From 2c8ca80aef045fd852142c08aa488674627f4c24 Mon Sep 17 00:00:00 2001 From: s0cke3t <1510536500@qq.com> Date: Mon, 15 Jan 2024 16:08:43 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8F=91=E5=B8=83v1.1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Main.Designer.cs | 228 ++++++++++++++++------------- Main.cs | 39 ++++- Main.resx | 3 + Properties/AssemblyInfo.cs | 4 +- README.md | 73 ++++++--- RegistryHelper.cs | 55 ++++++- Report.cs | 4 +- WindowsBaselineAssistant.csproj | 7 +- assets/image-20240115155426706.png | Bin 0 -> 40916 bytes assets/image-20240115160311962.png | Bin 0 -> 1851 bytes assets/image-20240115160420571.png | Bin 0 -> 1928 bytes item.xml | 160 ++++++++++++-------- 12 files changed, 375 insertions(+), 198 deletions(-) create mode 100644 assets/image-20240115155426706.png create mode 100644 assets/image-20240115160311962.png create mode 100644 assets/image-20240115160420571.png diff --git a/Main.Designer.cs b/Main.Designer.cs index d0036c0..23a4b8f 100644 --- a/Main.Designer.cs +++ b/Main.Designer.cs @@ -36,16 +36,8 @@ private void InitializeComponent() System.Windows.Forms.DataGridViewCellStyle dataGridViewCellStyle3 = new System.Windows.Forms.DataGridViewCellStyle(); System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(Main)); this.BaselineList = new Sunny.UI.UIDataGridView(); - this.NameColumn = new System.Windows.Forms.DataGridViewLinkColumn(); - this.DdescriptionColumn = new System.Windows.Forms.DataGridViewLinkColumn(); - this.ItemColumn = new System.Windows.Forms.DataGridViewLinkColumn(); this.uiContextMenuStrip = new Sunny.UI.UIContextMenuStrip(); this.OpenSubKeyToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem(); - this.FieldColumn = new System.Windows.Forms.DataGridViewLinkColumn(); - this.StandardColumn = new System.Windows.Forms.DataGridViewLinkColumn(); - this.RealityColumn = new System.Windows.Forms.DataGridViewLinkColumn(); - this.StatusColumn = new System.Windows.Forms.DataGridViewButtonColumn(); - this.FortifyColumn = new System.Windows.Forms.DataGridViewCheckBoxColumn(); this.CheckBtn = new Sunny.UI.UIButton(); this.FortifyBtn = new Sunny.UI.UIButton(); this.ReportBtn = new Sunny.UI.UIButton(); @@ -66,6 +58,16 @@ private void InitializeComponent() this.OSNameLabel = new Sunny.UI.UILabel(); this.checkAllCheckBox = new Sunny.UI.UICheckBox(); this.RepoLinkLabel = new Sunny.UI.UILinkLabel(); + this.showValueTypeuiCheckBox = new Sunny.UI.UICheckBox(); + this.NameColumn = new System.Windows.Forms.DataGridViewLinkColumn(); + this.DdescriptionColumn = new System.Windows.Forms.DataGridViewLinkColumn(); + this.ItemColumn = new System.Windows.Forms.DataGridViewLinkColumn(); + this.FieldColumn = new System.Windows.Forms.DataGridViewLinkColumn(); + this.StandardColumn = new System.Windows.Forms.DataGridViewLinkColumn(); + this.RealityColumn = new System.Windows.Forms.DataGridViewLinkColumn(); + this.StatusColumn = new System.Windows.Forms.DataGridViewButtonColumn(); + this.FortifyColumn = new System.Windows.Forms.DataGridViewCheckBoxColumn(); + this.ValueTypeColumn = new System.Windows.Forms.DataGridViewLinkColumn(); ((System.ComponentModel.ISupportInitialize)(this.BaselineList)).BeginInit(); this.uiContextMenuStrip.SuspendLayout(); this.SuspendLayout(); @@ -98,12 +100,13 @@ private void InitializeComponent() this.StandardColumn, this.RealityColumn, this.StatusColumn, - this.FortifyColumn}); + this.FortifyColumn, + this.ValueTypeColumn}); dataGridViewCellStyle4.Alignment = System.Windows.Forms.DataGridViewContentAlignment.MiddleLeft; dataGridViewCellStyle4.BackColor = System.Drawing.SystemColors.Window; dataGridViewCellStyle4.Font = new System.Drawing.Font("宋体", 12F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(134))); dataGridViewCellStyle4.ForeColor = System.Drawing.Color.FromArgb(((int)(((byte)(48)))), ((int)(((byte)(48)))), ((int)(((byte)(48))))); - dataGridViewCellStyle4.SelectionBackColor = System.Drawing.SystemColors.Highlight; + dataGridViewCellStyle4.SelectionBackColor = System.Drawing.Color.SkyBlue; dataGridViewCellStyle4.SelectionForeColor = System.Drawing.SystemColors.HighlightText; dataGridViewCellStyle4.WrapMode = System.Windows.Forms.DataGridViewTriState.False; this.BaselineList.DefaultCellStyle = dataGridViewCellStyle4; @@ -131,38 +134,6 @@ private void InitializeComponent() this.BaselineList.StripeOddColor = System.Drawing.Color.FromArgb(((int)(((byte)(235)))), ((int)(((byte)(243)))), ((int)(((byte)(255))))); this.BaselineList.TabIndex = 0; // - // NameColumn - // - this.NameColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.Fill; - this.NameColumn.HeaderText = "检测名称"; - this.NameColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; - this.NameColumn.LinkColor = System.Drawing.Color.Black; - this.NameColumn.Name = "NameColumn"; - this.NameColumn.Resizable = System.Windows.Forms.DataGridViewTriState.True; - this.NameColumn.TrackVisitedState = false; - this.NameColumn.VisitedLinkColor = System.Drawing.Color.Black; - // - // DdescriptionColumn - // - this.DdescriptionColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.Fill; - this.DdescriptionColumn.HeaderText = "描述"; - this.DdescriptionColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; - this.DdescriptionColumn.LinkColor = System.Drawing.Color.Black; - this.DdescriptionColumn.Name = "DdescriptionColumn"; - this.DdescriptionColumn.TrackVisitedState = false; - this.DdescriptionColumn.VisitedLinkColor = System.Drawing.Color.Black; - // - // ItemColumn - // - this.ItemColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.Fill; - this.ItemColumn.ContextMenuStrip = this.uiContextMenuStrip; - this.ItemColumn.HeaderText = "注册/SecEdit表项"; - this.ItemColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; - this.ItemColumn.LinkColor = System.Drawing.Color.Black; - this.ItemColumn.Name = "ItemColumn"; - this.ItemColumn.TrackVisitedState = false; - this.ItemColumn.VisitedLinkColor = System.Drawing.Color.Black; - // // uiContextMenuStrip // this.uiContextMenuStrip.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(238)))), ((int)(((byte)(248)))), ((int)(((byte)(248))))); @@ -182,57 +153,6 @@ private void InitializeComponent() this.OpenSubKeyToolStripMenuItem.Text = "打开注册表项"; this.OpenSubKeyToolStripMenuItem.Click += new System.EventHandler(this.OpenSubKeyToolStripMenuItem_Click); // - // FieldColumn - // - this.FieldColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.ColumnHeader; - this.FieldColumn.HeaderText = "注册/SecEdit表字段"; - this.FieldColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; - this.FieldColumn.LinkColor = System.Drawing.Color.Black; - this.FieldColumn.Name = "FieldColumn"; - this.FieldColumn.TrackVisitedState = false; - this.FieldColumn.VisitedLinkColor = System.Drawing.Color.Black; - this.FieldColumn.Width = 156; - // - // StandardColumn - // - this.StandardColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.AllCells; - this.StandardColumn.HeaderText = "标准值"; - this.StandardColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; - this.StandardColumn.LinkColor = System.Drawing.Color.Black; - this.StandardColumn.Name = "StandardColumn"; - this.StandardColumn.TrackVisitedState = false; - this.StandardColumn.VisitedLinkColor = System.Drawing.Color.Black; - this.StandardColumn.Width = 60; - // - // RealityColumn - // - this.RealityColumn.HeaderText = "检测值"; - this.RealityColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; - this.RealityColumn.LinkColor = System.Drawing.Color.Black; - this.RealityColumn.Name = "RealityColumn"; - this.RealityColumn.TrackVisitedState = false; - this.RealityColumn.VisitedLinkColor = System.Drawing.Color.Black; - // - // StatusColumn - // - this.StatusColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.AllCells; - dataGridViewCellStyle3.Alignment = System.Windows.Forms.DataGridViewContentAlignment.MiddleCenter; - dataGridViewCellStyle3.ForeColor = System.Drawing.Color.Red; - this.StatusColumn.DefaultCellStyle = dataGridViewCellStyle3; - this.StatusColumn.FlatStyle = System.Windows.Forms.FlatStyle.Flat; - this.StatusColumn.HeaderText = "检测结果"; - this.StatusColumn.Name = "StatusColumn"; - this.StatusColumn.Resizable = System.Windows.Forms.DataGridViewTriState.True; - this.StatusColumn.Width = 76; - // - // FortifyColumn - // - this.FortifyColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.ColumnHeader; - this.FortifyColumn.HeaderText = "加固"; - this.FortifyColumn.Name = "FortifyColumn"; - this.FortifyColumn.Resizable = System.Windows.Forms.DataGridViewTriState.False; - this.FortifyColumn.Width = 44; - // // CheckBtn // this.CheckBtn.Cursor = System.Windows.Forms.Cursors.Hand; @@ -447,10 +367,10 @@ private void InitializeComponent() this.checkAllCheckBox.Cursor = System.Windows.Forms.Cursors.Hand; this.checkAllCheckBox.Font = new System.Drawing.Font("宋体", 12F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(134))); this.checkAllCheckBox.ForeColor = System.Drawing.Color.FromArgb(((int)(((byte)(48)))), ((int)(((byte)(48)))), ((int)(((byte)(48))))); - this.checkAllCheckBox.Location = new System.Drawing.Point(984, 535); + this.checkAllCheckBox.Location = new System.Drawing.Point(988, 535); this.checkAllCheckBox.MinimumSize = new System.Drawing.Size(1, 1); this.checkAllCheckBox.Name = "checkAllCheckBox"; - this.checkAllCheckBox.Size = new System.Drawing.Size(67, 29); + this.checkAllCheckBox.Size = new System.Drawing.Size(63, 29); this.checkAllCheckBox.TabIndex = 11; this.checkAllCheckBox.Text = "全选"; this.checkAllCheckBox.CheckedChanged += new System.EventHandler(this.checkAllCheckBox_CheckedChanged); @@ -470,12 +390,122 @@ private void InitializeComponent() this.RepoLinkLabel.VisitedLinkColor = System.Drawing.Color.FromArgb(((int)(((byte)(230)))), ((int)(((byte)(80)))), ((int)(((byte)(80))))); this.RepoLinkLabel.Click += new System.EventHandler(this.RepoLinkLabel_Click); // + // showValueTypeuiCheckBox + // + this.showValueTypeuiCheckBox.Cursor = System.Windows.Forms.Cursors.Hand; + this.showValueTypeuiCheckBox.Font = new System.Drawing.Font("宋体", 12F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(134))); + this.showValueTypeuiCheckBox.ForeColor = System.Drawing.Color.FromArgb(((int)(((byte)(48)))), ((int)(((byte)(48)))), ((int)(((byte)(48))))); + this.showValueTypeuiCheckBox.Location = new System.Drawing.Point(925, 570); + this.showValueTypeuiCheckBox.MinimumSize = new System.Drawing.Size(1, 1); + this.showValueTypeuiCheckBox.Name = "showValueTypeuiCheckBox"; + this.showValueTypeuiCheckBox.Size = new System.Drawing.Size(126, 29); + this.showValueTypeuiCheckBox.TabIndex = 13; + this.showValueTypeuiCheckBox.Text = "显示数据类型"; + this.showValueTypeuiCheckBox.CheckedChanged += new System.EventHandler(this.showValueTypeuiCheckBox_CheckedChanged); + // + // NameColumn + // + this.NameColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.Fill; + this.NameColumn.HeaderText = "检测名称"; + this.NameColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; + this.NameColumn.LinkColor = System.Drawing.Color.Black; + this.NameColumn.Name = "NameColumn"; + this.NameColumn.Resizable = System.Windows.Forms.DataGridViewTriState.True; + this.NameColumn.TrackVisitedState = false; + this.NameColumn.VisitedLinkColor = System.Drawing.Color.Black; + // + // DdescriptionColumn + // + this.DdescriptionColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.Fill; + this.DdescriptionColumn.HeaderText = "描述"; + this.DdescriptionColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; + this.DdescriptionColumn.LinkColor = System.Drawing.Color.Black; + this.DdescriptionColumn.Name = "DdescriptionColumn"; + this.DdescriptionColumn.TrackVisitedState = false; + this.DdescriptionColumn.VisitedLinkColor = System.Drawing.Color.Black; + // + // ItemColumn + // + this.ItemColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.Fill; + this.ItemColumn.ContextMenuStrip = this.uiContextMenuStrip; + this.ItemColumn.HeaderText = "注册/SecEdit表项"; + this.ItemColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; + this.ItemColumn.LinkColor = System.Drawing.Color.Black; + this.ItemColumn.Name = "ItemColumn"; + this.ItemColumn.TrackVisitedState = false; + this.ItemColumn.VisitedLinkColor = System.Drawing.Color.Black; + // + // FieldColumn + // + this.FieldColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.ColumnHeader; + this.FieldColumn.HeaderText = "注册/SecEdit表字段"; + this.FieldColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; + this.FieldColumn.LinkColor = System.Drawing.Color.Black; + this.FieldColumn.Name = "FieldColumn"; + this.FieldColumn.TrackVisitedState = false; + this.FieldColumn.VisitedLinkColor = System.Drawing.Color.Black; + this.FieldColumn.Width = 156; + // + // StandardColumn + // + this.StandardColumn.HeaderText = "标准值"; + this.StandardColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; + this.StandardColumn.LinkColor = System.Drawing.Color.Black; + this.StandardColumn.Name = "StandardColumn"; + this.StandardColumn.TrackVisitedState = false; + this.StandardColumn.VisitedLinkColor = System.Drawing.Color.Black; + // + // RealityColumn + // + this.RealityColumn.HeaderText = "检测值"; + this.RealityColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; + this.RealityColumn.LinkColor = System.Drawing.Color.Black; + this.RealityColumn.Name = "RealityColumn"; + this.RealityColumn.TrackVisitedState = false; + this.RealityColumn.VisitedLinkColor = System.Drawing.Color.Black; + // + // StatusColumn + // + this.StatusColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.AllCells; + dataGridViewCellStyle3.Alignment = System.Windows.Forms.DataGridViewContentAlignment.MiddleCenter; + dataGridViewCellStyle3.ForeColor = System.Drawing.Color.Red; + this.StatusColumn.DefaultCellStyle = dataGridViewCellStyle3; + this.StatusColumn.FlatStyle = System.Windows.Forms.FlatStyle.Flat; + this.StatusColumn.HeaderText = "检测结果"; + this.StatusColumn.Name = "StatusColumn"; + this.StatusColumn.Resizable = System.Windows.Forms.DataGridViewTriState.True; + this.StatusColumn.Width = 76; + // + // FortifyColumn + // + this.FortifyColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.ColumnHeader; + this.FortifyColumn.HeaderText = "加固"; + this.FortifyColumn.Name = "FortifyColumn"; + this.FortifyColumn.Resizable = System.Windows.Forms.DataGridViewTriState.False; + this.FortifyColumn.Width = 44; + // + // ValueTypeColumn + // + this.ValueTypeColumn.AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.AllCellsExceptHeader; + this.ValueTypeColumn.HeaderText = "数据类型"; + this.ValueTypeColumn.LinkBehavior = System.Windows.Forms.LinkBehavior.NeverUnderline; + this.ValueTypeColumn.LinkColor = System.Drawing.Color.Black; + this.ValueTypeColumn.Name = "ValueTypeColumn"; + this.ValueTypeColumn.ReadOnly = true; + this.ValueTypeColumn.Resizable = System.Windows.Forms.DataGridViewTriState.False; + this.ValueTypeColumn.SortMode = System.Windows.Forms.DataGridViewColumnSortMode.Automatic; + this.ValueTypeColumn.TrackVisitedState = false; + this.ValueTypeColumn.Visible = false; + this.ValueTypeColumn.VisitedLinkColor = System.Drawing.Color.Black; + this.ValueTypeColumn.Width = 5; + // // Main // this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.None; this.BackColor = System.Drawing.Color.FromArgb(((int)(((byte)(238)))), ((int)(((byte)(248)))), ((int)(((byte)(248))))); this.ClientSize = new System.Drawing.Size(1078, 693); this.ControlBoxFillHoverColor = System.Drawing.Color.FromArgb(((int)(((byte)(51)))), ((int)(((byte)(171)))), ((int)(((byte)(160))))); + this.Controls.Add(this.showValueTypeuiCheckBox); this.Controls.Add(this.RepoLinkLabel); this.Controls.Add(this.checkAllCheckBox); this.Controls.Add(this.OSNameLabel); @@ -502,7 +532,7 @@ private void InitializeComponent() this.Name = "Main"; this.RectColor = System.Drawing.Color.FromArgb(((int)(((byte)(0)))), ((int)(((byte)(150)))), ((int)(((byte)(136))))); this.Style = Sunny.UI.UIStyle.Custom; - this.Text = "Windows基线检测加固助手"; + this.Text = "Windows基线检测加固助手 v1.1"; this.TitleColor = System.Drawing.Color.FromArgb(((int)(((byte)(0)))), ((int)(((byte)(150)))), ((int)(((byte)(136))))); this.ZoomScaleRect = new System.Drawing.Rectangle(15, 15, 800, 450); this.Load += new System.EventHandler(this.Main_Load); @@ -535,6 +565,9 @@ private void InitializeComponent() private Sunny.UI.UILabel IPLabel; private Sunny.UI.UILabel uiLabel7; private Sunny.UI.UILabel OSNameLabel; + private Sunny.UI.UICheckBox checkAllCheckBox; + private Sunny.UI.UILinkLabel RepoLinkLabel; + private Sunny.UI.UICheckBox showValueTypeuiCheckBox; private System.Windows.Forms.DataGridViewLinkColumn NameColumn; private System.Windows.Forms.DataGridViewLinkColumn DdescriptionColumn; private System.Windows.Forms.DataGridViewLinkColumn ItemColumn; @@ -543,7 +576,6 @@ private void InitializeComponent() private System.Windows.Forms.DataGridViewLinkColumn RealityColumn; private System.Windows.Forms.DataGridViewButtonColumn StatusColumn; private System.Windows.Forms.DataGridViewCheckBoxColumn FortifyColumn; - private Sunny.UI.UICheckBox checkAllCheckBox; - private Sunny.UI.UILinkLabel RepoLinkLabel; + private System.Windows.Forms.DataGridViewLinkColumn ValueTypeColumn; } } \ No newline at end of file diff --git a/Main.cs b/Main.cs index ee0e670..9fda10d 100644 --- a/Main.cs +++ b/Main.cs @@ -71,6 +71,11 @@ private void CheckBtn_Click(object sender, EventArgs e) BaselineList.Rows[index].Cells[0].Value = xmlNode["name"].InnerText; BaselineList.Rows[index].Cells[1].Value = xmlNode["description"].InnerText; BaselineList.Rows[index].Cells[4].Value = xmlNode["standard"].InnerText; + BaselineList.Rows[index].Cells[8].Value = "string"; + if (Util.ContainsElement(xmlNode, "valuetype")) + { + BaselineList.Rows[index].Cells[8].Value = xmlNode["valuetype"].InnerText; + } string queryType = xmlNode["type"].InnerText; string reality = string.Empty, section = string.Empty, warning = string.Empty; //string warning = string.Empty; @@ -78,8 +83,6 @@ private void CheckBtn_Click(object sender, EventArgs e) switch (queryType) { case "secedit": - BaselineList.Rows[index].Cells[2].Value = "-"; - BaselineList.Rows[index].Cells[3].Value = "-"; string mark = xmlNode["mark"].InnerText; (section, reality) = Util.GetResultByMark(mark); BaselineList.Rows[index].Cells[2].Value = section; @@ -95,22 +98,33 @@ private void CheckBtn_Click(object sender, EventArgs e) default: break; } - string dataType = xmlNode["dtype"].InnerText; - if (Util.ContainsElement(xmlNode, "warning")) + string assessment = xmlNode["assessment"].InnerText; + if (Util.ContainsElement(xmlNode, "manual")) { BaselineList.Rows[index].Cells[6].Value = "手动加固"; BaselineList.Rows[index].Cells[7].ReadOnly = true; + BaselineList.Rows[index].Cells[6].Style.ForeColor = Color.Orange; BaselineList.Rows[index].Cells[7].Style.BackColor = Color.Orange; BaselineList.Rows[index].Cells[7].ToolTipText = "该项不支持自动加固"; passCount++; continue; } + if (Util.ContainsElement(xmlNode, "ignore")) + { + BaselineList.Rows[index].Cells[6].Value = "已忽略"; + BaselineList.Rows[index].Cells[7].ReadOnly = true; + BaselineList.Rows[index].Cells[6].Style.ForeColor = UIColor.LayuiBlue; + BaselineList.Rows[index].Cells[7].Style.BackColor = UIColor.LayuiBlue; + BaselineList.Rows[index].Cells[7].ToolTipText = "该项配置为忽略"; + passCount++; + continue; + } BaselineList.Rows[index].Cells[6].Value = "不符合"; if (reality.Equals("未设置")) { continue; } - switch (dataType) + switch (assessment) { case "fixed"://注:固定值为不符合 if (!reality.Equals(standard)) @@ -228,13 +242,14 @@ private void FortifyBtn_Click(object sender, EventArgs e) { continue; } - string fortifyItem, fortifyField, fortifyValue = string.Empty; + string fortifyItem, fortifyField, fortifyValue, fortifyValueType = string.Empty; fortifyItem = dataGridViewRow.Cells["ItemColumn"].Value.ToString(); fortifyField = dataGridViewRow.Cells["FieldColumn"].Value.ToString(); fortifyValue = dataGridViewRow.Cells["StandardColumn"].Value.ToString(); + fortifyValueType = dataGridViewRow.Cells["ValueTypeColumn"].Value.ToString(); if (fortifyItem.Contains("HKEY")) { - RegistryHelper.SaveValue(fortifyItem, fortifyField, fortifyValue); + RegistryHelper.SaveValue(fortifyItem, fortifyField, fortifyValue, fortifyValueType); fortifyCount++; continue; } @@ -331,5 +346,15 @@ private void RepoLinkLabel_Click(object sender, EventArgs e) { Process.Start("https://github.com/DeEpinGh0st/WindowsBaselineAssistant"); } + + private void showValueTypeuiCheckBox_CheckedChanged(object sender, EventArgs e) + { + if (!showValueTypeuiCheckBox.Checked) + { + BaselineList.Columns[8].Visible = false; + return; + } + BaselineList.Columns[8].Visible = true; + } } } diff --git a/Main.resx b/Main.resx index 9a9c3ba..e46758f 100644 --- a/Main.resx +++ b/Main.resx @@ -144,6 +144,9 @@ True + + True + diff --git a/Properties/AssemblyInfo.cs b/Properties/AssemblyInfo.cs index a6e9671..0d5f063 100644 --- a/Properties/AssemblyInfo.cs +++ b/Properties/AssemblyInfo.cs @@ -28,5 +28,5 @@ // 生成号 // 修订号 // -[assembly: AssemblyVersion("1.0.0.0")] -[assembly: AssemblyFileVersion("1.0.0.0")] +[assembly: AssemblyVersion("1.1.0.0")] +[assembly: AssemblyFileVersion("1.1.0.0")] diff --git a/README.md b/README.md index 147b2e2..84a99ad 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ WindowsBaselineAssistant(WBA)是一个用于检测和加固Windows安全基线 ## 截图 -![UIMain](/assets/image-20240109220715021.png) +![UIMain](./assets/image-20240115155426706.png) ## 工具运行要求 @@ -30,13 +30,14 @@ WBA的所有规则位于`item.xml`文件中,其中检测规则分为`registry` ```xml - 检查是否已启用并正确配置ICMP攻击保护 - 配置ICMP攻击保护预防ICMP攻击,防止DOS攻击导致服务器停止响应与奔溃 + 检查源路由配置 + 源路由攻击有源地址欺骗、IP欺骗等,为了提高系统的可靠性,需要检查是否启用正确配置源路由攻击保护. registry - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters - EnableICMPRedirect - 0 - enum + HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters + DisableIPSourceRouting + 2 + enum + dword ``` | 名称 | 解释 | @@ -47,7 +48,8 @@ WBA的所有规则位于`item.xml`文件中,其中检测规则分为`registry` | registry | 检测项的注册表路径 | | regitem | 检测的注册表项 | | standard | 标准值 | -| dtype | 判定规则(见: 判定规则) | +| assessment | 判定规则(见: 判定规则) | +| valuetype | 注册表数据类型(见: 数据类型) | **secedit(读取config.cfg信息)** @@ -58,7 +60,7 @@ WBA的所有规则位于`item.xml`文件中,其中检测规则分为`registry` secedit MaximumPasswordAge 90 - greaternumber + greaternumber ``` | 名称 | 解释 | @@ -68,7 +70,29 @@ WBA的所有规则位于`item.xml`文件中,其中检测规则分为`registry` | type | 同上 | | mark | secedit文件中的键 | | standard | 同上 | -| dtype | 同上 | +| assessment | 同上 | + +**附加标识** + +manual: 用于标识检测项需要手动进行加固 + +```xml + + 1 + +``` + +![image-20240115160311962](./assets/image-20240115160311962.png) + +ignore: 用于标识检测项为已忽略 + +```xml + + 1 + +``` + +![image-20240115160420571](./assets/image-20240115160420571.png) **判定规则** @@ -81,14 +105,28 @@ WBA的所有规则位于`item.xml`文件中,其中检测规则分为`registry` | array | 检测项的标准值是一个数组(多行) | 相同: 符合 反之: 不符合 | | equals | 检测项的标准值等于检测值 | 相同: 符合 反之: 不符合 | +**数据类型** + +| 注册表类型 | 工具映射类型 | 类型解释 | +| ------------ | ------------ | ---------------------------------------------- | +| String | string | 字符串类型 | +| ExpandString | expandstring | 可扩展字符串类型的注册表值,通常包含了环境变量 | +| Binary | 暂不支持 | 二进制数据类型 | +| DWord | dword | 32位整数类型 | +| QWord | qword | 64位整数类型 | +| MultiString | multistring | 多行字符串类型 | +| Unknown | 默认 | 未知类型 | +| None | 暂不支持 | 没有特定类型 | + **例** -如现在要检测`重新传输的TCP连接阈值` -检测类型为`检索注册表` -检索的注册表路径为`HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\Tcpip\\Parameters` -检测项为`TcpMaxHalfOpenRetried` -标准值为`400` -检测值要小于此值时`判定符合` +如现在要检测`重新传输的TCP连接阈值` +检测类型为`检索注册表 ` +检索的注册表路径为`HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\Tcpip\\Parameters` +检测项为`TcpMaxHalfOpenRetried` +标准值为`400` +数据类型为`DWord` +检测值要小于此值时`判定符合` ```xml @@ -98,7 +136,8 @@ WBA的所有规则位于`item.xml`文件中,其中检测规则分为`registry` HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters TcpMaxHalfOpenRetried 400 - lessnumber + lessnumber + dword ``` diff --git a/RegistryHelper.cs b/RegistryHelper.cs index 5ea483c..1efd375 100644 --- a/RegistryHelper.cs +++ b/RegistryHelper.cs @@ -23,9 +23,9 @@ private static string ArrayToString(string[] strings) string result = string.Empty; foreach (var item in strings) { - result = result + item + "\r\n"; + result = result + item + ","; } - return result; + return result.Substring(0, result.Length - 1); } private static (RegistryKey, string) FormatBaseKey(string fullSoftwareKey) @@ -106,17 +106,22 @@ public static string GetValue(RegistryKey registryKey, string softwareKey, strin public static void SaveValue(string softwareKey, string key, string value) { (RegistryKey registryKey, string subKey) = FormatBaseKey(softwareKey); - //return GetValue(registryKey, subKey, key); - SaveValue(registryKey, subKey, key, value); + SaveValue(registryKey, subKey, key, value, "String"); } + + public static void SaveValue(string softwareKey, string key, string value, string kind) + { + (RegistryKey registryKey, string subKey) = FormatBaseKey(softwareKey); + SaveValue(registryKey, subKey, key, value, kind); + } /// /// Saves the key