服务器安全设置之 服务器安全和性能配置
把下面文本保存为: windows2000-2003服务器安全和性能注册表自动配置文件.reg 运行即可
代码如下:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer]
"NoRecentDocsMenu"=hex:01,00,00,00
"NoRecentDocsHistory"=hex:01,00,00,00
[HKEY_LOCAL_MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon]
"DontDisplayLastUserName"="1"
[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Lsa]
"restrictanonymous"=dword:00000001
[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/lanmanserver/Parameters]
"AutoShareServer"=dword:00000000
"AutoShareWks"=dword:00000000
[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters]
"EnableICMPRedirect"=dword:00000000
"KeepAliveTime"=dword:000927c0
"SynAttackProtect"=dword:00000002
"TcpMaxHalfOpen"=dword:000001f4
"TcpMaxHalfOpenRetried"=dword:00000190
"TcpMaxConnectResponseRetransmissions"=dword:00000001
"TcpMaxDataRetransmissions"=dword:00000003
"TCPMaxPortsExhausted"=dword:00000005
"DisableIPSourceRouting"=dword:00000002
"TcpTimedWaitDelay"=dword:0000001e
"TcpNumConnections"=dword:00004e20
"EnablePMTUDiscovery"=dword:00000000
"NoNameReleaseOnDemand"=dword:00000001
"EnableDeadGWDetect"=dword:00000000
"PerformRouterDiscovery"=dword:00000000
"EnableICMPRedirects"=dword:00000000
[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/NetBT/Parameters]
"BacklogIncrement"=dword:00000005
"MaxConnBackLog"=dword:000007d0
[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/AFD/Parameters]
"EnableDynamicBacklog"=dword:00000001
"MinimumDynamicBacklog"=dword:00000014
"MaximumDynamicBacklog"=dword:00007530
"DynamicBacklogGrowthDelta"=dword:0000000a
功能:可抵御DDOS攻击2-3万包,提高服务器TCP-IP整体安全性能(效果等于软件防火墙,节约了系统资源)