上一篇
下一篇
WIN2003服务器安全配置(三)
作者:刚子 日期:2008-12-14
这是一个脚本,不熟悉者勿用
程序代码
程序代码@echo off
ECHO.
ECHO.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHo.
ECHo 你现在使用世界网络教研室整理的"一建做安全"脚本
ECHo.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHO.
ECHO.
ECHO. -------------------------------------------------------------------------
ECHo 请按提示操作备份好注册表,否则修改后无法还原,本人不负责.
ECHO.
ECHO YES=next set NO=exit (this time 30 Second default for n)
ECHO. -------------------------------------------------------------------------
CHOICE /T 30 /C yn /D n
if errorlevel 2 goto end
if errorlevel 1 goto next
:next
if EXIST backup (echo.)else md backup
if EXIST temp (rmdir /s/q temp|md temp) else md temp
if EXIST backup\backupkey.reg (move backup\backupkey.reg backup\backupkey_old.reg ) else goto run
:run
regedit /e temp\backup-reg1.key1 "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\"
regedit /e temp\backup-reg2.key2 "HKEY_CLASSES_ROOT\"
copy /b /y /v temp\backup-reg1.key1+temp\backup-reg2.key2 backup\backupkey.reg
if exist backup\wshom.ocx (echo 备份已存在) else copy /v/y %SystemRoot%\System32\wshom.ocx backup\wshom.ocx
if exist backup\shell32.dll (echo 备份已存在) else copy /v/y %SystemRoot%\system32\shell32.dll backup\shell32.dll
ECHO 备份已经完成
ECHO.
goto next2
:next2
ECHO.
ECHO. -------------------------------------------------------------------
ECHo 修改权限system32目录中不安全的几个exe文件,改为只有Administrators才有权限运行
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. -------------------------------------------------------------------
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next3
if errorlevel 1 goto next21
:next21
xcacls.exe %SystemRoot%\system32\net.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\net1.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\cmd.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\tftp.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\netstat.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\regedit.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\at.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\attrib.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\cacls.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\fortmat.com /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\secedit.exe /t /g Administrators:F /y /C
echo "虚拟主机C盘权限设定"
echo "删除C盘的everyone的权限"
cd/
cacls "%SystemDrive%" /r "everyone" /e
cacls "%SystemRoot%" /r "everyone" /e
cacls "%SystemRoot%/Registration" /r "everyone" /e
cacls "%SystemDrive%/Documents and Settings" /r "everyone" /e
echo "删除C盘的所有的users的访问权限"
cacls "%SystemDrive%" /r "users" /e
cacls "%SystemDrive%/Program Files" /r "users" /e
cacls "%SystemDrive%/Documents and Settings" /r "users" /e
cacls "%SystemRoot%" /r "users" /e
cacls "%SystemRoot%/addins" /r "users" /e
cacls "%SystemRoot%/AppPatch" /r "users" /e
cacls "%SystemRoot%/Connection Wizard" /r "users" /e
cacls "%SystemRoot%/Debug" /r "users" /e
cacls "%SystemRoot%/Driver Cache" /r "users" /e
cacls "%SystemRoot%/Help" /r "users" /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /r "users" /e
cacls "%SystemRoot%/java" /r "users" /e
cacls "%SystemRoot%/msagent" /r "users" /e
cacls "%SystemRoot%/mui" /r "users" /e
cacls "%SystemRoot%/repair" /r "users" /e
