[windows] windows default setting

::snmp 설치

servermanagercmd -install snmp-services

 

::community 설정 및 snmp-trap 설정

reg delete HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers /va /f

reg add HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities /v COMMUNITY /t reg_dword /d 4 /f

reg add HKLM\SYSTEM\CurrentControlSet\services\SNMP\Parameters /v EnableAuthenticationTraps /t reg_dword /d 0 /f

 

::snmp-informant 설치

c:\gss\informant-std-17.exe /norestart /verysilent

 

:: firewall 정책 설정 [서버 방화벽 사용시 해당 옵션은 제거]

netsh advfirewall set allprofiles settings remotemanagement enable

netsh firewall set opmode disable

netsh advfirewall set allprofiles state off

 

::winrm setting – 리모트 프로토콜 사용시

winrm s winrm/config/service/auth @{Basic=”true”}

winrm s winrm/config/service @{AllowUnencrypted=”true”}

 

 

::사용자 USER 및 그룹 ADD

net user 사용자 /add

net localgroup administrators 사용자 /add

net user 사용자 비밀번호

 

::TCP TimeWaitDelay 30초 적용

reg add “HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters” /v TcpTimedWaitDelay /t REG_DWORD /d “0x1E” /f

 

:: TCP 최대 접속 수 65534적용

reg add “HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters” /v MaxUserPort /t REG_DWORD /d “65534” /f

 

::Enable RDP

reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f

 

::RDP 접근 2명 허용

reg add “hklm\system\currentcontrolset\control\terminal server\winstations\rdp-tcp” /v MaxInstanceCount /t reg_dword /d 0x2 /f

 

::RDP 멀티 세션 허용

reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fSingleSessionPerUser /t reg_dword /d 0x0 /f

 

::Telnet Client 설치

ServerManagerCmd.exe -install Telnet-Client

글쓴이