**标注:**此脚本进行本地策略配置,设置后可防止“永恒之蓝”被其它机器感染和去感染其它机器,但不能避免从USB或者上网感染,所以还是得打补丁,详细可参考:[https://technet.microsoft.com/zh-cn/library/security/MS17-010](https://technet.microsoft.com/zh-cn/library/security/MS17-010)
链接可详细了解”[永恒之蓝](http://baike.baidu.com/item/WannaCry/20797421?fr=aladdin&fromtitle=%E6%B0%B8%E6%81%92%E4%B9%8B%E8%93%9D&fromid=4951714)“
####
REM =================开始================
netsh ipsec static del policy windowsDBA
netsh ipsec static add policy name = windowsDBA
netsh ipsec static del filteraction FILTERblock
netsh ipsec static del filteraction FILTERPermit
netsh ipsec static add filteraction FILTERblock action =block
netsh ipsec static add filteraction FILTERPermit action =permit
netsh IPsec static del filterlist name = AllowList
netsh IPsec static del filterlist name = DenyList
netsh IPsec static add filterlist name = AllowList
netsh IPsec static add filterlist name = DenyList
REM 允许指定的IP访问3389端口
netsh IPsec static add filter filterlist = AllowList srcaddr = 192.168.1.1 dstaddr = me dstport = 3389 description = vpn protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = AllowList srcaddr = 10.100.1.1 dstaddr = me dstport = 3389 description = vpn protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = AllowList srcaddr = 192.168.2.2 dstaddr = me dstport = 3389 description = vpn protocol = TCP mirrored = yes
REM 禁止出入139、135、445端口
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 445 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 135 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 139 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =me dstaddr = any dstport = 445 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =me dstaddr = any dstport = 135 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =me dstaddr = any dstport = 139 protocol = TCP mirrored = yes
netsh IPsec static add filter filterlist = DenyList srcaddr =any dstaddr = me dstport = 3389 protocol = TCP mirrored = yes
netsh ipsec static add rule name=AllowIPList policy=windowsDBA filterlist=AllowList filteraction=FILTERPermit
netsh ipsec static add rule name=DenyPortList policy=windowsDBA filterlist=DenyList filteraction=FILTERblock
netsh ipsec static set policy name = windowsDBA assign = y
pause
文章最后更新时间:
2017年06月06日 05:09:58
This site presents fastidious featured YouTube videos; I always download the dance competition show video clips from this web page.
Good answer back in return of this query with solid arguments and describing the whole thing about that.
My grand father constantly used to watch YouTube funny video clips, hehehehehe, because he desires to be glad forever.
Hi there Dear, are you in fact visiting this web page regularly, if so afterward you will without doubt take pleasant knowledge.
There is also one additional technique to increase traffic for your blog that is link exchange, thus you also try it
Please add more videos related to cooking if you have, as I would like to learn more and more about all recipes of cooking.
This is my first time pay a quick visit at here and i am actually impressed to read all at alone place.
No one can deny from the quality of this video posted at this website, fastidious work, keep it all the time.
Such are actually awesome YouTube movies, its my luck to go to see this web site and finding such cool YouTube video tutorials.
The strategies stated in this article concerning to increase traffic at you own blog are actually good, thanks for such good piece of writing.