欧美bbbwbbbw肥妇,免费乱码人妻系列日韩,一级黄片

win2003 WEB服務(wù)器NTFS權(quán)限設(shè)置圖文方法

 更新時間:2011年03月22日 19:53:51   作者:  
Windows2003+IIS6.0的加固分為兩部分,一部分是NTFS用戶權(quán)限的配置,一部分是IIS6.0的配置。
總得來說,前者比較難配置,參考了別人的一些配置和自己的一些實踐,找到一個本人覺得還相對滿意的做法,由于個人水平有限,希望高手指出我不足的地方,謝謝。由于最近忙著別的事,等忙完之后再把IIS配置的部分還有自己要整理的一些資料奉上~~到時候大家可以到論壇www.n0ws.com上去查看,不過本博客也是提供相關(guān)資料的下載的。
下面是我的做法:
首先,配置系統(tǒng)盤下(如:c盤)的權(quán)限(已經(jīng)將IIS的默認文件夾刪除)
1.系統(tǒng)盤:選中系統(tǒng)盤,屬性,安全選項卡,刪掉除了administrators和system組的其他組或者用戶。
2.Program Files :右鍵文件夾->選擇屬性->選擇“安全”選項卡->點擊“高級”選項->選中“允許父項…”和“用在此顯示…”->點擊“復制”->點擊確定,退出高級安全設(shè)置->把安全選項卡中除了administrators和system組之外的組或者用戶刪除

高級安全設(shè)置效果如下:
 

3.Program Files/Common File/users : 進入到program files下的common file文件夾下面,找到system添加users,默認的權(quán)限即可。所謂默認權(quán)限就是你添加這個用戶系統(tǒng)自動授予這個用戶對于操作文件夾或者文件的權(quán)限。(可能有人要問為什么要給這個文件夾設(shè)置users的權(quán)限?答:這個部分里面有一些dll文件是asp中createobject的時候需要的)
4.Documents and Settings:進入系統(tǒng)盤,選中Documents and Settings文件夾右鍵,刪除掉除了administrator、system、power users組之外的其他用戶或者組。進入到Documents and Settings文件夾里面,administrator這個文件夾的權(quán)限無需設(shè)置。ALL users文件夾,進入到高級選項選擇“用在此顯示的可以應用到子對象的目錄替代所有子對象的權(quán)限項目”,確定,到安全選項卡下面刪掉除了 administrator和system之外的其他用戶組和用戶,點擊確定。Default users文件夾,進入到高級選項選擇“用在此顯示的可以應用到子對象的目錄替代所有子對象的權(quán)限項目”,確定,到安全選項卡下面刪掉除了 administrator、system、power users之外的其他用戶組和用戶,點擊確定。
5.Windows : 右鍵文件夾->選擇屬性->選擇“安全”選項卡->刪除掉除了administrator和system之外的用戶->點擊確定。
6.Windows/temp : 右鍵文件夾->選擇屬性->選擇“安全”選項卡->添加users組->設(shè)置users組只具有讀取、寫入的權(quán)限。
7.其他根目錄下的文件夾:右鍵文件夾->選擇屬性->選擇“安全”選項卡->點擊“高級”選項->選中“允許父項…”和“用在此顯示…”->點擊“復制”->點擊確定,退出高級安全設(shè)置->把“安全”選項卡中除了administrators和system組之外的組或者用戶刪除
8.批處理:接下來的是一些特殊文件夾、文件的權(quán)限,一些服務(wù)的修改,危險組件的刪除。
批處理的部分最后附上下面的保存為*.bat或者直接從我提供的下載的地方下載即可。
復制代碼 代碼如下:

