[转载]青云服务器安全设置器1.9.4源码发布

bear

首席元老

管理员

Rank: 12

官方管理员

发短消息
加为好友
当前离线

1楼大中小发表于 2007-12-21 12:33 只看该作者

[转载]青云服务器安全设置器1.9.4源码发布

服务器要求：所有盘符必须为NTFS磁盘格式，服务器以前没有设置过权限类的设置，新装好的服务器系统最佳！如以前设置过权限了请先看清楚批处理内容里都设了哪些地方，如果有你已经设置过的地方直接删除不用重复再设就可以了，一般重复设也没有问题的！

　　使用方法：解压后直接运行ThecSafe.bat即可，里面的选项可以按你的需要来设置！

　　其他安全设置：

　　Serv-U的设置很简单，改下默认的管理密码再给专用管理账户就可以了，SQL2000也是，给普通用户管理权限并把危险的存储过程删除即可完美解决安全问题！这些都加不到批处理里面，因为用命令无法控制和每个人的服务器环境都不一样，所以没法统一加入让大家使用，按我说的操作保证绝对安全！

　　我们的目标是努力打造绝对安全稳定的服务器纯静运行环境！

　　下载地址如下:

　　http://a.thec.cn/fhcmail/ThecSafe1.9.4.rar

　　好了不费话了,核心源码内容如下:

=========================================================
@Echo Off
TITLE  常来网服务器高级安全设置器

:start
CLS
COLOR 1f
Rem 使用COLOR命令对控制台输出颜色进行更改
MODE con: COLS=32 LINES=21
Rem MODE语句为设定窗体的宽和高
Set tm1=%time:~0,2%
Set tm2=%time:~3,2%
Set tm3=%time:~6,2%
Echo %date% %tm1%点%tm2%分%tm3%秒
Echo ================================
Echo 请选择要进行的操作，然后按回车
Echo ───────────────
Echo.
Echo A. 一键搞定/全自动设置服务器
Echo 0. 清理系统垃圾文件
Echo 1. 给系统危险文件设置权限
Echo 2. 给系统危险文件夹设置权限
Echo 3. 系统服务优化
Echo 4. 注册表危险组件删除
Echo 5. 防DDOS洪水攻击处理
Echo 6. 导入常来网专用安全策略
Echo 7. 重启IIS使设置生效
Echo 8. 刷新当前时间
Echo 9. 锁定计算机
Echo L. 注销当前用户
Echo Q. 退出安全设置器
Echo.

:cho
Set Choice=
Set /P Choice=选择:
Rem 设定变量"Choice"为用户输入的字符
If Not "%Choice%"=="" Set Choice=%Choice:~0,1%
Rem 如果输入大于1位,取第1位,比如输入132,则返回值为1
Echo.
If /I "%Choice%"=="A" Goto Auto
If /I "%Choice%"=="0" Goto Clear
If /I "%Choice%"=="1" Goto SetFile
If /I "%Choice%"=="2" Goto SetFolder
If /I "%Choice%"=="3" Goto Service
If /I "%Choice%"=="4" Goto Reg
If /I "%Choice%"=="5" Goto Ddos
If /I "%Choice%"=="6" Goto Ipsec
If /I "%Choice%"=="7" Goto restartiis
If /I "%Choice%"=="8" Goto start
If /I "%Choice%"=="9" Goto lock
If /I "%Choice%"=="L" Goto logoff
If /I "%Choice%"=="Q" Goto End
Rem 为避免出现返回值为空或含空格而导致程序异常,需在变量外另加双引号
Rem 注意,If语句需要双等于号
Rem 如果输入的字符不是以上数字,将返回重新输入
Echo 选择无效，请重新输入
Echo.
Goto cho

:Clear
CLS
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Echo 正在清理系统垃圾文件，请稍等......
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %systemdrive%\*._mp
del /f /s /q %systemdrive%\*.gid
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\*.old
del /f /s /q %systemdrive%\recycled\*.*
del /f /s /q %windir%\*.bak
del /f /s /q %windir%\prefetch\*.*
del /f /s /q %windir%\temp\*.*
del /f /s /q %userprofile%\cookies\*.*
del /f /s /q %userprofile%\recent\*.*
del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*"
del /f /s /q "%userprofile%\Local Settings\Temp\*.*"
del /f /s /q "%userprofile%\recent\*.*"

