BAT文件 netstat_tcp_restart.bat (判断TCP连接数情况并执行MYSQL、IIS、主机重启,以防止攻击。可利用执行计划数分钟执行一次检测)
@echo off setlocal enabledelayedexpansion for /f %%i in ('netstat -an') do ( set /a a+=1 ) rem ======本程序将交由VBS执行,执行时不会显示窗口,vbs文件如下:========= rem createobject ("wscript.shell").run "netstat_tcp_restart.bat",0 :: echo "本脚本用于检测TCP数量,防止网络攻击时IIS假死" :: echo "每10min运行一次,每次执行5秒-1分钟左右" :: echo "本脚本运行完自动关闭,请不要手动操作! " :: echo %a% if %a% GTR 10000 ( rem echo "网络异常,tcp使用: %a%" if %a% GTR 15000 ( if %a% GTR 40000 ( rem echo ">40000 connections now restart computer!" shutdown -r -t 0 ping 127.0.0.1 -n 60 > nul ) else ( rem echo "15000<tcp numbers<40000 restart iis" rem "C:\Program Files\osinit\bin\reset-network" 1>nul 2>nul C:\Windows\System32\iisreset.exe ping 127.0.0.1 -n 50 > nul ) ) else ( rem echo "10000<tcp numbers<15000 restart mysql" net stop mysql5 net start mysql5 ping 127.0.0.1 -n 30 > nul ) ) else ( rem echo "网络正常,tcp使用: %a%" rem ping 127.0.0.1 -n 5 > nul ) @echo on exit
BAT文件 database_backup.bat (执行MYSQL备份。可利用执行计划每天凌晨5点进行一次)
@echo off
set filename=%date:~0,4%%date:~5,2%%date:~8,2%%time:~0,2%%time:~3,2%%time:~6,2%
D:\mysql\bin\mysqldump.exe -uwebuser01 -pxxxxxx -B mydbname > E:\database_backup\everyday\mydbname-%filename%.sql ping 127.0.0.1 -n 10 > nul @echo on exit
BAT文件 regtxt.bat (右键->w->t 快捷新建文本文档。可利用执行计划在每次开机时执行一次)
@echo off for /f "tokens=1 delims=" %%i in ('reg query "HKEY_CLASSES_ROOT\Local Settings\Muicache"') do (set txt=%%i) for /f "tokens=1 delims=" %%i in ('reg query "%txt%"') do (set txt=%%i) for /f "tokens=1 delims= " %%i in ('reg query "%txt%" ^| find /i "notepad" ^| find "-469" ') do ( @reg add "%txt%" /v "%%i" /t REG_SZ /d "文本文档(&T)" /f ) pause
BAT文件监测服务器内存并发邮件及重启IIS:
定时计划(mem-timetask.vbs) 3MIN一次
createobject ("wscript.shell").run "MEM_isok.bat",0
MEM_isok.bat
@echo off for /f "tokens=1,* delims==" %%i in ('systeminfo^|find "可用的物理内存"') do ( set b= %%i ) REM echo %b% set q = , set r = %% set a=%b:~12,5% set a=%a:,=% set /a c=%a% REM echo %c%MB if %c% LSS 4096 ( C:\Windows\System32\MEM_windows_send_email.vbs %c% ping 127.0.0.1 -n 10 > nul ) if %c% LSS 1024 ( REM echo "<1024:%c%" C:\Windows\System32\iisreset.exe ping 127.0.0.1 -n 40 > nul ) @echo on exit
send_email.vbs
TOTAL = 32*1024 MEM1 = WScript.Arguments(0) MEM2 = TOTAL-WScript.Arguments(0) NameSpace = "http://schemas.microsoft.com/cdo/configuration/" Set Email = CreateObject("CDO.Message") Email.From = "XXX1@163.com" Email.To = "XXX2@qq.com" Email.Subject = "*.*.*.*,内存已使用"&MEM2&"MB / 32G" Email.Textbody = "服务器IP:*.*.*.*"&vbcrlf&"内存已用:"&MEM2&"MB"&vbcrlf&"内存可用:"&MEM1&"MB / 8G"&VBCRLF&"当前时间:"&NOW() :: REM Email.AddAttachment "c:\1.txt" With Email.Configuration.Fields .Item(NameSpace&"sendusing") = 2 .Item(NameSpace&"smtpserver") = "smtp.163.com" .Item(NameSpace&"smtpserverport") = 25 .Item(NameSpace&"smtpauthenticate") = 1 .Item(NameSpace&"sendusername") = "XXX1@163.com" .Item(NameSpace&"sendpassword") = "YYYYYYYYYYYYYYYY" .Update End With Email.Send
同上类似的CPU监测BAT:
@echo off for /f "tokens=2 delims==" %%a in ('wmic path Win32_PerfFormattedData_PerfOS_Processor get PercentProcessorTime /value^|findstr "PercentProcessorTime"') do ( set b=%%a ) set /a c=%b% REM echo %c%%% if %c% GTR 75 ( REM echo "cpu >1%:%c%" C:\Windows\System32\CPU_windows_send_email.vbs %c% 0 ping 127.0.0.1 -n 10 > nul ) if %c% GTR 95 ( REM echo ">90%:%c%" REM C:\Windows\System32\iisreset.exe ping 127.0.0.1 -n 40 > nul C:\Windows\System32\CPU_windows_send_email.vbs %c% 1 ping 127.0.0.1 -n 10 > nul ) @echo on exit
浙公网安备 33010602011771号