@Echo off
title 中国服务器联盟 80safe.cn
MODE con: COLS=48 LINES=8
Rem 版权说明部分
COLOR 1f
Echo ***********************************************
Echo * 中国服务器联盟 www.80safe.cn *
Echo * 致力于国内服务器安全研究 *
Echo * 为拥有服务器的管理员提供一步到的安全预防 *
Echo * 版权所有 中国服务器联盟 甲壳虫 *
Echo * 新版本将采用应用程序开发,欢迎用户提宝贵意见*
Echo ***********************************************
PAUSE >nul
@Rem 安全设置部分开始
:menu
cls
title 服务器安全优化大师0.1版 80safe.cn
COLOR 1f
MODE con: COLS=38 LINES=20
Set tm1=%time:~0,2%
Set tm2=%time:~3,2%
Set tm3=%time:~6,2%
Echo %date% %tm1%点%tm2%分%tm3%秒
Echo *******************************
Echo 请选择要进行的操作,然后按回车
Echo _______________________________
echo 1.默认系统危险文件权限设置
echo 2.默认系统危险文件夹权限设置
echo 3.服务器系统服务优化
echo 4.注册表危险组件删除
Echo 5.简单DDOS洪水攻击处理
echo 6.修改IIS6.0的上传文件大小
echo 7.清理系统垃圾文件
Echo 8.IP安全策略设置
Echo 9.服务器安全设置生效
echo s.默认共享漏洞
Echo Q.退出服务器安全优化大师
Echo.
:menu2
set choice=
Set /P Choice= 请选择:
If Not "%Choice%"=="" Set Choice=%Choice:~0,1%
Rem 输入长度超过1位,取第1位,比如输入123,则返回值为1
Echo.
If /I "%Choice%"=="1" Goto File
If /I "%Choice%"=="2" Goto Folder
If /I "%Choice%"=="3" Goto Service
If /I "%Choice%"=="4" Goto Reg
If /I "%Choice%"=="5" Goto Ddos
If /I "%Choice%"=="6" Goto Annex
If /I "%Choice%"=="7" Goto clear
if /i "%Choice%"=="8" Goto Ipsec
if /i "%Choice%"=="9" Goto iis
if /i "%Choice%"=="s" Goto share
If /I "%Choice%"=="Q" Goto quit
Echo 选择无效,请重新输入
Echo.
Goto menu2
@rem 系统危险文件权限设置
:file
cls
MODE con: COLS=60 LINES=20
echo.
Echo 正在备份文件权限,请稍等......
%SystemRoot%/system32/cacls.exe "%SystemDrive%\boot.ini" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemDrive%\AUTOEXEC.BAT" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemDrive%\Program Files\Internet Explorer\iexplore.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\net.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\net1.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\cmd.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ftp.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\scrrun.dll" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shell.dll" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\netstat.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\regedit.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\secedit.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\gpupdate.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\at.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\attrib.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\format.com" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\logoff.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shutdown.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\telnet.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\wscript.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\doskey.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\help.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ipconfig.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\nbtstat.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\print.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\xcopy.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\edit.com" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\regedt32.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\reg.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\register.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\replace.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\nwscript.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\share.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ping.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ipsec6.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\netsh.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\debug.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\route.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\tracert.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\powercfg.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\powercfg.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\nslookup.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\arp.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\rsh.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\netdde.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\mshta.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\mountvol.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\tftp.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\setx.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\find.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\finger.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\where.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\regsvr32.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\%SystemRoot%\system32\cmd.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\sc.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shadow.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\runas.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\wshom.ocx" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\wshext.dll" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shell32.dll" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\zipfldr.dll" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\PCHealth\HelpCtr\Binaries\msconfig.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\notepad.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\regedit.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\winhelp.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\winhlp32.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\notepad.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\edlin.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\posix.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\atsvc.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\qbasic.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\runonce.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\syskey.exe" >>fileback.txt
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\cscript.exe" >>fileback.txt
Echo 文件权限备份完成! 文件权限设置开始执行......