@echo off
ECHO.
ECHO.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHo.
ECHo "windows2003NTFS加固腳本"
ECHo.
ECHO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ECHO.
ECHO.
ECHO. -------------------------------------------------------------------------
ECHo 請按提示操作備份好注冊表,否則修改后無法還原,本人不負責.
ECHO.
ECHO YES=next set NO=exit (this time 30 Second default for n)
ECHO. -------------------------------------------------------------------------
CHOICE /T 30 /C yn /D n
if errorlevel 2 goto end
if errorlevel 1 goto next
:next
if EXIST backup (echo.)else md backup
if EXIST temp (rmdir /s/q temp|md temp) else md temp
if EXIST backup\backupkey.reg (move backup\backupkey.reg backup\backupkey_old.reg ) else goto run
:run
regedit /e temp\backup-reg1.key1 "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\"
regedit /e temp\backup-reg2.key2 "HKEY_CLASSES_ROOT\"
copy /b /y /v temp\backup-reg1.key1+temp\backup-reg2.key2 backup\backupkey.reg
if exist backup\wshom.ocx (echo 備份已存在) else copy /v/y %SystemRoot%\System32\wshom.ocx backup\wshom.ocx
if exist backup\shell32.dll (echo 備份已存在) else copy /v/y %SystemRoot%\system32\shell32.dll backup\shell32.dll
ECHO 備份已經(jīng)完成
ECHO.
goto next2
:next2
ECHO.
ECHO. -------------------------------------------------------------------
ECHo 修改權(quán)限system32目錄中不安全的幾個exe文件,改為只有Administrators才有權(quán)限運行
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. -------------------------------------------------------------------
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next3
if errorlevel 1 goto next21
:next21
echo y|cacls.exe %SystemRoot%\system32\net.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\net1.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\cmd.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\tftp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\netstat.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\regedit.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\at.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\attrib.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\cacls.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\fortmat.com /g Administrators:F
echo y|cacls.exe %SystemDrive%\boot.ini /g Administrators:F
echo y|cacls.exe %SystemDrive%\AUTOEXEC.BAT /g Administrators:F
echo y|cacls.exe %SystemRoot%/system32\ftp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\secedit.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\gpresult.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\gpupdate.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\logoff.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\shutdown.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\telnet.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\wscript.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\doskey.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\help.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\ipconfig.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\nbtstat.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\print.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\debug.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\regedt32.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\reg.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\register.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\replace.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\nwscript.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\share.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\ping.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\ipsec6.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\netsh.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\edit.com /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\route.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\tracert.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\powercfg.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\nslookup.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\arp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\rsh.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\netdde.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\mshta.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\mountvol.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\setx.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\find.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\where.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\finger.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\regsvr32.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\sc.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\shadow.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\runas.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\PCHealth\HelpCtr\Binaries\msconfig.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\notepad.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\regedit.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\winhelp.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\winhlp32.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\edlin.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\posix.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\atsvc.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\qbasic.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\runonce.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\syskey.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\cscript.exe /g Administrators:F
echo y|cacls.exe %SystemRoot%\system32\sethc.exe /g Administrators:F

echo "C盤權(quán)限設(shè)定"
cacls "%SystemRoot%/Registration" /r "everyone" /e

echo "刪除C盤的windows目錄下的create owner的權(quán)限"
cd/

cacls "%SystemRoot%/repair" /r "create owner" /e
cacls "%SystemRoot%/system32" /r "create owner" /e
cacls "%SystemDrive%/system32/config" /r "create owner" /e
cacls "%SystemRoot%/system32/wbem" /r "create owner" /e

echo "刪除WINDOWS文件夾下面的power users的權(quán)限"

cacls "%SystemRoot%/repair" /r "Power Users" /e
cacls "%SystemRoot%/system32" /r "Power Users" /e
cacls "%SystemDrive%/system32/config" /r "Power Users" /e
cacls "%SystemRoot%/system32/wbem" /r "Power Users" /e

echo "刪除WINDOWS下users的訪問權(quán)限"

cacls "%SystemRoot%/addins" /r "users" /e
cacls "%SystemRoot%/AppPatch" /r "users" /e
cacls "%SystemRoot%/Connection Wizard" /r "users" /e
cacls "%SystemRoot%/Debug" /r "users" /e
cacls "%SystemRoot%/Driver Cache" /r "users" /e
cacls "%SystemRoot%/Help" /r "users" /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /r "users" /e
cacls "%SystemRoot%/java" /r "users" /e
cacls "%SystemRoot%/msagent" /r "users" /e
cacls "%SystemRoot%/mui" /r "users" /e
cacls "%SystemRoot%/repair" /r "users" /e
cacls "%SystemRoot%/Resources" /r "users" /e
cacls "%SystemRoot%/security" /r "users" /e
cacls "%SystemRoot%/system" /r "users" /e
cacls "%SystemRoot%/TAPI" /r "users" /e
cacls "%SystemRoot%/Temp" /r "users" /e
cacls "%SystemRoot%/twain_32" /r "users" /e
cacls "%SystemRoot%/Web" /r "users" /e
cacls "%SystemRoot%/system32/3com_dmi" /r "users" /e
cacls "%SystemRoot%/system32/administration" /r "users" /e
cacls "%SystemRoot%/system32/Cache" /r "users" /e
cacls "%SystemRoot%/system32/CatRoot2" /r "users" /e
cacls "%SystemRoot%/system32/Com" /r "users" /e
cacls "%SystemRoot%/system32/config" /r "users" /e
cacls "%SystemRoot%/system32/dhcp" /r "users" /e
cacls "%SystemRoot%/system32/drivers" /r "users" /e
cacls "%SystemRoot%/system32/export" /r "users" /e
cacls "%SystemRoot%/system32/icsxml" /r "users" /e
cacls "%SystemRoot%/system32/lls" /r "users" /e
cacls "%SystemRoot%/system32/LogFiles" /r "users" /e
cacls "%SystemRoot%/system32/MicrosoftPassport" /r "users" /e
cacls "%SystemRoot%/system32/mui" /r "users" /e
cacls "%SystemRoot%/system32/oobe" /r "users" /e
cacls "%SystemRoot%/system32/ShellExt" /r "users" /e
cacls "%SystemRoot%/system32/wbem" /r "users" /e

goto next3
:next3
ECHO.
ECHO.
ECHO. ------------------------------------------------------------------------
ECHo 禁止不必要的服務(wù),如果要退出請按Ctrl+C
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. ------------------------------------------------------------------------
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next4
if errorlevel 1 goto next31
:next31
echo Windows Registry Editor Version 5.00 >temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dfs] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Scheduler] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LmHosts] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtmsSvc] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDE] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetDDEdsdm] >>temp\Services.reg
echo "Start"=dword:00000004 >>temp\Services.reg
regedit /s temp\Services.reg

