**标注:**此脚本进行本地策略配置,设置后可防止“永恒之蓝”被其它机器感染和去感染其它机器,但不能避免从USB或者上网感染,所以还是得打补丁,详细可参考:[https://technet.microsoft.com/zh-cn/library/security/MS17-010](https://technet.microsoft.com/zh-cn/library/security/MS17-010)
链接可详细了解”[永恒之蓝](http://baike.baidu.com/item/WannaCry/20797421?fr=aladdin&fromtitle=%E6%B0%B8%E6%81%92%E4%B9%8B%E8%93%9D&fromid=4951714)“
####
REM =================开始================
netsh ipsec static del policy windowsDBA
netsh ipsec static add policy name = windowsDBA
netsh ipsec static del filteraction FILTERblock
netsh ipsec static del filteraction FILTERPermit
netsh ipsec static add filteraction FILTERblock action =block
netsh ipsec static add filteraction FILTERPermit action =permit
netsh IPsec static del filterlist name = AllowList
netsh IPsec static del filterlist name = DenyList
netsh IPsec static add filterlist name = AllowList
netsh IPsec static add filterlist name = DenyList
REM 允许指定的IP访问3389端口
netsh IPsec static add filter filterlist = AllowList srcaddr = 192.168.1.1 dstaddr = me dstport = 3389 description = vpn protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = AllowList srcaddr = 10.100.1.1 dstaddr = me dstport = 3389 description = vpn protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = AllowList srcaddr = 192.168.2.2 dstaddr = me dstport = 3389 description = vpn protocol = TCP mirrored = yes
REM 禁止出入139、135、445端口
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 445 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 135 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 139 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =me dstaddr = any dstport = 445 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =me dstaddr = any dstport = 135 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =me dstaddr = any dstport = 139 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 3389 protocol = TCP mirrored = yes
netsh ipsec static add rule name=AllowIPList policy=windowsDBA filterlist=AllowList filteraction=FILTERPermit
netsh ipsec static add rule name=DenyPortList policy=windowsDBA filterlist=DenyList filteraction=FILTERblock
netsh ipsec static set policy name = windowsDBA assign = y
pause
文章最后更新时间:
2017年06月06日 05:09:58
2017 best weight loss pills pills to lose weight prescription diet pills natural weight loss supplements forskolin for weight loss
prescription weight loss pills prescription weight loss pills phentermine 37.5 without doctor's prescription metformin weight loss best weight loss pills
best supplements for weight loss metformin weight loss whats the best weight loss supplement weight loss pills over the counter best diet pill available
natural weight loss supplements weight loss injections prescription diet pills new weight loss medication weightloss pills
I like what you guys are up too. Such clever work and coverage! Keep up the awesome works guys I've incorporated you guys to my own blogroll.
Pretty nice post. I just stumbled upon your weblog and wished to say that I have really loved surfing around your blog posts. In any case I'll be subscribing in your rss feed and I'm hoping you write once more very soon!
This piece of writing offers clear idea in support of the new people of blogging, that in fact how to do running a blog.
I am extremely impressed with your writing skills and also with the layout on your blog. Is this a paid theme or did you customize it yourself? Either way keep up the nice quality writing, it is rare to see a nice blog like this one these days.
hxuszm <a href=>payday loans</a>
srtwea <a href=>payday loans online</a>