win2003 服务器磁盘权限安全设置批处理

服务器 跟版网
服务器磁盘权限安全设置批处理,比较方便配置服务器安全的朋友,默认情况下磁盘没有做任何权限设置,设置后就安全了很多

@ECHO OFF
title C盘权限批量处理-2010.7.1
echo -----------------------------
echo 跟版网服务器C盘权限设置
echo http://www.jb51.net
echo -----------------------------
:menu
echo.
echo [1] 删除C盘的everyone的权限
echo [2] 删除C盘的所有的users的访问权限
echo [3] 添加iis_wpg的访问权限
echo [4] 添加iis_wpg的访问权限[.net专用]
echo [5] 添加iis_wpg的访问权限[装了MACFEE的软件专用]
echo [6] 添加users的访问权限
echo [7] 删除C盘Windows下的所有的危险文件夹
echo [8] 删除系统危险文件的访问权限,只留管理组成员
echo [9] 注册表相关设定
echo [10] 将C盘权限还原为默认[需重启]
echo [0] 退出
echo.
@echo 请选择?
@echo 输入上面的选项回车
@echo off
set /p menu=

if %menu% == 0 goto exit
if %menu% == 1 goto 1
if %menu% == 2 goto 2
if %menu% == 3 goto 3
if %menu% == 4 goto 4
if %menu% == 5 goto 5
if %menu% == 6 goto 6
if %menu% == 7 goto 7
if %menu% == 8 goto 8
if %menu% == 9 goto 9
if %menu% == 10 goto 10

:1
echo 删除C盘的everyone的权限
cacls "%SystemDrive%" /r "CREATOR OWNER" /e
cacls "%SystemDrive%" /r "everyone" /e
cacls "%SystemRoot%" /r "everyone" /e
cacls "%SystemDrive%/Documents and Settings" /r "everyone" /e
cacls "%SystemDrive%/Documents and Settings/All Users" /r "everyone" /e
cacls "%SystemDrive%/Documents and Settings/All Users/Documents" /r "everyone" /e
echo.
echo 删除C盘的everyone的权限 ………………ok!
echo.
goto menu

:2
echo 删除C盘的所有的users的访问权限
cacls "%SystemDrive%" /r "users" /e
cacls "%SystemDrive%/Program Files" /r "users" /e
cacls "%SystemDrive%/Documents and Settings" /r "users" /e
cacls "%SystemRoot%" /r "users" /e
cacls "%SystemRoot%/addins" /r "users" /e
cacls "%SystemRoot%/AppPatch" /r "users" /e
cacls "%SystemRoot%/Connection Wizard" /r "users" /e
cacls "%SystemRoot%/Debug" /r "users" /e
cacls "%SystemRoot%/Driver Cache" /r "users" /e
cacls "%SystemRoot%/Help" /r "users" /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /r "users" /e
cacls "%SystemRoot%/java" /r "users" /e
cacls "%SystemRoot%/msagent" /r "users" /e
cacls "%SystemRoot%/mui" /r "users" /e
cacls "%SystemRoot%/repair" /r "users" /e
cacls "%SystemRoot%/Resources" /r "users" /e
cacls "%SystemRoot%/security" /r "users" /e
cacls "%SystemRoot%/system" /r "users" /e
cacls "%SystemRoot%/TAPI" /r "users" /e
cacls "%SystemRoot%/Temp" /r "users" /e
cacls "%SystemRoot%/twain_32" /r "users" /e
cacls "%SystemRoot%/Web" /r "users" /e
cacls "%SystemRoot%/WinSxS" /r "users" /e
cacls "%SystemRoot%/system32/3com_dmi" /r "users" /e
cacls "%SystemRoot%/system32/administration" /r "users" /e
cacls "%SystemRoot%/system32/Cache" /r "users" /e
cacls "%SystemRoot%/system32/CatRoot2" /r "users" /e
cacls "%SystemRoot%/system32/Com" /r "users" /e
cacls "%SystemRoot%/system32/config" /r "users" /e
cacls "%SystemRoot%/system32/dhcp" /r "users" /e
cacls "%SystemRoot%/system32/drivers" /r "users" /e
cacls "%SystemRoot%/system32/export" /r "users" /e
cacls "%SystemRoot%/system32/icsxml" /r "users" /e
cacls "%SystemRoot%/system32/lls" /r "users" /e
cacls "%SystemRoot%/system32/LogFiles" /r "users" /e
cacls "%SystemRoot%/system32/MicrosoftPassport" /r "users" /e
cacls "%SystemRoot%/system32/mui" /r "users" /e
cacls "%SystemRoot%/system32/oobe" /r "users" /e
cacls "%SystemRoot%/system32/ShellExt" /r "users" /e
cacls "%SystemRoot%/system32/wbem" /r "users" /e
echo.
echo 删除C盘的所有的users的访问权限 ………………ok!
echo.
goto menu