Echo 清理系统垃圾完成! 请按任意键返回并选1继续...
PAUSE >nul
Goto start

:SetFile
CLS
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Rem 删除系统危险文件的访问权限，只留管理组成员

cscript.exe xcacls.vbs "%SystemDrive%/boot.ini" /G Administrators:F
cscript.exe xcacls.vbs "%SystemDrive%/boot.ini" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemDrive%/AUTOEXEC.BAT" /G Administrators:F
cscript.exe xcacls.vbs "%SystemDrive%/AUTOEXEC.BAT" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemDrive%/Program Files/Internet Explorer/iexplore.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemDrive%/Program Files/Internet Explorer/iexplore.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/net.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/net.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/net1.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/net1.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/cmd.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/cmd.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/ftp.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/ftp.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/scrrun.dll" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/scrrun.dll" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/shell.dll" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/shell.dll" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/netstat.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/netstat.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/regedit.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/regedit.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/secedit.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/secedit.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/gpresult.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/gpresult.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/gpupdate.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/gpupdate.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/at.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/at.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/attrib.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/attrib.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/format.com" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/format.com" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/logoff.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/logoff.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/shutdown.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/shutdown.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/telnet.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/telnet.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/wscript.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/wscript.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/doskey.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/doskey.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/help.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/help.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/ipconfig.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/ipconfig.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/nbtstat.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/nbtstat.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/print.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/print.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/xcopy.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/xcopy.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/edit.com" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/edit.com" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/regedt32.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/regedt32.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/reg.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/reg.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/register.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/register.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/replace.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/replace.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/nwscript.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/nwscript.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/share.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/share.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/ping.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/ping.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/ipsec6.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/ipsec6.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/netsh.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/netsh.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/debug.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/debug.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/route.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/route.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/tracert.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/tracert.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/powercfg.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/powercfg.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/nslookup.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/nslookup.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/arp.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/arp.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/rsh.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/rsh.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/netdde.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/netdde.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/mshta.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/mshta.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/mountvol.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/mountvol.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/tftp.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/tftp.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/setx.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/setx.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/find.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/find.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/finger.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/finger.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/where.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/where.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/regsvr32.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/regsvr32.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/cacls.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/cacls.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/sc.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/sc.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/shadow.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/shadow.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/runas.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/runas.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/wshom.ocx" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/wshom.ocx" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/wshext.dll" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/wshext.dll" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/shell32.dll" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/shell32.dll" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/zipfldr.dll" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/zipfldr.dll" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/PCHealth/HelpCtr/Binaries/msconfig.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/PCHealth/HelpCtr/Binaries/msconfig.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/notepad.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/notepad.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/regedit.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/regedit.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/winhelp.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/winhelp.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/winhlp32.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/winhlp32.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/notepad.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/notepad.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/edlin.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/edlin.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/posix.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/posix.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/atsvc.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/atsvc.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/qbasic.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/qbasic.exe" /G Administrators:F

cscript.exe xcacls.vbs "%SystemRoot%/system32/runonce.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/runonce.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/syskey.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/syskey.exe" /D Guests:F /E

cscript.exe xcacls.vbs "%SystemRoot%/system32/cscript.exe" /G Administrators:F
cscript.exe xcacls.vbs "%SystemRoot%/system32/cscript.exe" /D Guests:F /E

Echo 给系统危险文件设置权限设定完毕! 请按任意键返回并选2继续...
PAUSE >nul
Goto start

:SetFolder
CLS
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Rem 删除C盘所有的Everone权限
cd/

cscript.exe xcacls.vbs "%SystemDrive%" /r "Everyone" /e
cscript.exe xcacls.vbs "%SystemRoot%" /r "Everyone" /e
@REM "cscript.exe xcacls.vbs "%SystemRoot%/Registration" /r "Everyone" /e " 这个不能去Everyone权限
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings" /r "Everyone" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users" /r "Everyone" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Documents"  /r "Everyone" /e
cscript.exe xcacls.vbs "%SystemDrive%/Inetpub/wwwroot/aspnet_client"  /r "Everyone" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft"  /r "Everyone" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft/HTML Help"  /r "Everyone" /e

Rem 删除C盘所有的CREATOR OWNER权限
cd/

cscript.exe xcacls.vbs "%SystemRoot%" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemDrive%" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemRoot%/repair" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/wbem" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/config" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemDrive%/Program Files" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemDrive%/Program Files/WindowsUpdate" /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Documents"  /r "CREATOR OWNER" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data"  /r "CREATOR OWNER" /e

Rem 删除C盘所有的Power Users权限
cd/

cscript.exe xcacls.vbs "%SystemRoot%" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemRoot%/repair" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/wbem" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/config" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Program Files" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Program Files/WindowsUpdate" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users" /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Documents"  /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data"  /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft"  /r "Power Users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft/HTML Help"  /r "Power Users" /e

