5. Server security settings-server security and performance configuration. Save the following text as: windows2000-2003 Server security and performance registry automatic configuration file.reg run.
Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]"NoRecentDocsMenu"=hex:01,00,00,00"NoRecentDocsHistory"=hex:01,00,00,00[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]"DontDisplayLastUserName"="1"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]"restrictanonymous"=dword:00000001[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters]"AutoShareServer"=dword:00000000"AutoShareWks"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]"EnableICMPRedirect"=dword:00000000"KeepAliveTime"=dword:000927c0"SynAttackProtect"=dword:00000002"TcpMaxHalfOpen"=dword:000001f4"TcpMaxHalfOpenRetried"=dword:00000190"TcpMaxConnectResponseRetransmissions"=dword:00000001"TcpMaxDataRetransmissions"=dword:00000003"TCPMaxPortsExhausted"=dword:00000005"DisableIPSourceRouting"=dword:00000002"TcpTimedWaitDelay"=dword:0000001e"TcpNumConnections"=dword:00004e20"EnablePMTUDiscovery"=dword:00000000"NoNameReleaseOnDemand"=dword:00000001"EnableDeadGWDetect"=dword:00000000"PerformRouterDiscovery"=dword:00000000"EnableICMPRedirects"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]"BacklogIncrement"=dword:00000005"MaxConnBackLog"=dword:000007d0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters]"EnableDynamicBacklog"=dword:00000001"MinimumDynamicBacklog"=dword:00000014"MaximumDynamicBacklog"=dword:00007530"DynamicBacklogGrowthDelta"=dword:0000000a
6. Server security settings--IP security policy (only lists ports or protocols that need to be blocked or blocked) protocol
IP protocol port
Source address
Target address
describe
Way
ICMP -- -- -- ICMP
Prevent
UDP
135
Any IP address
My IP address
135-UDP
Prevent
UDP
136
Any IP address
My IP address
136-UDP
Prevent
UDP
137
Any IP address
My IP address
137-UDP
Prevent
UDP
138
Any IP address
My IP address
138-UDP
Prevent
UDP
139
Any IP address
My IP address
139-UDP
Prevent
TCP
445
Any IP address - from any port
My IP address-445
445-TCP
Prevent
UDP
445 Any IP address - from any port
My IP address-445
445-UDP
Prevent
UDP 69 Any IP address - from any port My IP address - 69 69 - Enter
Prevent
UDP 69 My IP address - 69 Any IP address - Any port 69-out Block
TCP 4444 Any IP address - from any port My IP address -4444 4444-TCP Block
TCP 1026 My IP address-1026 Any IP address-Arbitrary port Gray pigeon-1026 Block
TCP 1027 My IP address-1027 Any IP address-Arbitrary port Gray pigeon-1027 Block
TCP 1028 My IP address-1028 Any IP address-Arbitrary port Gray pigeon-1028 Block
UDP
1026 My IP address-1026 Any IP address-Arbitrary port Gray pigeon-1026 Block
UDP 1027 My IP address - 1027 Any IP address - any port Gray pigeon - 1027 Block
UDP 1028 My IP address - 1028 Any IP address - any port Gray pigeon - 1028 Block
TCP 21 My IP address - from any port, any IP address - to port 21 Block tftp outbound
TCP 99 My IP address - 99 Any IP address - any port Block 99shell Block
The above is the settings in the IP security policy. You can add or delete ports according to actual conditions.
Process account and simulation identifier:
Read
Content Directory
C:\inetpub\wwwroot\YourWebApp
(Generally speaking, there is no default directory. Administrators can adjust according to actual situations, such as D:\wwwroot)
Previous page123456789Next pageRead the full text