cacls "%SystemRoot%/Resources" /r "users" /e
cacls "%SystemRoot%/security" /r "users" /e
cacls "%SystemRoot%/system" /r "users" /e
cacls "%SystemRoot%/TAPI" /r "users" /e
cacls "%SystemRoot%/Temp" /r "users" /e
cacls "%SystemRoot%/twain_32" /r "users" /e
cacls "%SystemRoot%/Web" /r "users" /e
cacls "%SystemRoot%/system32/3com_dmi" /r "users" /e
cacls "%SystemRoot%/system32/administration" /r "users" /e
cacls "%SystemRoot%/system32/Cache" /r "users" /e
cacls "%SystemRoot%/system32/CatRoot2" /r "users" /e
cacls "%SystemRoot%/system32/Com" /r "users" /e
cacls "%SystemRoot%/system32/config" /r "users" /e
cacls "%SystemRoot%/system32/dhcp" /r "users" /e
cacls "%SystemRoot%/system32/drivers" /r "users" /e
cacls "%SystemRoot%/system32/export" /r "users" /e
cacls "%SystemRoot%/system32/icsxml" /r "users" /e
cacls "%SystemRoot%/system32/lls" /r "users" /e
cacls "%SystemRoot%/system32/LogFiles" /r "users" /e
cacls "%SystemRoot%/system32/MicrosoftPassport" /r "users" /e
cacls "%SystemRoot%/system32/mui" /r "users" /e
cacls "%SystemRoot%/system32/oobe" /r "users" /e
cacls "%SystemRoot%/system32/ShellExt" /r "users" /e
cacls "%SystemRoot%/system32/wbem" /r "users" /e
echo "添加iis_wpg的访问权限"
cacls "%SystemRoot%" /g iis_wpg:r /e
cacls "%SystemDrive%/Program Files/Common Files" /g iis_wpg:r /e
cacls "%SystemRoot%/Downloaded Program Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Help" /g iis_wpg:c /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Offline Web Pages" /g iis_wpg:c /e
cacls "%SystemRoot%/System32" /g iis_wpg:c /e
cacls "%SystemRoot%/WinSxS" /g iis_wpg:c /e
cacls "%SystemRoot%/WinSxS" /r "users" /e
cacls "%SystemRoot%/Tasks" /g iis_wpg:c /e
cacls "%SystemRoot%/Temp" /g iis_wpg:c /e
cacls "%SystemRoot%/Web" /g iis_wpg:c /e
echo "添加iis_wpg的访问权限[.net专用]"
cacls "%SystemRoot%/Assembly" /g iis_wpg:c /e
cacls "%SystemRoot%/Microsoft.NET" /g iis_wpg:c /e
echo "添加iis_wpg的访问权限[装了MACFEE的软件专用]"
cacls "%SystemDrive%/Program Files/Network Associates" /g iis_wpg:r /e
echo "添加users的访问权限"
cacls "%SystemRoot%/temp" /g users:c /e
goto next3
:next3
ECHO.
ECHO.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHo.
ECHo 你现在使用世界网络教研室整理的"一建做安全"脚本
ECHo.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHO.
ECHO.
ECHO. -------------------------------------------------------------------------
ECHo 请按提示操作备份好注册表,否则修改后无法还原,本人不负责.
ECHO.
ECHO YES=next set NO=exit (this time 30 Second default for n)
ECHO. -------------------------------------------------------------------------
CHOICE /T 30 /C yn /D n
if errorlevel 2 goto end
if errorlevel 1 goto next
:next
if EXIST backup (echo.)else md backup
if EXIST temp (rmdir /s/q temp|md temp) else md temp
if EXIST backup\backupkey.reg (move backup\backupkey.reg backup\backupkey_old.reg ) else goto run
:run
regedit /e temp\backup-reg1.key1 "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\"
regedit /e temp\backup-reg2.key2 "HKEY_CLASSES_ROOT\"
copy /b /y /v temp\backup-reg1.key1+temp\backup-reg2.key2 backup\backupkey.reg
if exist backup\wshom.ocx (echo 备份已存在) else copy /v/y %SystemRoot%\System32\wshom.ocx backup\wshom.ocx
if exist backup\shell32.dll (echo 备份已存在) else copy /v/y %SystemRoot%\system32\shell32.dll backup\shell32.dll
ECHO 备份已经完成
ECHO.
goto next2
:next2
ECHO.