PAUSE >nul
%SystemRoot%/system32/cacls.exe "%SystemDrive%\boot.ini" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemDrive%\AUTOEXEC.BAT" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemDrive%\Program Files\Internet Explorer\iexplore.exe" /c /e /r everyone guests users /P administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\net.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\net1.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\cmd.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ftp.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\scrrun.dll" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shell.dll" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\netstat.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\regedit.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\secedit.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\gpupdate.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\at.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\attrib.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\format.com" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\logoff.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shutdown.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\telnet.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\wscript.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\doskey.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\help.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ipconfig.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\nbtstat.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\print.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\xcopy.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\edit.com" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\regedt32.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\reg.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\register.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\replace.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\nwscript.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\share.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ping.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\ipsec6.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\netsh.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\debug.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\route.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\tracert.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\powercfg.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\powercfg.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\nslookup.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\arp.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\rsh.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\netdde.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\mshta.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\mountvol.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\tftp.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\setx.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\find.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\finger.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\where.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\regsvr32.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\%SystemRoot%\system32\cmd.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\sc.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shadow.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\runas.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\wshom.ocx" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\wshext.dll" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\shell32.dll" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\zipfldr.dll" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\PCHealth\HelpCtr\Binaries\msconfig.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\notepad.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\regedit.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\winhelp.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\winhlp32.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\notepad.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\edlin.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\posix.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\atsvc.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\qbasic.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\runonce.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\syskey.exe" /c /e /r everyone guests users /g system:f administrators:f
%SystemRoot%/system32/cacls.exe "%SystemRoot%\system32\cscript.exe" /c /e /r everyone guests users /g system:f administrators:f
Echo 设置完成! 按任意键返回主菜单...
PAUSE >nul
Goto menu
:Folder
Echo 正在备份文件夹权限,请稍等......
for %%c in (c: d: e: f: g: h: i: ) do %SystemRoot%\system32\cacls.exe "%%c">>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\AdminScripts" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\wwwroot" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\wwwroot\aspnet_client" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\「开始」菜单" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\\Documents and Settings\All Users\Application Data\Microsoft\HTML Help" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Cm" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Media Index" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\DRM" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Documents" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Common Files" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Common Files\Microsoft Shared\web server extensions" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Microsoft SQL Server\MSSQL" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Microsoft SQL Server" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "d:\Program Files\Microsoft SQL Server\MSSQL" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Outlook Express" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\RhinoSoft.com\Serv-U" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Windows Media Player" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Windows NT\Accessories" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\REPAIR" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\config" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\ASP Compiled Templates" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\iisadmpwd" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\MetaBack" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\ASP Compiled Templates" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\iisadmpwd" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\MetaBack" >>backFolder.txt
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\MetaBack" >>backFolder.txt
Echo 文件夹权限备份完成! 文件夹权限设置开始执行......
PAUSE >nul
for %%c in (c: d: e: f: g: h: i: ) do %SystemRoot%\system32\cacls.exe "%%c" /c /e /r "everyone" "guests" "users" /g "system":f "administrators":f "CREATOR OWNER":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\" /c /e /r "everyone" "guests" "users" /g "system":f "administrators":f "CREATOR OWNER":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\AdminScripts" /c /e /r "everyone" "guests" /g "system":f "administrators":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\wwwroot" /c /e /r "everyone" "guests" /g "system":f "administrators":f "IIS_WPG":r users:r
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Inetpub\wwwroot\aspnet_client" /c /e /r "everyone" "guests" /g "system":f "administrators":f "users":r
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings" /c /e /r "everyone" "guests" "users" /g "system":f "administrators":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users" /c /e /r "CREATOR OWNER" "everyone" "guests" /g "system":f "administrators":f "users":R
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\「开始」菜单" /c /e /r "everyone" "guests" "users" /g "system":f "administrators":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data" /c /e /r "administrator" "everyone" "guests" "Power users" /p "system":f "administrators":f "CREATOR OWNER":f "users":r
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data" /c /e /g "users":w
