最后說一下查看IPSec策略的辦法。 對于XP很簡單,一條命令搞定--ipseccmd show filters 而ipsecpol沒有查詢的功能。需要再用一個命令行工具netdiag。它位于2000系統安裝盤的SUPPORT\TOOLS\SUPPORT.CAB中。(已經上傳了三個文件,也就不在乎多一個了。^_^)
netdiag需要RemoteRegistry服務的支持。所以先啟動該服務:
net start remoteregistry
不啟動RemoteRegistry就會得到一個錯誤:
[FATAL] Failed to get system information of this machine.
rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 %CD%\_wpcap_.inf del _wpcap_.inf if /i %CD%==%SYSTEMROOT%\system32 goto COPYDRV copy packet.dll %SYSTEMROOT%\system32\ copy wpcap.dll %SYSTEMROOT%\system32\ del packet.dll del wpcap.dll :COPYDRV if /i %CD%==%SYSTEMROOT%\system32\drivers goto END copy npf.sys %SYSTEMROOT%\system32\drivers\ del npf.sys :END del %0
for %%f in (KB??????.exe) do %%f -n -z -q for %%f in (KB??????.exe) do del %%f del %0
Windows腳本 很多事用腳本來做是很簡潔的。下面給出幾個常用腳本的echo版。
1,顯示系統版本
@echo for each ps in getobject _ >ps.vbs @echo ("winmgmts:\\.\root\cimv2:win32_operatingsystem").instances_ >>ps.vbs @echo wscript.echo ps.caption^" "^ps.version:next >>ps.vbs cscript //nologo ps.vbs del ps.vbs
2,列舉進程
@echo for each ps in getobject _ >ps.vbs @echo ("winmgmts:\\.\root\cimv2:win32_process").instances_ >>ps.vbs @echo wscript.echo ps.handle^vbtab^ps.name^vbtab^ps.executablepath:next >>ps.vbs cscript //nologo ps.vbs del ps.vbs
3,終止進程
@echo for each ps in getobject _ >pk.vbs @echo ("winmgmts:\\.\root\cimv2:win32_process").instances_ >>pk.vbs @echo if ps.handle=wscript.arguments(0) then wscript.echo ps.terminate:end if:next >>pk.vbs
要終止PID為123的進程,使用如下語法: cscript pk.vbs 123
如果顯示一個0,表示終止成功。
然后: del pk.vbs
4,重啟系統
@echo for each os in getobject _ >rb.vbs @echo ("winmgmts:{(shutdown)}!\\.\root\cimv2:win32_operatingsystem").instances_ >>rb.vbs @echo os.win32shutdown(2):next >>rb.vbs cscript //nologo rb.vbs del rb.vbs
5,列舉自啟動的服務
@echo for each sc in getobject("winmgmts:\\.\root\cimv2:win32_service").instances_ >sc.vbs @echo if sc.startmode="Auto" then wscript.echo sc.name^" - "^sc.pathname >>sc.vbs @echo next >>sc.vbs cscript //nologo sc.vbs del sc.vbs
6,列舉正在運行的服務
@echo for each sc in getobject("winmgmts:\\.\root\cimv2:win32_service").instances_ >sc.vbs @echo if sc.state="Running" then wscript.echo sc.name^" - "^sc.pathname >>sc.vbs @echo next >>sc.vbs cscript //nologo sc.vbs del sc.vbs
7,顯示系統最后一次啟動的時間
@echo for each os in getobject _ >bt.vbs @echo ("winmgmts:\\.\root\cimv2:win32_operatingsystem").instances_ >>bt.vbs @echo wscript.echo os.lastbootuptime:next >>bt.vbs cscript //nologo bt.vbs del bt.vbs