:7
echo 删除C盘Windows下的所有的危险文件夹
attrib %SystemRoot%/Web/printers -s -r -h
del %SystemRoot%\Web\printers\*.* /s /q /f
rd %SystemRoot%\Web\printers /s /q

attrib %SystemRoot%\Help\iisHelp -s -r -h
del %SystemRoot%\Help\iisHelp\*.* /s /q /f
rd %SystemRoot%\Help\iisHelp /s /q

attrib %SystemRoot%\system32\inetsrv\iisadmpwd -s -r -h
del %SystemRoot%\system32\inetsrv\iisadmpwd\*.* /s /q /f
rd %SystemRoot%\system32\inetsrv\iisadmpwd /s /q
echo.
echo 删除C盘Windows下的所有的危险文件夹 ………………ok!
echo.
goto menu


:8
echo 给系统危险文件设置权限设定
cacls "C:\boot.ini" /T /C /E /G Administrators:F
cacls "C:\boot.ini" /D Guests:F /E

cacls "C:\AUTOEXEC.BAT" /T /C /E /G Administrators:F
cacls "C:\AUTOEXEC.BAT" /D Guests:F /E

cacls "%SystemRoot%/system32/net.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/net.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/net1.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/net1.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/cmd.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/cmd.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/ftp.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/ftp.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/netstat.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/netstat.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/regedit.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/regedit.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/at.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/at.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/attrib.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/attrib.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/format.com" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/format.com" /D Guests:F /E

cacls "%SystemRoot%/system32/logoff.exe" /T /C /E /G Administrators:F

cacls "%SystemRoot%/system32/shutdown.exe" /G Administrators:F
cacls "%SystemRoot%/system32/shutdown.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/telnet.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/telnet.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/wscript.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/wscript.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/doskey.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/doskey.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/help.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/help.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/ipconfig.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/ipconfig.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/nbtstat.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/nbtstat.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/print.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/print.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/xcopy.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/xcopy.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/edit.com" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/edit.com" /D Guests:F /E

cacls "%SystemRoot%/system32/regedt32.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/regedt32.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/reg.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/reg.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/register.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/register.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/replace.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/replace.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/nwscript.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/nwscript.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/share.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/share.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/ping.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/ping.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/ipsec6.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/ipsec6.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/netsh.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/netsh.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/debug.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/debug.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/route.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/route.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/tracert.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/tracert.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/powercfg.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/powercfg.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/nslookup.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/nslookup.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/arp.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/arp.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/rsh.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/rsh.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/netdde.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/netdde.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/mshta.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/mshta.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/mountvol.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/mountvol.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/tftp.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/tftp.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/setx.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/setx.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/find.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/find.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/finger.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/finger.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/where.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/where.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/regsvr32.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/regsvr32.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/cacls.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/cacls.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/sc.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/sc.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/shadow.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/shadow.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/runas.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/runas.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/wshom.ocx" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/wshom.ocx" /D Guests:F /E

cacls "%SystemRoot%/system32/wshext.dll" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/wshext.dll" /D Guests:F /E

cacls "%SystemRoot%/system32/shell32.dll" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/shell32.dll" /D Guests:F /E

cacls "%SystemRoot%/system32/zipfldr.dll" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/zipfldr.dll" /D Guests:F /E

cacls "%SystemRoot%/PCHealth/HelpCtr/Binaries/msconfig.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/PCHealth/HelpCtr/Binaries/msconfig.exe" /D Guests:F /E

cacls "%SystemRoot%/notepad.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/notepad.exe" /D Guests:F /E

cacls "%SystemRoot%/regedit.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/regedit.exe" /D Guests:F /E

cacls "%SystemRoot%/winhelp.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/winhelp.exe" /D Guests:F /E

cacls "%SystemRoot%/winhlp32.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/winhlp32.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/notepad.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/notepad.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/edlin.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/edlin.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/posix.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/posix.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/atsvc.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/atsvc.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/qbasic.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/qbasic.exe" /T /C /E /G Administrators:F

cacls "%SystemRoot%/system32/runonce.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/runonce.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/syskey.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/syskey.exe" /D Guests:F /E

cacls "%SystemRoot%/system32/cscript.exe" /T /C /E /G Administrators:F
cacls "%SystemRoot%/system32/cscript.exe" /D Guests:F /E
echo.
echo 给系统危险文件设置权限设定 ………………ok!
echo.
goto menu

:9
echo 注册表相关设定
reg delete HKEY_CLASSES_ROOT\WScript.Shell /f
reg delete HKEY_CLASSES_ROOT\WScript.Shell.1 /f
reg delete HKEY_CLASSES_ROOT\Shell.application /f
reg delete HKEY_CLASSES_ROOT\Shell.application.1 /f
reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK /f
reg delete HKEY_CLASSES_ROOT\WSCRIPT.NETWORK.1 /f
regsvr32 /s /u wshom.ocx
regsvr32 /s /u wshext.dll
regsvr32 /s /u shell32.dll
regsvr32 /s /u zipfldr.dll
echo.
echo 注册表相关设定 ………………ok!
echo.
goto menu