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft" /c /e /r "administrator" "everyone" "guests" "Power users" /p "system":f "administrators":f "users":r
rem 由于everyone 特殊权限无法用命令,请手动检查
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys" /c /e /r "administrator" "guests" "Power users" /p administrators:f
rem 由于everyone 特殊权限无法用命令,请手动检查
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys" /c /e /r "administrator" "guests" "Power users" /p administrators:f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\\Documents and Settings\All Users\Application Data\Microsoft\HTML Help" /c /e /r "administrator" "guests" "Power users" /p Administrators:f system:f users:f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Cm" /c /e /r "administrator" "guests" "Power users" /p Administrators:f system:f everyone:r
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader" /c /e /r "administrator" "guests" "Power users" /p Administrators:f system:f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Media Index" /c /e /r "administrator" "guests" "Power users" /p Administrators:f system:f users:r
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Application Data\Microsoft\Media Index" /c /e /g users:w
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\DRM" /c /e /r "administrator" "Power users" /p users:r /d guests
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Documents and Settings\All Users\Documents" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "creator owner":f "system":f
rem IUSR_XXX或某个虚拟主机用户组 希望自己设置权限 拒绝 /该文件夹,子文件夹及文件/<不是继承的>
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "creator owner":f "system":f "IIS_WPG":r
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Common Files" /c /e /r "administrator" "Power users" "guests" /p "administrators":f "creator owner":f "system":f "IIS_WPG":r "users":r
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Common Files\Microsoft Shared\web server extensions" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "creator owner":f "system":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Microsoft SQL Server\MSSQL" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Microsoft SQL Server" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F
rem Mssql 默认为d盘
%SystemRoot%\system32\cacls.exe "d:\Program Files\Microsoft SQL Server\MSSQL" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Outlook Express" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\RhinoSoft.com\Serv-U" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Windows Media Player" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F
%SystemRoot%\system32\cacls.exe "%SystemDrive%\Program Files\Windows NT\Accessories" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F
%SystemRoot%\system32\cacls.exe "%SystemRoot%" /c /e /r "administrator" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "USERS":R
%SystemRoot%\system32\cacls.exe "%SystemRoot%\REPAIR" /c /e /r "administrator" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "USERS":R
%SystemRoot%\system32\cacls.exe "%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "aspnet":R
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32" /c /e /r "administrator" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "users":R
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\config" /c /e /r "administrator" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "users":R
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv" /c /e /r "administrator" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "users":R
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\ASP Compiled Templates" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "IIS_WPG":F
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\iisadmpwd" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\MetaBack" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "users":r
%SystemRoot%\system32\cacls.exe "%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F "aspnet":R
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\ASP Compiled Templates" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "IIS_WPG":F
%SystemRoot%\system32\cacls.exe "%SystemRoot%\system32\inetsrv\iisadmpwd" /c /e /r "administrator" "users" "Power users" "guests" /p "administrators":f "CREATOR OWNER":F "SYSTEM":F
Echo 设置完成! 按任意键返回主菜单...
PAUSE >nul
Goto menu
:Service
net stop Alerter
sc config Alerter start= Disabled
net stop ALG
sc config ALG start= Disabled
net stop BITS
sc config BITS start= Disabled
net stop Browser
sc config Browser start= Disabled
net stop Dfs
sc config Dfs start= Disabled
net stop helpsvc
sc config helpsvc start= Disabled
net stop Messenger
sc config Messenger start= Disabled
net stop mnmsrvc
sc config mnmsrvc start= Disabled
sc stop Dhcp
sc config Dhcp start= Disabled
net stop Spooler
sc config Spooler start= Disabled
net stop RemoteRegistry
sc config RemoteRegistry start= Disabled
net stop Schedule
sc config Schedule start= Disabled
net stop LmHosts
sc config Nla start= DISABLED
sc stop Nla
sc config LmHosts start= Disabled
net stop Telnet
sc config Telnet start= Disabled
net stop Workstation
sc config Workstation start= Disabled
cls
Echo 设置完成! 按任意键返回主菜单...
PAUSE >nul
Goto menu
:Reg
@Rem 注册表相关设定
reg delete HKEY_CLASSES_ROOT\WScript.Shell /f
reg delete HKEY_CLASSES_ROOT\WScript.Shell.1 /f
reg delete HKEY_CLASSES_ROOT\Shell.application /f
reg delete HKEY_CLASSES_ROOT\Shell.application.1 /f
reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK /f
reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK.1 /f
regsvr32 /s /u %SystemRoot%\System32\wshom.ocx
regsvr32 /s /u %SystemRoot%\system32\shell32.dll
regsvr32 /s /u %SystemRoot%\System32\wshext.dll
echo 危险组件删除完毕! 请按任意键返回主菜单...
PAUSE >nul
Goto menu
:ddos
Echo 正在进行防DDOS(可抵御DDOS攻击2-3万包)洪水攻击设置,请稍等......
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoRecentDocsMenu /t REG_BINARY /d "01 00 00 00" /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoRecentDocsHistory /t REG_BINARY /d "01 00 00 00" /f
reg add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DontDisplayLastUserName /t REG_SZ /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /v restrictanonymous /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters" /v AutoShareServer /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters" /v AutoShareWks /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableICMPRedirect /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v KeepAliveTime /t REG_DWORD /d "0x000927c0" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v SynAttackProtect /t REG_DWORD /d "00000002" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxHalfOpen /t REG_DWORD /d "0x000001f4" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxHalfOpenRetried /t REG_DWORD /d "00000190" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxConnectResponseRetransmissions /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpMaxDataRetransmissions /t REG_DWORD /d "00000003" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TCPMaxPortsExhausted /t REG_DWORD /d "00000005" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v DisableIPSourceRouting /t REG_DWORD /d "00000002" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpTimedWaitDelay /t REG_DWORD /d "0x0000001e" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v TcpNumConnections /t REG_DWORD /d "0x00004e20" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnablePMTUDiscovery /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v NoNameReleaseOnDemand /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableDeadGWDetect /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v PerformRouterDiscovery /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableICMPRedirects /t REG_DWORD /d "00000000" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v BacklogIncrement /t REG_DWORD /d "00000005" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v MaxConnBackLog /t REG_DWORD /d "0x000007d0" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v EnableDynamicBacklog /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v MinimumDynamicBacklog /t REG_DWORD /d "00000014" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v MaximumDynamicBacklog /t REG_DWORD /d "00007530" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters" /v DynamicBacklogGrowthDelta /t REG_DWORD /d "0x0000000a" /f
Echo 防DDOS洪水攻击处理完毕! 返回主菜单...
