第一个比较全,推荐使用第一个
复制代码 代码如下:
@ECHO OFF
CLS
TITLE SERVER SAFE SETUP PRO
COLOR 0A
echo y|cacls.exe C:/ /p Administrators:f system:f "network service":r
echo y|cacls.exe D:/ /p Administrators:f system:f servU:f "network service":r
echo y|cacls.exe E:/ /p Administrators:f system:f servU:f "network service":r
echo y|cacls.exe "C:/Program Files" /t /p Administrators:f system:f everyone:r
echo y|cacls.exe "C:/Program Files/Common Files" /t /g Administrators:f system:f everyone:r
echo y|cacls.exe c:/windows /p Administrators:f system:f
echo y|cacls.exe c:/windows/system32 /p Administrators:f system:f
echo y|cacls.exe C:/WINDOWS/system32/inetsrv /p Administrators:f system:f everyone:r
echo y|cacls.exe "C:/Documents and Settings" /p Administrators:f system:f
echo y|cacls.exe "C:/Documents and Settings/All Users" /t /p Administrator:f system:f everyone:r
echo y|cacls.exe c:/windows/temp /p everyone:f
echo y|cacls.exe %systemroot%/system32/shell32.dll /p Administrators:f
echo y|cacls.exe %systemroot%/system32/wshom.ocx /p Administrators:f
echo y|cacls.exe c:/windows/system32/*.exe /p Administrators:f system:f
echo y|cacls.exe "c:/Documents and Settings/All Users" /e /g everyone:r
echo y|cacls.exe %systemroot%/system32/svchost.exe /e /g "network service":r
echo y|cacls.exe %systemroot%/system32/msdtc.exe /e /g "network service":r
echo y|cacls.exe %windir%/system32/mtxex.dll /e /g everyone:r
echo y|cacls.exe c:/windows/system32/cmd.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/net.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/net1.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/sc.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/at.exe /p Administrator:f
echo y|cacls.exe %windir%/system32/dllhost.exe /e /g everyone:r
echo y|cacls.exe c:/windows/system32/netsh.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/net.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/cacls.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/cmdkey.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/ftp.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/tftp.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/reg.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/regedt32.exe /p Administrator:f
echo y|cacls.exe c:/windows/system32/regini.exe /p Administrator:f
echo y|cacls.exe %windir%/assembly /e /t /g "network service":r
echo y|cacls.exe %windir%/Microsoft.NET /e /t /g everyone:r
echo y|cacls.exe "%windir%/Microsoft.NET/Framework/v1.1.4322/Temporary ASP.NET Files" /e /t /g everyone:f
echo y|cacls.exe %windir%/system32/mscoree.dll /e /g everyone:r
echo y|cacls.exe %windir%/system32/ws03res.dll /e /g everyone:r
echo y|cacls.exe %windir%/system32/msxml*.dll /e /g everyone:r
echo y|cacls.exe C:/WINDOWS/system32/urlmon.dll /e /g everyone:r
echo y|cacls.exe C:/WINDOWS/system32/mlang.dll /e /g everyone:r
echo y|cacls.exe C:/WINDOWS/system32/TAPI32.dll /e /g everyone:r
echo y|cacls.exe C:/WINDOWS/system32/WININET.dll /e /g everyone:r
cacls c:/windows/assembly /e /t /p "network service":r
cacls c:/windows/Microsoft.NET /e /t /p "network service":r
cacls "C:/WINDOWS/Microsoft.NET/Framework/v1.1.4322/Temporary ASP.NET Files" /e /t /p "network service":f
cacls C:/WINDOWS/system32/mscoree.dll /e /g everyone:r
cacls C:/WINDOWS/system32/ws03res.dll /e /g everyone:r
cacls c:/WINDOWS /e /g "network service":r
if exist c:/windows cacls c:/windows /e /g "network service":r
cacls c:/windows/Microsoft.NET /e /t /p "network service":r
cacls "C:/WINDOWS/Microsoft.NET/Framework/v1.1.4322/Temporary ASP.NET Files" /e /t /p "network service":f
cacls "C:/WINDOWS/Microsoft.NET/Framework/v2.0.50727/Temporary ASP.NET Files" /e /t /p "network service":f
cacls c:/windows/system32 /e /g "network service":r
cacls c:/windows/system32/rasapi32.dll /e /g "network service":r
echo y|cacls.exe C:/WINDOWS/system32/inetsrv/adsiis.dll /p Administrators:f autosystem:f
echo y|cacls.exe C:/WINDOWS/system32/inetsrv/iisadmpwd /p Administrators:f autosystem:f
echo y|cacls.exe C:/WINDOWS/system32/inetsrv/MetaBack /p Administrators:f autosystem:f
cacls C":/Program Files/Serv-U" /e /g "servu":f
cacls d:/wwwroot /e /g servU:f
echo 以上设置服务器目录权限
net stop Browser
sc config Browser start= disabled
net stop lanmanserver
sc config lanmanserver start= disabled
net share c$ /delete
net share d$ /delete
net share e$ /delete
net share f$ /delete
net share admin$ /delete
net share ipc$ /delete
echo 以上删除默认共享,设置服务项
echo .. delshare.reg .......
