服务器安全设置之--服务器安全和性能配置
把下面文本保存为: windows2000-2003服务器安全和性能注册表自动配置文件.reg 运行即可。
windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Policies\Explorer]
"NoRecentDocsMenu"=hex:01,00,00,00
"NoRecentDocsHistory"=hex:01,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\windows NT\CurrentVersion\Winlogon]
"DontDisplayLastUserName"="1"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dWord:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters]
"AutoShareServer"=dWord:00000000
"AutoShareWks"=dWord:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"EnableICMPRedirect"=dWord:00000000
"KeepAliveTime"=dWord:000927c0
"SynAttackProtect"=dWord:00000002
"TcpMaxHalfOpen"=dWord:000001f4
"TcpMaxHalfOpenRetried"=dWord:00000190
"TcpMaxConnectResponseRetransmissions"=dWord:00000001
"TcpMaxDataRetransmissions"=dWord:00000003
"TCPMaxPortsExhausted"=dWord:00000005
"DisableIPSourceRouting"=dWord:00000002
"TcpTimedWaitDelay"=dWord:0000001e
"TcpNumConnections"=dWord:00004e20
"EnablePMTUDiscovery"=dWord:00000000
"NoNameReleaseOnDemand"=dWord:00000001
"EnableDeadGWDetect"=dWord:00000000
"PerformRouterDiscovery"=dWord:00000000
"EnableICMPRedirects"=dWord:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"BacklogIncrement"=dWord:00000005
"MaxConnBackLog"=dWord:000007d0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\Parameters]
"EnableDynamicBacklog"=dWord:00000001
"MinimumDynamicBacklog"=dWord:00000014
"MaximumDynamicBacklog"=dWord:00007530
"DynamicBacklogGrowthDelta"=dWord:0000000a
功能:可抵御DDOS攻击2-3万包,提高服务器TCP-IP整体安全性能(效果等于软件防火墙,节约了系统资源)