ECHO. -------------------------------------------------------------------
ECHo 修改权限system32目录中不安全的几个exe文件,改为只有Administrators才有权限运行
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. -------------------------------------------------------------------
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next3
if errorlevel 1 goto next21
:next21
xcacls.exe %SystemRoot%\system32\net.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\net1.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\cmd.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\tftp.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\netstat.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\regedit.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\at.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\attrib.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\cacls.exe /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\fortmat.com /t /g Administrators:F /y /C
xcacls.exe %SystemRoot%\system32\secedit.exe /t /g Administrators:F /y /C
echo "虚拟主机C盘权限设定"
echo "删除C盘的everyone的权限"
cd/
cacls "%SystemDrive%" /r "everyone" /e
cacls "%SystemRoot%" /r "everyone" /e
cacls "%SystemRoot%/Registration" /r "everyone" /e
cacls "%SystemDrive%/Documents and Settings" /r "everyone" /e
echo "删除C盘的所有的users的访问权限"
cacls "%SystemDrive%" /r "users" /e
cacls "%SystemDrive%/Program Files" /r "users" /e
cacls "%SystemDrive%/Documents and Settings" /r "users" /e
cacls "%SystemRoot%" /r "users" /e
cacls "%SystemRoot%/addins" /r "users" /e
cacls "%SystemRoot%/AppPatch" /r "users" /e
cacls "%SystemRoot%/Connection Wizard" /r "users" /e
cacls "%SystemRoot%/Debug" /r "users" /e
cacls "%SystemRoot%/Driver Cache" /r "users" /e
cacls "%SystemRoot%/Help" /r "users" /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /r "users" /e
cacls "%SystemRoot%/java" /r "users" /e
cacls "%SystemRoot%/msagent" /r "users" /e
cacls "%SystemRoot%/mui" /r "users" /e
cacls "%SystemRoot%/repair" /r "users" /e
cacls "%SystemRoot%/Resources" /r "users" /e
cacls "%SystemRoot%/security" /r "users" /e
cacls "%SystemRoot%/system" /r "users" /e
cacls "%SystemRoot%/TAPI" /r "users" /e
cacls "%SystemRoot%/Temp" /r "users" /e
cacls "%SystemRoot%/twain_32" /r "users" /e
cacls "%SystemRoot%/Web" /r "users" /e
cacls "%SystemRoot%/system32/3com_dmi" /r "users" /e
cacls "%SystemRoot%/system32/administration" /r "users" /e
cacls "%SystemRoot%/system32/Cache" /r "users" /e
cacls "%SystemRoot%/system32/CatRoot2" /r "users" /e
cacls "%SystemRoot%/system32/Com" /r "users" /e
cacls "%SystemRoot%/system32/config" /r "users" /e
cacls "%SystemRoot%/system32/dhcp" /r "users" /e
cacls "%SystemRoot%/system32/drivers" /r "users" /e
cacls "%SystemRoot%/system32/export" /r "users" /e
cacls "%SystemRoot%/system32/icsxml" /r "users" /e
cacls "%SystemRoot%/system32/lls" /r "users" /e
cacls "%SystemRoot%/system32/LogFiles" /r "users" /e
cacls "%SystemRoot%/system32/MicrosoftPassport" /r "users" /e
cacls "%SystemRoot%/system32/mui" /r "users" /e
cacls "%SystemRoot%/system32/oobe" /r "users" /e
cacls "%SystemRoot%/system32/ShellExt" /r "users" /e
cacls "%SystemRoot%/system32/wbem" /r "users" /e
echo "添加iis_wpg的访问权限"
cacls "%SystemRoot%" /g iis_wpg:r /e
cacls "%SystemDrive%/Program Files/Common Files" /g iis_wpg:r /e
cacls "%SystemRoot%/Downloaded Program Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Help" /g iis_wpg:c /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Offline Web Pages" /g iis_wpg:c /e
cacls "%SystemRoot%/System32" /g iis_wpg:c /e
cacls "%SystemRoot%/WinSxS" /g iis_wpg:c /e
cacls "%SystemRoot%/WinSxS" /r "users" /e
cacls "%SystemRoot%/Tasks" /g iis_wpg:c /e
cacls "%SystemRoot%/Temp" /g iis_wpg:c /e
cacls "%SystemRoot%/Web" /g iis_wpg:c /e
echo "添加iis_wpg的访问权限[.net专用]"
cacls "%SystemRoot%/Assembly" /g iis_wpg:c /e
cacls "%SystemRoot%/Microsoft.NET" /g iis_wpg:c /e
echo "添加iis_wpg的访问权限[装了MACFEE的软件专用]"
cacls "%SystemDrive%/Program Files/Network Associates" /g iis_wpg:r /e
echo "添加users的访问权限"
cacls "%SystemRoot%/temp" /g users:c /e
goto next3
:next3
文章来自: 
引用通告: 
Tags: 评论: 0 | 引用: 0 | 查看次数: -
发表评论