(s), 12 queries , Gzip On, MemCache On.
Powered by Discuz! X3.5
© 2001-2023 Discuz! Team.