PAUSE >nul
Goto menu
:share
Rem 删除IPC$空连接
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /v restrictanonymous /t REG_DWORD /d 00000001 /f
Rem 关闭135端口
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole" /v EnableDCOM /t REG_SZ /d "N" /f
@Rem 关闭445端口
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v SMBDeviceEnabled /t REG_DWORD /d "00000000" /f
@Rem 禁止dump file的产生和删除现有MEMORY.DMP文件
@Rem dump文件包含系统敏感信息以及出错信息。
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl" /v CrashDumpEnabled /t REG_DWORD /d 00000000 /f
attrib %SystemRoot%\MEMORY.DMP -R -H -S
del %SystemRoot%\MEMORY.DMP -R -H -S
Echo 默认共享漏洞处理完毕! 返回主菜单...
PAUSE >nul
Goto menu
:clear
Echo 正在清理系统垃圾文件,请稍等......
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %windir%\*.bak
del /f /s /q %systemdrive%\*._mp
del /f /s /q %systemdrive%\*.gid
del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*"
del /f /s /q %windir%\prefetch\*.*
del /f /s /q %windir%\temp\*.*
del /f /s /q %userprofile%\cookies\*.*
del /f /s /q %userprofile%\recent\*.*
del /f /s /q "%userprofile%\Local Settings\Temp\*.*"
del /f /s /q "%userprofile%\recent\*.*"
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\*.old
del /f /s /q %systemdrive%\recycled\*.*
echo 系统垃圾文件清理完毕,按任何键返回主菜单...
PAUSE >nul
Goto menu
:Annex
net stop iisadmin
attrib %SystemRoot%\system32\inetsrv\metabase.xml -s -h -r -a
rem metabase.xml 备份为 metback.xml
copy %SystemRoot%\system32\inetsrv\metabase.xml %SystemRoot%\system32\inetsrv\metback.xml
@ECHO %dbg% OFF
setlocal ENABLEDELAYEDEXPANSION
FOR /F %%i in (%SystemRoot%\system32\inetsrv\metabase.xml) do (
SET STR=%%i
SET STR=!STR:1024=10485760!
ECHO !STR!>>%SystemRoot%\system32\inetsrv\metabase.txt
)
ren %SystemRoot%\system32\inetsrv\metabase.xml %SystemRoot%\system32\inetsrv\back.xml
ren %SystemRoot%\system32\inetsrv\metabase.txt %SystemRoot%\system32\inetsrv\metabase.xml
del %SystemRoot%\system32\inetsrv\metabase.txt
net start w3svc
echo iis附件上传大小,修改完成,按任一键返回主菜单
PAUSE >nul
Goto menu
:iis
MODE con: COLS=60 LINES=16
Echo.
Rem 重启IIS使设置生效
iisreset.exe
Echo IIS服务重启完毕! 按任意键返回主菜单...
PAUSE >nul
Goto menu
:Ipsec
MODE con: COLS=80 LINES=18
COLOR 70
Echo.
Rem 安全优化大师IP安全策略
netsh ipsec static importpolicy 80safe.ipsec
netsh ipsec static set policy name="安全优化大师IP安全策略" assign=y
Rem 导入安全优化大师IP安全策略
secedit /configure /db 80safe.sdb /cfg 80safe.inf /quiet
del 80safe.sdb
Echo 导入安全优化大师IP安全策略完毕! 请按任意键返主菜单...
PAUSE >nul
Goto menu
:quit
cls
title 安全优化大师 80safe.cn
MODE con: COLS=48 LINES=10
Echo **********************************************
Echo * 批命令功能有限,部分安全设置无法用命令完成 *
Echo * 望用户见谅! 1.0以下版本采用批命令完成 *
Echo * 1.0以上版本, 将改用应用程序开发 *
Echo * 安全优化大师的发展完善,离不开您真诚的支持 *
Echo * 有问题请上80safe.cn反馈,欢迎您提出宝贵意见*
Echo **********************************************
echo.
echo 按任一键,退出!
PAUSE >nul
exit |