1.Windows DNS切换bat脚本
@echo off
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c "^&chr(34)^&"%~0"^&chr(34)^&" ::","%cd%","runas",1)(window.close)&&exit
for /f "tokens=3*" %%a in ('netsh interface show interface ^| findstr "已连接"') do set "ConName=%%~b"
echo 当前正在上网的网络连接名是【%ConName%】
set mainDNS="10.1.1.1"
set secondDNS="10.2.2.2"
echo 修改主 DNS 为 %mainDNS%
netsh interface ip set dns name="%ConName%" static addr=%mainDNS% register=primary
echo 修改副 DNS 为 %secondDNS%
netsh interface ip add dnsservers name="%ConName%" addr=%secondDNS% index=2
pause
2.Windows DNS查询脚本
ip=$(ip a | grep 10.114. | awk -F " " '{print $2}')
dns=$( cat /etc/resolv.conf | grep nameserver | awk -F " " '{print $2}')
echo $ip $dns
3.Windows 磁盘查询脚本
echo 分区信息:
wmic LOGICALDISK where mediatype='12' get description,deviceid,filesystem,size,freespace
set tee=0
echo.
for /f "tokens=4" %%a in ('route print^|findstr 0.0.0.0.*0.0.0.0') do (
set IP=%%a
)
echo 本机地址:%IP%
pause
4.Linux磁盘查询脚本
#!/bin/bash
disk_unit=$(lsblk |egrep '^(v|s)d[a-z]' |awk '{print $4}' |sed -n '1p' |sed 's/\(.*\)\(.\)$/\2/')
disk_space=$(lsblk |egrep '^(v|s)d[a-z]' |awk '{print $4}'|sed 's/[a-Z]//'|awk '{disk[$1]++} END {for(i in disk){print i}}' |awk '{sum +=$1};END{print sum}')
ip=$(ip addr | awk '/^[0-9]+: / {}; /inet.*global/ {print gensub(/(.*)\/(.*)/, "\\1", "g", $2)}')
echo "磁盘总空间为${disk_space}${disk_unit}"
echo "IP地址为${ip}"
unit=$(fdisk -l | grep "Disk /dev/sd" | awk -F '[ :,]+' '{printf "%.0f\n",$5/1072741824}' | awk -v total=0 '{total+=$1}END{printf "%.0f\t",total}')
use=$(df -k | grep -v "tmpfs" | egrep -A 1 "mapper|sd" | awk 'NF>1{print $(NF-3)}' | awk -v used=0 '{used+=$1}END{printf "%.2f\n",used/1048576}')
echo "核验$unit"
echo "使用$use"
5.Linux DNS 切换脚本
#!/bin/bash
anynowtime="date +'%Y-%m-%d %H:%M:%S'"
NOW="echo [\`$anynowtime\`][PID:$$]"
function precheck
{
ping -c 3 10.5.5.5
if [ "$?" -ne "0" ]; then
echo "ERROR: DNS服务器10.5.5.5 ping不通,终止执行..."
exit 1
else
echo "10.5.5.5正常ping通,继续执行..."
fi
# # 扫描需要修改的网卡配置列表
# egrep -nr "DNS1=10.114." /etc/sysconfig/network-scripts | awk -F':' '{ print $1 }' | egrep -v "backup|bak|^$" | sort | uniq > /root/ifcfg_list.txt
# 检查网卡配置是否有DNS,以及NetworkManager是否启用
egrep -nr "DNS1=10.114|DNS1=10.113" /etc/sysconfig/network-scripts && systemctl is-active NetworkManager
if [ "$?" -eq "0" ]; then
echo -e "ERROR: /etc/sysconfig/networks有配置网卡级别的DNS,请自行配置"
exit 1
else
echo "未检测到网卡级别DNS配置或者NetworkManager inactive,继续执行..."