Rem 删除C盘所有的TERMINAL SERVER USER权限
cd/

cscript.exe xcacls.vbs "%SystemDrive%/Program Files" /r "TERMINAL SERVER USER" /e

Rem 添加Guests组拒绝权限[IUSR_XXX或某个虚拟主机用户组禁止列目录,可有效防止FSO类木马]
cd/

cscript.exe xcacls.vbs "%SystemDrive%/Program Files" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/repair" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/system32" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/system32/config" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/system32/inetsrv" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/system32/inetsrv/MetaBack" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/system32/inetsrv/ASP Compiled Templates" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/IIS Temporary Compressed Files" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/Microsoft.NET/Framework/v1.1.4322/Temporary ASP.NET Files" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemRoot%/Microsoft.NET/Framework/v2.0.50727/Temporary ASP.NET Files" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft/Crypto/DSS/achineKeys" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft/Crypto/RSA/MachineKeys" /D Guests:1;1 /E
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data/Microsoft/HTML Help" /D Guests:1;1 /E

Rem 删除C盘的所有的users的访问权限
cd/

cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users" /r "users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Documents"  /r "users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings/All Users/Application Data"  /r "users" /e
cscript.exe xcacls.vbs "%SystemDrive%" /r "users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Program Files" /r "users" /e
cscript.exe xcacls.vbs "%SystemDrive%/Documents and Settings" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/addins" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/AppPatch" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/Connection Wizard" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/Debug" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/Driver Cache" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/Help" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/IIS Temporary Compressed Files" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/java" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/msagent" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/mui" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/repair" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/Resources" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/security" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/TAPI" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/twain_32" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/Web" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/3com_dmi" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/administration" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/Cache" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/CatRoot2" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/Com" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/config" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/dhcp" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/drivers" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/export" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/icsxml" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/lls" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/LogFiles" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/MicrosoftPassport" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/mui" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/oobe" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/system32/ShellExt" /r "users" /e
@Rem cscript.exe xcacls.vbs "%SystemRoot%/system32/wbem" /r "users" /e 这里影响.NET程序的正常运行,所以去掉!

Rem 添加IIS_WPG的访问权限
cscript.exe xcacls.vbs "%SystemDrive%" /g IIS_WPG:;b468 /e
cscript.exe xcacls.vbs "%SystemRoot%" /g IIS_WPG:b1468;b1468 /e
cscript.exe xcacls.vbs "%SystemDrive%/Program Files" /g IIS_WPG:r /e
cscript.exe xcacls.vbs "%SystemRoot%/Downloaded Program Files" /g IIS_WPG:c /e
cscript.exe xcacls.vbs "%SystemRoot%/Help" /g IIS_WPG:c /e
cscript.exe xcacls.vbs "%SystemRoot%/IIS Temporary Compressed Files" /g IIS_WPG:c /e
cscript.exe xcacls.vbs "%SystemRoot%/Offline Web Pages" /g IIS_WPG:c /e
cscript.exe xcacls.vbs "%SystemRoot%/System32" /g IIS_WPG:c /e
cscript.exe xcacls.vbs "%SystemRoot%/Tasks" /g IIS_WPG:c /e
cscript.exe xcacls.vbs "%SystemRoot%/Web" /g IIS_WPG:c /e

Rem 添加iis_wpg的访问权限[装了MACFEE的软件专用]
Rem cscript.exe xcacls.vbs "%SystemDrive%/Program Files/Network Associates" /g IIS_WPG:r /e

Rem 添加users的访问权限
cscript.exe xcacls.vbs "%SystemRoot%/temp" /g Everyone:m /e
cscript.exe xcacls.vbs "%SystemDrive%/Program Files/Common Files" /g Users:r /e
cscript.exe xcacls.vbs "%SystemRoot%/Microsoft.NET/Framework" /g users:b1468;b1468 /e

Rem 禁止[列出文件夹 / 读取数据]此权限出现
Rem -------------------------------------------
Rem 添加Users的访问权限[装了PHP的服务器专用]
cscript.exe xcacls.vbs "C:\php5" /g users:b468;b468 /e
cscript.exe xcacls.vbs "%SystemRoot%/system32" /r "users" /e
cscript.exe xcacls.vbs "%SystemRoot%/System32" /g users:b468;b468 /e
Rem -------------------------------------------