:3
echo 添加iis_wpg的访问权限
cacls "%SystemRoot%" /g iis_wpg:r /e
cacls "%SystemDrive%/Program Files/Common Files" /g iis_wpg:r /e

cacls "%SystemRoot%/Downloaded Program Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Help" /g iis_wpg:c /e
cacls "%SystemRoot%/IIS Temporary Compressed Files" /g iis_wpg:c /e
cacls "%SystemRoot%/Offline Web Pages" /g iis_wpg:c /e
cacls "%SystemRoot%/System32" /g iis_wpg:c /e
cacls "%SystemRoot%/Tasks" /g iis_wpg:c /e
cacls "%SystemRoot%/Temp" /g iis_wpg:c /e
cacls "%SystemRoot%/Web" /g iis_wpg:c /e
echo.
echo 添加iis_wpg的访问权限 ………………ok!
echo.
goto menu


:4
echo 添加iis_wpg的访问权限[.net专用]
cacls "%SystemRoot%/Assembly" /g iis_wpg:c /e
cacls "%SystemRoot%/Microsoft.NET" /g iis_wpg:c /e
echo.
echo 添加iis_wpg的访问权限[.net专用] ………………ok!
echo.
goto menu

:5
echo 添加iis_wpg的访问权限[装了MACFEE的软件专用]
cacls "%SystemDrive%/Program Files/Network Associates" /g iis_wpg:r /e
echo.
echo 添加iis_wpg的访问权限[装了MACFEE的软件专用] ………………ok!
echo.
goto menu

:6
echo 添加users的访问权限
cacls "%SystemRoot%/temp" /g users:c /e
echo.
echo 添加users的访问权限 ………………ok!
echo.
goto menu

:10
echo 将C盘权限还原为默认
Secedit /configure /db %SYSTEMROOT%\security\database\cvtfs.sdb /Cfg "%SYSTEMROOT%\security\templates\setup security.inf" /areas filestore
goto menu

:exit

exit

将上面代码保存为XX.bat 即可设置服务器磁盘安全
其实青云的批处理也不错的,大家可以根据需要选择下载地址 http://www.jb51.net/softs/12762.html
本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Win2003 MSSQL以普通用户运行安全设置篇
今天先说的是MSSQL安全篇第一篇——将MS SQL SERVER运行于普通用户下。
serv-u FTP 安全设置简单版 图文教程
这个版本跟脚本之家发布的版本,稍有区别,但这个虽然简单,但很细致,因为作者是位iis管理的高手,开发了银月服务器管理程序。
图解经典FTP服务器工具 SERV-U最安全的设置【防止被入侵】
作为一款精典的FTP服务器软件,SERV-U一直被大部分管理员所使用,它简单的安装和配置以及强大的管理功能的人性化也一直被管理员们称颂。但是随着使用者越来越多,该软件的安全问题也逐渐显露出来。
LINUX安全设置之关于GRUB加密图文教程全解
关于LINUX的启动装载程序GRUB加密,算是一件很平常的工作。但是今天我在网上查这个东西,发现好多人都写的很简单,而且方法都比较过时。所以,在此我更新下GRUB加密。和大家分享下。
linux 服务器安全设置教程
linux服务器安全设置教程,需要的朋友可以参考下。
Win2003+ASP.NET虚拟主机安全设置图文教程
我们举例详细说明在运行ASP.NET的windows 2003虚拟主机上,对于多个ASP.NET站点的安全配置
html教程css教程前端开发cms教程seo优化网页设计服务器数据库平面设计电脑教程编程教程互联网移动开发php编程java编程建站技巧Python编程
织梦资讯网 织梦模板 dede 外语学校 织梦鬼故事 竞价网站源码 竞价培训网 门户网站 织梦二次开发 织梦笑话网 dedecms笑话网 织梦源码 网站建设 搞笑图片 织梦教程 旅游网站源码 织梦旅游网 学校培训 html5 企业织梦源码 医院源码 后台样式 移动营销页 整形医院 大学医院 新手建站 客服代码 洗衣机维修 企业网站 淘宝客 导航菜单 教育网站 学校源码 装修网站 装修模板 美容整形 女性健康 妈妈网 机械源码 建站公司 珠宝首饰 苹果网站 手机资讯 美女图片 织梦模版打包 妇科源码 安卓市场源码 男性时尚网 健康之家 app应用网站 笑话网站 下载站 美女图片网 中医院网站 家装网站源码 QQ网站 标牌网站 魔兽世界网 淘宝客源码 YY网站源码 别墅设计网站 服装搭配网 宝宝起名网 站长网站 婚庆网站 脑科医院源码 笑话源码 肝胆医院 意外怀孕源码 工作室