echo Windows Registry Editor Version 5.00> c:/delshare.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/lanmanserver/parameters]>> c:/delshare.reg
echo "AutoShareWks"=dword:00000000>> c:/delshare.reg
echo "AutoShareServer"=dword:00000000>> c:/delshare.reg
echo .. delshare.reg .....
regedit /s c:/delshare.reg
echo .. delshare.reg ....
del c:/delshare.reg
echo .
echo ........
echo .
echo =========================================================
echo .
echo .....................dos....
echo .
echo .........
echo Windows Registry Editor Version 5.00> c:/dosforwin.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters]>> c:/dosforwin.reg
echo "EnableICMPRedirect"=dword:00000000>> c:/dosforwin.reg
echo "DeadGWDetectDefault"=dword:00000001>> c:/dosforwin.reg
echo "DontAddDefaultGatewayDefault"=dword:00000000>> c:/dosforwin.reg
echo "EnableSecurityFilters"=dword:00000000">> c:/dosforwin.reg
echo "AllowUnqualifiedQuery"=dword:00000000>> c:/dosforwin.reg
echo "PrioritizeRecordData"=dword:00000001>> c:/dosforwin.reg
echo "ReservedPorts"=hex(7):31,00,34,00,33,00,33,00,2d,00,31,00,34,00,33,00,34,00,/>> c:/dosforwin.reg
echo 00,00,00,00>> c:/dosforwin.reg
echo "SynAttackProtect"=dword:00000002>> c:/dosforwin.reg
echo "EnablePMTUDiscovery"=dword:00000000>> c:/dosforwin.reg
echo "NoNameReleaseOnDemand"=dword:00000001>> c:/dosforwin.reg
echo "EnableDeadGWDetect"=dword:00000000>> c:/dosforwin.reg
echo "KeepAliveTime"=dword:00300000>> c:/dosforwin.reg
echo "PerformRouterDiscovery"=dword:00000000>> c:/dosforwin.reg
echo "EnableICMPRedirects"=dword:00000000>> c:/dosforwin.reg
echo .
echo ==========================================================
echo .. dosforwin.reg .....
regedit /s c:/dosforwin.reg
echo .. dosforwin.reg ....
del c:/dosforwin.reg
echo ==============================================================
echo .
echo ===============================================================
echo ..Remote Registry Service...........
echo .........
echo .
echo Windows Registry Editor Version 5.00> c:/regedit.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/RemoteRegistry]>> c:/regedit.reg
echo "Start"=dword:00000004>> c:/regedit.reg
echo .
echo .. regedit.reg .....
regedit /s c:/regedit.reg
echo .
echo ......
del c:/regedit.reg
echo ===============================================================
echo ..Messenger.......
echo .........
echo Windows Registry Editor Version 5.00> c:/message.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Messenger]>> c:/message.reg
echo "Start"=dword:00000004>> c:/message.reg
echo .
echo .. message.reg .....
regedit /s c:/message.reg
echo .
echo .. message.reg
del c:/message.reg
echo ===============================================================
echo ===============================================================
echo ..lanmanserver.......
echo .........
echo Windows Registry Editor Version 5.00> c:/lanmanserver.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/lanmanserver]>> c:/lanmanserver.reg
echo "Start"=dword:00000004>> c:/lanmanserver.reg
echo .
echo .. lanmanserver.reg .....
regedit /s c:/lanmanserver.reg
echo .
echo .. lanmanserver.reg
del c:/lanmanserver.reg
echo ==============================================================
echo ...TCP/IP NetBIOS Helper Service
echo .........
echo Windows Registry Editor Version 5.00> c:/netbios.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/LmHosts]>> c:/netbios.reg
echo "Start"=dword:00000004>> c:/netbios.reg
echo .
echo .. netbios.reg .....
regedit /s c:/netbios.reg
echo .
echo .. netbios.reg
del c:/netbios.reg
regedit /s forddos.reg
第二个
复制代码 代码如下:
echo.
echo ------------------------------------------------------
echo.
echo ...........
echo.