Rem 删除C盘Windows下的所有的危险文件夹

attrib %SystemRoot%/Web/printers -s -r -h
del %SystemRoot%\Web\printers\*.* /s /q /f
rd %SystemRoot%\Web\printers /s /q

attrib %SystemRoot%\Help\iisHelp -s -r -h
del %SystemRoot%\Help\iisHelp\*.* /s /q /f
rd %SystemRoot%\Help\iisHelp /s /q

attrib %SystemRoot%\system32\inetsrv\iisadmpwd -s -r -h
del %SystemRoot%\system32\inetsrv\iisadmpwd\*.* /s /q /f
rd %SystemRoot%\system32\inetsrv\iisadmpwd /s /q

Echo 给系统危险文件夹设置权限设定完毕! 请按任意键返回并选3继续...
PAUSE >nul
Goto start

:Reg
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Rem 注册表相关设定

reg delete HKEY_CLASSES_ROOT\WScript.Shell /f

reg delete HKEY_CLASSES_ROOT\WScript.Shell.1 /f

reg delete HKEY_CLASSES_ROOT\Shell.application /f

reg delete HKEY_CLASSES_ROOT\Shell.application.1 /f

reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK /f

reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK.1 /f

regsvr32 /s /u wshom.ocx

regsvr32 /s /u wshext.dll

regsvr32 /s /u shell32.dll

Echo 注册表危险组件删除设定完毕! 请按任意键返回并选5继续...
PAUSE >nul
Goto start

dos
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Rem 防DDOS洪水攻击处理

reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoRecentDocsMenu /t REG_BINARY /d "01 00 00 00" /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoRecentDocsHistory /t REG_BINARY /d "01 00 00 00" /f
reg add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DontDisplayLastUserName /t REG_SZ /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /v restrictanonymous /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters" /v AutoShareServer /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters" /v AutoShareWks /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableICMPRedirect /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v KeepAliveTime /t REG_DWORD /d "0x000927c0" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v SynAttackProtect /t REG_DWORD /d "00000002" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxHalfOpen /t REG_DWORD /d "0x000001f4" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxHalfOpenRetried /t REG_DWORD /d "00000190" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxConnectResponseRetransmissions /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxDataRetransmissions /t REG_DWORD /d "00000003" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TCPMaxPortsExhausted /t REG_DWORD /d "00000005" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v DisableIPSourceRouting /t REG_DWORD /d "00000002" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpTimedWaitDelay /t REG_DWORD /d "0x0000001e" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpNumConnections /t REG_DWORD /d "0x00004e20" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnablePMTUDiscovery /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v NoNameReleaseOnDemand /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableDeadGWDetect /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v PerformRouterDiscovery /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableICMPRedirects /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v BacklogIncrement /t REG_DWORD /d "00000005" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v MaxConnBackLog /t REG_DWORD /d "0x000007d0" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v EnableDynamicBacklog /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v MinimumDynamicBacklog /t REG_DWORD /d "00000014" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v MaximumDynamicBacklog /t REG_DWORD /d "00007530" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v DynamicBacklogGrowthDelta /t REG_DWORD /d "0x0000000a" /f

Rem 关闭445端口
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v SMBDeviceEnabled /t REG_DWORD /d "00000000" /f

Rem 关闭135端口
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole" /v EnableDCOM /t REG_SZ /d "N" /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc" /v "DCOM Protocols" /t REG_MULTI_SZ /d "" /f

Rem 禁止dump file的产生和删除现有MEMORY.DMP文件
Rem dump文件在系统崩溃和蓝屏的时候是一份很有用的查找问题的资料。然而，它也能够给黑客提供一些敏感信息比如一些应用程序的密码等。

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl" /v CrashDumpEnabled /t REG_DWORD  /d 00000000 /f

attrib %SystemRoot%\MEMORY.DMP -s -r -h
del %SystemRoot%\MEMORY.DMP /s /q /f

Echo 防DDOS洪水攻击处理完毕! 请按任意键返回并选6继续...
PAUSE >nul
Goto start

:Ipsec
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Rem 导入常来网专用IP安全策略

netsh ipsec static importpolicy ThecSafe.ipsec
netsh ipsec static set policy name="常来网专用安全策略" assign=y

Rem 导入常来网专用组策略
secedit /configure /db ThecSafe.sdb /cfg ThecSafe.inf /quiet
del ThecSafe.sdb

Echo 导入常来网专用安全策略完毕! 请按任意键返回并选7继续...
PAUSE >nul
Goto start

:restartiis
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Rem 重启IIS使设置生效

iisreset.exe

Echo IIS服务重启完毕! 请按任意键返回并选其他操作继续...
PAUSE >nul
Goto start

:lock
rundll32.exe user32.dll,LockWorkStation
Goto start

:logoff
logoff

:End
Exit

附件: 您所在的用户组无法下载或查看附件

TOP

‹‹ 上一主题 | 下一主题 ››