[ -f /root/ifcfg_list.txt ] && rm /root/ifcfg_list.txt || echo
fi
}
function backup_resolv
{
backuptime=`date +'%Y%m%d%H%M%S'`
backupfile_time="/etc/resolv.conf.bak.${backuptime}"
cp /etc/resolv.conf ${backupfile_time} && echo "/etc/resolv.conf已备份至${backupfile_time}"
[ -f /etc/resolv.conf.bak.cyc ] || cp /etc/resolv.conf /etc/resolv.conf.bak.cyc
echo
}
function update_resolv
{
backup_resolv
cat > /etc/resolv.conf << EOF
nameserver 10.5.5.5
nameserver 10.5.5.4
EOF
# 保持search配置不变
egrep "^search" /etc/resolv.conf.bak.cyc >> /etc/resolv.conf
}
function backup_and_update_network_script
{
backuptime=`date +'%Y%m%d%H%M%S'`
sed -e 's|^DNS1=10\.114.*|DNS1=10.5.5.5|g' \
-e 's|^DNS2=10\.113.*|DNS2=10.5.5.4|g' \
-i.backup.${backuptime} \
$1
echo "已完成${1}配置修改,并备份至${1}.backup.${backuptime}"
}
function batch_update_network_scripts
{
[ -f /root/ifcfg_list.txt ] && cat /root/ifcfg_list.txt | while read line; do
[ -f ${line}.backup.cyc ] || cp ${line} ${line}.backup.cyc
backup_and_update_network_script ${line}
done
echo
}
function update
{
update_resolv
batch_update_network_scripts
}
function restore
{
# 还原resolv.conf配置
[ -f /etc/resolv.conf.bak.cyc ] && cat /etc/resolv.conf.bak.cyc > /etc/resolv.conf || echo "未发现备份文件resolv.conf.bak.cyc"
# 还原网卡配置
[ -f /root/ifcfg_list.txt ] && cat /root/ifcfg_list.txt | while read line; do
[ -f ${line}.backup.cyc ] && cat ${line}.backup.cyc > ${line} || echo "未发现备份文件${line}.backup.cyc"
done
echo "INFO: 已完成配置回退"
}
function check
{
echo "当前DNS配置为:"
cat /etc/resolv.conf
cat /etc/resolv.conf | egrep "10.5.5.5|10.5.5.4" | wc -l | grep 2 && echo "SUCCESS: 已修改为新DNS,10.5.5.5和10.5.5.4" || echo "ERROR: 当前DNS配置不是10.5.5.5和10.5.5.4,请手动检查/etc/resolv.conf"
[ -f /root/ifcfg_list.txt ] && cat /root/ifcfg_list.txt | while read line; do
egrep "DNS1=10.5.5.5|DNS2=10.5.5.4" ${line} | wc -l | grep 2 && echo "SUCCESS: ${line}配置已修改" || echo "ERROR: 网卡配置的DNS不是10.5.5.5和10.5.5.4,请手动检查${line}"
done
echo
}
if [ -z $1 ]; then
action="update"
else
action=$1
fi
case $action in
"update")
precheck && update && check && job_success $action
;;
"restore")
restore && check && job_success $action
;;
"check")
check && job_success $action
;;
*)
echo "$action"
;;
esac
6.Windows安全基线加固-NTP配置
REM 配置WINDOWS NTP
net start w32time
sc config w32time start= auto
REM 配置NTP同步频率、w32time开机自启动
@echo Windows Registry Editor Version 5.00>>ntp.reg
@echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time\TimeProviders\NtpClient]>>ntp.reg
@echo "SpecialPollInterval"=dword:0000012c>>ntp.reg
@echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time\TriggerInfo\0]>>ntp.reg
@echo "Type"=dword:00000000>>ntp.reg
@regedit /s ntp.reg
@del ntp.reg
w32tm /config /manualpeerlist:"ntp.aliyun.com,0x9" /syncfromflags:manual /update
net stop w32time
net start w32time
w32tm /resync
7.Windows安全基线加固-SMB共享关闭
:: 删除默认共享,请自行增删盘符
@prompt #
REM 删除当前默认共享
net share c$ /delete
net share d$ /delete
net share admin$ /delete
net share ipc$ /delete
sc stop browser
sc stop dfs
sc stop lanmanserver
REM disabled表示禁用,demand表示手动,auto表示自动
sc config browser start= disabled
sc config dfs start= disabled
sc config lanmanserver start= disabled
REM 修改共享的注册表
@echo Windows Registry Editor Version 5.00>>share.reg
@echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanServer\Parameters]>>share.reg
@echo "AutoShareWks"=dword:0>>share.reg
@echo "AutoShareServer"=dword:0>>share.reg
@regedit /s share.reg
@del share.reg
7.Linux服务监视脚本,崩溃了自动启动
#!/bin/sh
#切换到脚本目录
cd /opt/zabbix6.2/zabbix-docker/
#配置查询命令
project=`docker ps | grep my-zabbix-server-v1`
date=`date`
server_name="zabbix-web"
#配置条件及执行命令
# $? -ne 0 不存在
# $? -eq 0存在
if [[ $project -eq 0 ]]
then
docker start a5a
echo `date +%Y-%m-%d` `date +%H:%M:%S` $server_name >> /home/restart.log
fi
7.Windows服务监视脚本,崩溃了自动启动
@echo off
rem serveraut:
set secs=60
set srvname="Print Spooler"
echo.
echo ========================================
echo == To query the computer service status, ==
echo ==Once every 60 seconds,==
echo == If it stops, start it immediately ==
echo ========================================
echo.
echo servername:%srvname%
echo.
if %srvname%. == . goto end
:chkit
set svrst=0
for /F "tokens=1* delims= " %%a in ('net start') do if /I "%%a %%b" == %srvname% set svrst=1
if %svrst% == 0 net start %srvname%
set svrst=
rem The following commands are used for delay, which might otherwise result in a full load of a single cpu core.
ping -n %secs% 127.0.0.1 > nul
goto chkit
:end