|
|
Windows Registry Editor Version 5.00
;禁用SMB设备直通
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"SMBDeviceEnabled"=dword:00000000
;使用组策略禁用服务器端 SMBv1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
"SMB1"=dword:00000000
"SMBv1"=dword:00000000
;禁用客户端SMBv1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mrxsmb10]
"Start"=dword:00000004
;防火墙屏蔽445端口入站
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC190356-C52F-4DE4-980F-4D0800F565A6}"="v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=6|LPort=445|Name=445-tcp|"
"{9D830D0C-3B75-4EF7-9F23-88C367272884}"="v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=17|LPort=445|Name=445-udp|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules]
"{EC190356-C52F-4DE4-980F-4D0800F565A6}"="v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=6|LPort=445|Name=445-tcp|"
"{9D830D0C-3B75-4EF7-9F23-88C367272884}"="v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=17|LPort=445|Name=445-udp|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"新值 #1"=hex(b):00,00,00,00,00,00,00,00
;64400
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"TcpWindowSize"=dword:0000fb90
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"TcpWindowSize"=dword:0000fb90
;1030400
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"GlobalMaxTcpWindowSize"=dword:000fb900
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"GlobalMaxTcpWindowSize"=dword:000fb900
;通过修改调整这个动态端口的范围,可以提高系统的数据吞吐率,最少设置十进制32768
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"MaxUserPort"=dword:00008000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters]
"MaxUserPort"=dword:00008000
;SYN攻击防护
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"SynAttackProtect"=dword:00000002
"TcpMaxPortsExhausted"=dword:00000005
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"SynAttackProtect"=dword:00000002
"TcpMaxPortsExhausted"=dword:00000005
;MaximumDynamicBacklog的设置最好不超过2000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters]
"EnableDynamicBacklog"=dword:00000001 ;值为1时,表示启用动态backlog,可以修改最大半连接数
"MinimumDynamicBacklog"=dword:00000014 ;表示半连接队列为单个TCP端囗分配的最小空闲连接数
"MaximumDynamicBacklog"=dword:00000400 ;当前活动的半连接和空闲连接的和
"DynamicBacklogGrowthDelta"=dword:0000000a ;扩展的空闲连接数此连接数并不计算在MaximumDynamicBacklog内
;同时允许打开的半连接数量,500
;半开连接是指客户端发送了 SYN 包,但服务器尚未收到客户端的 ACK 包时的连接状态
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"TcpMaxHalfOpen"=dword:000001f4
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"TcpMaxHalfOpen"=dword:000001f4
;判断是否存在攻击的触发点,400
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"TcpMaxHalfOpenRetried"=dword:00000190
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"TcpMaxHalfOpenRetried"=dword:00000190
;禁止IP源路由,缺省项值为1,表示不转发源路由包,项值设为0,表示全部转发,设置为2,表示丢弃所有接受的源路由包
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"DisableIPSourceRouting"=dword:0000002
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"DisableIPSourceRouting"=dword:0000002
;TCP数据最大重发次数 TcpMaxDataRetransmissions
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"TcpMaxDataRetransmissions"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"TcpMaxDataRetransmissions"=dword:00000003
;TCP连接最大重发次数 TcpMaxConnectResponseRetransmissions
;服务器如果在时间内还未收到ack确认包就自动从backlog队列中删除该连接条目
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"TcpMaxConnectResponseRetransmissions"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"TcpMaxConnectResponseRetransmissions"=dword:00000002
; 禁用不必要协议
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"EnableICMPRedirect"=dword:00000000 ;禁用 ICMP 重定向
"EnableAddrMaskReply"=dword:00000000 ;禁用地址掩码回复
"EnableBcastArpReply"=dword:00000000 ;禁用地址广播 ARP 回复
"DisableDynamicDiscovery"=dword:00000001 ;禁用 LLMNR(链路本地多播名称解析)和 NBT-NS(NetBIOS 名称服务
"UseDomainNameDevolution"=dword:00000000 ;禁用域名退化
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"EnableICMPRedirect"=dword:00000000 ;禁用 ICMP 重定向
"EnableAddrMaskReply"=dword:00000000 ;禁用地址掩码回复
"EnableBcastArpReply"=dword:00000000 ;禁用地址广播 ARP 回复
"DisableDynamicDiscovery"=dword:00000001 ;禁用 LLMNR(链路本地多播名称解析)和 NBT-NS(NetBIOS 名称服务
"UseDomainNameDevolution"=dword:00000000 ;禁用域名退化
;无效网关检测功能-关闭它可以抵御SNMP攻击,优化网络
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"EnableDeadGWDetect"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"EnableDeadGWDetect"=dword:00000000
;允许计算机忽略除来自 Windows服务器以外的 NetBIOS名称发布请求
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"NoNameReleaseOnDemand"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"NoNameReleaseOnDemand"=dword:00000001
;;win7和win10的默认IGMP版本都是V3,但是很多时间,设备只支持V2,这会导致无法观看组播视频
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
"IGMPLevel"=dword:00000000 ;;0=不支持组播,1=只支持发送 IPv4 组播,2=完全支持IGMP(默认)
"IGMPVersion"=dword:00000003 ;;2=IGMPv1,3=IGMPv2,4=IGMPv3(默认)
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters]
"IGMPLevel"=dword:00000000
"IGMPVersion"=dword:00000003
;匿名访问限制 RestrictAnonymous,1=匿名用户无法列举本机用户列表,2=匿名用户无法连接本机IPC$共享
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa]
"restrictanonymous"=dword:00000001
;1=强制要求提供有效的身份验证,限制匿名访问,可增强安全性,但可能影响旧版应用程序
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanWorkstation\Parameters]
"RestrictAnonymous"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanServer\Parameters]
"RestrictAnonymous"=dword:00000001
|
|
IP卡
狗仔卡
发表于 
收藏
支持
反对
提升卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