个人电脑安全升级设置--批处理程序

2008-04-09 04:07:06来源：互联网阅读 ()

说在前面的话：记得以前在网上看到过使用批处理程序在DOS下对电脑进行相关的设置，也正因为这点，也是灵感的来源。前些天，在网上看到了一个批处理程序，是对电脑安全的设置，具体应用是防黑。看了看他写的代码，实在不敢恭维，自己又重新给他优化编辑了一遍，今天发了上来，给大家共同分享。具体代码如下：（偶的附件里会有已经写好的程序，供大家使用。但是又担心论坛的服务器不稳定，怕附件消失，无法下载，特把代码公布。使用方法：复制下来，粘贴到记事本，然后另存为.bat格式的批处理文件，就可以使用了）

代码：

@echo off
gpupdate >nul
rem For Client only
echo ipseccmd -w REG -p "HFUT_SECU" -o -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -x >nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/80" -f * 0:80:TCP -n BLOCK -x >nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/1434" -f * 0:1434:UDP -n BLOCK -x >nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/137" -f * 0:137:UDP -n BLOCK -x >nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/138" -f * 0:138:UDP -n BLOCK -x >nul
rem echo 禁止网上邻居的文件传输（去掉上述两行的 rem 即可生效！）
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/139" -f * 0:139:TCP -n BLOCK -x >nul
rem echo 禁止NetBIOS/SMB服务和文件和打印机共享和SAMBA（去掉上行的 rem 生效）
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/135" -f * 0:135:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/135" -f * 0:135:UDP -n BLOCK -x >nul
echo 禁止Location Service服务和防止 Dos 攻击…………OK!
echo.
echo 友情提示: 现在网上流行的危险端口，建议关闭，不会对系统有影响.
echo.
echo 特别注意: 不要关闭，请按enter键继续进行流行的危险端口关闭工作.
echo.
pause>enter
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/445" -f * 0:445:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/445" -f * 0:445:UDP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1025" -f * 0:1025:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/139" -f * 0:139:UDP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1068" -f * 0:1068:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/5554" -f * 0:5554:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/9995" -f * 0:9995:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/9996" -f * 0:9996:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/6129" -f * 0:6129:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block ICMP/255" -f * 0:255:ICMP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/43958" -f * 0:43958:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/80" -f * 0:80:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/1434" -f * 0:1434:UDP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/3389" -f * 0:3389:TCP -n BLOCK -x >nul
echo 关闭流行危险端口…………OK!
echo.
echo 友情提示:为了增强自己电脑的安全防护级别,请关闭木马工具及蠕虫病毒的默认攻击端口,防止那些"灰客"哦:)
echo.
echo 特别注意：不要关闭，请按enter键继续进行木马.蠕虫默认攻击端口关闭策略!
echo.
pause>enter
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/20034" -f * 0:20034:TCP -n BLOCK -x >nul
echo 关闭木马NetBus Pro开放的端口…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1092" -f * 0:1092:TCP -n BLOCK -x >nul
echo 关闭蠕虫LoveGate开放的端口…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/3996" -f * 0:3996:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/4060" -f * 0:4060:TCP -n BLOCK -x >nul
echo 关闭木马RemoteAnything开放的端口…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/4590" -f * 0:4590:TCP -n BLOCK -x >nul
echo 关闭木马ICQTrojan开放的端口…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1080" -f * 0:1080:TCP -n BLOCK -x >nul
echo 禁止代理服务器扫描…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/113" -f * 0:113:TCP -n BLOCK -x >nul
echo 禁止Authentication Service服务…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/79" -f * 0:79:TCP -n BLOCK -x >nul
echo 禁止Finger扫描…………OK！
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/53" -f * 0:53:UDP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/53" -f * 0:53:TCP -n BLOCK -x >nul
echo 禁止区域传递（TCP），欺骗DNS（UDP）或隐藏其他的通信…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/707" -f * 0:707:TCP -n BLOCK -x >nul
echo 关闭nachi蠕虫病毒监听端口…………OK!
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/808" -f * 0:808:TCP -n BLOCK -x >nul
echo ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/23" -f * 0:23:TCP -n BLOCK -x >nul
echo 关闭Telnet 和木马Tiny Telnet Server监听端口…………OK!