net share c$ /delete
net share d$ /delete
net share e$ /delete
net share f$ /delete
net share admin$ /delete
net share ipc$ /delete
net stop Server
net start Server
echo.
echo ..........
echo.
echo ------------------------------------------------------
echo.
echo .................
echo.
echo .. delshare.reg .......
echo Windows Registry Editor Version 5.00> c:/delshare.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/lanmanserver/parameters]>> c:/delshare.reg
echo "AutoShareWks"=dword:00000000>> c:/delshare.reg
echo "AutoShareServer"=dword:00000000>> c:/delshare.reg
echo .. delshare.reg .....
regedit /s c:/delshare.reg
echo .. delshare.reg ....
del c:/delshare.reg
echo .
echo ........
echo .
echo =========================================================
echo .
echo .....................dos....
echo .
echo .........
echo Windows Registry Editor Version 5.00> c:/dosforwin.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters]>> c:/dosforwin.reg
echo "EnableICMPRedirect"=dword:00000000>> c:/dosforwin.reg
echo "DeadGWDetectDefault"=dword:00000001>> c:/dosforwin.reg
echo "DontAddDefaultGatewayDefault"=dword:00000000>> c:/dosforwin.reg
echo "EnableSecurityFilters"=dword:00000000">> c:/dosforwin.reg
echo "AllowUnqualifiedQuery"=dword:00000000>> c:/dosforwin.reg
echo "PrioritizeRecordData"=dword:00000001>> c:/dosforwin.reg
echo "ReservedPorts"=hex(7):31,00,34,00,33,00,33,00,2d,00,31,00,34,00,33,00,34,00,/>> c:/dosforwin.reg
echo 00,00,00,00>> c:/dosforwin.reg
echo "SynAttackProtect"=dword:00000002>> c:/dosforwin.reg
echo "EnablePMTUDiscovery"=dword:00000000>> c:/dosforwin.reg
echo "NoNameReleaseOnDemand"=dword:00000001>> c:/dosforwin.reg
echo "EnableDeadGWDetect"=dword:00000000>> c:/dosforwin.reg
echo "KeepAliveTime"=dword:00300000>> c:/dosforwin.reg
echo "PerformRouterDiscovery"=dword:00000000>> c:/dosforwin.reg
echo "EnableICMPRedirects"=dword:00000000>> c:/dosforwin.reg
echo .......
echo ==========================================================
echo .. dosforwin.reg .....
regedit /s c:/dosforwin.reg
echo .. dosforwin.reg ....
del c:/dosforwin.reg
echo ==============================================================
echo .
echo ..........(......................).
echo .
echo ..telnet,......telnet.
echo ..........
echo Windows Registry Editor Version 5.00> c:/telnet.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/TlntSvr]>> c:/telnet.reg
echo "Start"=dword:00000004>> c:/telnet.reg
echo .
echo .. telnet.reg .....
regedit /s c:/telnet.reg
echo .
echo .. telnet.reg ....
del c:/telnet.reg
echo .
echo ===============================================================
echo ..Remote Registry Service...........
echo .........
echo .
echo Windows Registry Editor Version 5.00> c:/regedit.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/RemoteRegistry]>> c:/regedit.reg
echo "Start"=dword:00000004>> c:/regedit.reg
echo .
echo .. regedit.reg .....
regedit /s c:/regedit.reg
echo .
echo ......
del c:/regedit.reg
echo ===============================================================
echo ..Messenger.......
echo .........
echo Windows Registry Editor Version 5.00> c:/message.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Messenger]>> c:/message.reg
echo "Start"=dword:00000004>> c:/message.reg
echo .
echo .. message.reg .....
regedit /s c:/message.reg
echo .
echo .. message.reg
del c:/message.reg
===============================================================
echo ..Telephony......
echo ....
echo Windows Registry Editor Version 5.00> c:/Telephony.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/TapiSrv]>> c:/Telephony.reg
echo "Start"=dword:00000004>> c:/Telephony.reg
echo .
echo .. Telephony.reg
regedit /s c:/Telephony.reg
del c:/Telephony.reg
echo ==============================================================
echo ...TCP/IP NetBIOS Helper Service
echo .........
echo Windows Registry Editor Version 5.00> c:/netbios.reg
echo [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/LmHosts]>> c:/netbios.reg
echo "Start"=dword:00000004>> c:/netbios.reg
echo .
echo .. netbios.reg .....
regedit /s c:/netbios.reg
echo .
echo .. netbios.reg
del c:/netbios.reg
echo ===============================================================
echo ===============================================================
echo powered by 冬虫草
echo sleepboy82@hotmail.com
echo Jooline Services Set
goto :END
上面的文件下载地址
