远程控制目标计算机
先要连到目标计算机的注册表,并修改以下值,然后重新启动
[HEKY_LOCAL_MACHINE\SOFTWARE\MIcrosoft\Windows\CurrentVersion\Netcache] "enable"="0"
[HEKY_LOCAL_MACHINE\SOFTWARE\MIcrosoft\Windows\CurrentVersion\Winlogon] "ShutdownWithoutLogon"="0"
[HEKY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer
"EnableAdminTSRemote"=dword:00000001
[HEKY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
"TSEnabled"=dword:00000001
[HEKY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD
"Start"=dword:00000002
[HKEY_USERS\.DEFAULT\KeyboardLayout\Toggle]
"Hotkey"="1"

禁止访问和编辑注册表
如果是域环境,可以在组策略里修改,在用户配置-管理模版-系统里启用阻止修改注册表
也可以对注册表编辑器修改,regedit
HKEY_CURRENT_USER\Software\Mocrosoft\Windows\CurrentVersion\Policies里新建System项,然后新建DWORD值,命名为DisableRegistryTools,并将值改为1,重启后生效

关闭默认共享
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/LanmanServer/Parameters右键新建DWORD值,命名为AutoShareServer,类型为REG_DWORD,值为0
防止SYN洪水***
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters里新建DWORD值,命名为SynAttackProtect,并将值设为2,再新建一个DWORD值,命名EnablePMTUDiscovery,值为0,还有五个:NoNameReleaseOnDemand 值1    EnableDeadGWDetect 值0    KeepAliveTime 值300,00   PerformRouterDiscovery 值0   EnableICMPRedirects 值0