ECHO.
goto next4
:next4
ECHO.
ECHO. -------------------------------------------------------------------------
ECHo 防止人侵和攻擊. 如果要退出請按Ctrl+C
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. -------------------------------------------------------------------------
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next5
if errorlevel 1 goto next41

:next41
echo Windows Registry Editor Version 5.00 >temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] >>temp\skyddos.reg
echo "EnableDeadGWDetect"=dword:00000000 >>temp\skyddos.reg
echo "EnableICMPRedirects"=dword:00000000 >>temp\skyddos.reg
echo "PerformRouterDiscovery"=dword:00000000 >>temp\skyddos.reg
echo "NoNameReleaseOnDemand"=dword:00000001 >>temp\skyddos.reg
echo "KeepAliveTime"=dword:000493e0 >>temp\skyddos.reg
echo "EnablePMTUDiscovery"=dword:00000000 >>temp\skyddos.reg
echo "SynAttackProtect"=dword:00000002 >>temp\skyddos.reg
echo "TcpMaxHalfOpen"=dword:00000064 >>temp\skyddos.reg
echo "TcpMaxHalfOpenRetried"=dword:00000050 >>temp\skyddos.reg
echo "TcpMaxConnectResponseRetransmissions"=dword:00000001 >>temp\skyddos.reg
echo "TcpMaxDataRetransmissions"=dword:00000003 >>temp\skyddos.reg
echo "TCPMaxPortsExhausted"=dword:00000005 >>temp\skyddos.reg
echo "DisableIPSourceRouting"=dword:0000002 >>temp\skyddos.reg
echo "TcpTimedWaitDelay"=dword:0000001e >>temp\skyddos.reg
echo "EnableSecurityFilters"=dword:00000001 >>temp\skyddos.reg
echo "TcpNumConnections"=dword:000007d0 >>temp\skyddos.reg
echo "TcpMaxSendFree"=dword:000007d0 >>temp\skyddos.reg
echo "IGMPLevel"=dword:00000000 >>temp\skyddos.reg
echo "DefaultTTL"=dword:00000016 >>temp\skyddos.reg
echo 刪除IPC$(Internet Process Connection)是共享“命名管道”的資源
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] >>temp\skyddos.reg
echo "restrictanonymous"=dword:00000001 >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\interfaces] >>temp\skyddos.reg
echo "PerformRouterDiscovery"=dword:00000000 >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >>temp\skyddos.reg
echo "BacklogIncrement"=dword:00000003 >>temp\skyddos.reg
echo "MaxConnBackLog"=dword:000003e8 >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Afd\Parameters] >>temp\skyddos.reg
echo "EnableDynamicBacklog"=dword:00000001 >>temp\skyddos.reg
echo "MinimumDynamicBacklog"=dword:00000014 >>temp\skyddos.reg
echo "MaximumDynamicBacklog"=dword:00002e20 >>temp\skyddos.reg
echo "DynamicBacklogGrowthDelta"=dword:0000000a >>temp\skyddos.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] >>temp\skyddos.reg
echo "autoshareserver"=dword:00000000 >>temp\skyddos.reg
regedit /s temp\skyddos.reg
ECHO.
ECHO.
goto next5
:next5
ECHO.
ECHO. ------------------------------------------------------------------------
ECHo 防止ASP木馬運行 卸除WScript.Shell, Shell.application, WScript.Network
ECHO YES=next set NO=this set ignore (this time 30 Second default for y)
ECHO. -----------------------------------------------------------------------
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto next6
if errorlevel 1 goto next51
:next51
echo Windows Registry Editor Version 5.00 >temp\del.reg
echo [-HKEY_CLASSES_ROOT\Shell.Application] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\Shell.Application.1] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\CLSID\{13709620-C279-11CE-A49E-444553540000}] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\ADODB.Command\CLSID] >>temp\del.reg
echo [-HKEY_CLASSES_ROOT\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}] >>temp\del.reg
regedit /s temp\del.reg
regsvr32 /u %SystemRoot%\system32\wshom.ocx
del /f/q %SystemRoot%\System32\wshom.ocx
regsvr32 /u %SystemRoot%\system32\shell32.dll
del /f/q %SystemRoot%\System32\shell32.dll
rmdir /q/s temp

ECHO.
goto next6
:next6
ECHO.
ECHO.
ECHO. ---------------------------------------------------------------------
ECHo 設(shè)置已經(jīng)完成重啟后才能生效.
ECHO YES=reboot server NO=exit (this time 60 Second default for y)
ECHO. ----------------------------------------------------------------------
CHOICE /T 30 /C yn /D y
if errorlevel 2 goto end
if errorlevel 1 goto reboot
:reboot
shutdown /r /t 0
:end
if EXIST temp (rmdir /s/q temp|exit) else exit

相關(guān)文章

最新評論