and the value to registry. /// /// registry key /// the value of the key /// Returns true if successful, otherwise return false. - public static void SaveValue(RegistryKey registryKey, string softwareKey, string key, string value) + public static void SaveValue(RegistryKey registryKey, string softwareKey, string key, string value, string kind) { try { @@ -136,13 +141,47 @@ public static void SaveValue(RegistryKey registryKey, string softwareKey, string { reg = registryKey.CreateSubKey(softwareKey); } - reg.SetValue(key, value); - //return true; + (RegistryValueKind valueType, object valueReality) = GetValueKind(kind, value); + reg.SetValue(key, valueReality, valueType); } catch (Exception) { throw; - //return false; + } + } + + /// + /// ȡļ + /// + /// + /// תע + /// + private static (RegistryValueKind, object) GetValueKind(string kind, string value) + { + RegistryValueKind valueType; + switch (kind) + { + case "string": + valueType = RegistryValueKind.String; + return (valueType, value); + case "expandstring": + valueType = RegistryValueKind.ExpandString; + return (valueType, value); + /*case "Binary": + valueType = RegistryValueKind.Binary; + break;*/ + case "dword": + valueType = RegistryValueKind.DWord; + return (valueType, value); + case "qword": + valueType = RegistryValueKind.QWord; + return (valueType, value); + case "multistring": + valueType = RegistryValueKind.MultiString; + return (valueType, value.Split(',')); + default: + valueType = RegistryValueKind.String; + return (valueType, value); } } #endregion diff --git a/Report.cs b/Report.cs index da84583..126f214 100644 --- a/Report.cs +++ b/Report.cs @@ -93,7 +93,7 @@ public static void WriteDataGridViewToExcel(DataGridView dataGridView, ISheet sh ICellStyle cellStyle = sheet.Workbook.CreateCellStyle(); // 写入表头 IRow headerRow = sheet.CreateRow(1); - for (int i = 0; i < dataGridView.Columns.Count - 1; i++) // 不输出最后一列数据 + for (int i = 0; i < dataGridView.Columns.Count - 2; i++) // 不输出最后两列数据 { ICell cell = headerRow.CreateCell(i); cell.SetCellValue(dataGridView.Columns[i].HeaderText); @@ -105,7 +105,7 @@ public static void WriteDataGridViewToExcel(DataGridView dataGridView, ISheet sh DataGridViewRow dataGridViewRow = dataGridView.Rows[i]; IRow excelRow = sheet.CreateRow(i + 2); - for (int j = 0; j < dataGridViewRow.Cells.Count - 1; j++) // 不输出最后一列数据 + for (int j = 0; j < dataGridViewRow.Cells.Count - 2; j++) // 不输出最后两列数据 { DataGridViewCell dataGridViewCell = dataGridViewRow.Cells[j]; ICell cell = excelRow.CreateCell(j); diff --git a/WindowsBaselineAssistant.csproj b/WindowsBaselineAssistant.csproj index 860b446..b4546e2 100644 --- a/WindowsBaselineAssistant.csproj +++ b/WindowsBaselineAssistant.csproj @@ -12,6 +12,7 @@ 512 true + false publish\ true Disk @@ -24,14 +25,13 @@ true 0 1.0.0.%2a - false false true AnyCPU - false - none + true + pdbonly false bin\Debug\ DEBUG;TRACE @@ -143,7 +143,6 @@ - diff --git a/assets/image-20240115155426706.png b/assets/image-20240115155426706.png new file mode 100644 index 0000000000000000000000000000000000000000..ac3368af6759e2ce9944941013291a905875b859 GIT binary patch literal 40916 zcmdqJbyQp5yY5Q`X^R&30>#}ON+Gxpef18X!}5S+hw-6hEiu|f=7G=Ru36!B!n#ps)a_Gy7ad+ z$go^v>s-BBKgWFnocL@IKwshOM(MrAa$F1lAe2OkC%wmSriqnMyzXGmgwY*ll>UK9+-_mg$RURwm zoLj%&QVrNrFOg)C6#zCWG8QW6PaVZLsVdQYoNrEr3+xaePprWP21&Gk&hH1C|3Yl| zw$h!1@uhtaMO&A}6TT<{C;w-4I1R^YAU_hz`-4B%6=F!>%j$_?(H`?rETrQz^~)r^ zI9OVf-k@y0bp2hO{pF}E5%9cpyVuyOU0$__^Ngv+{mDAH8fwX*p^1Drpz_aJ(c6a= zd=Bq3z0ZVizSOXnBZpP3@FpCD8mN!s7EY;ivL@V6d7cN+);tM|Cx(h8`-9KA#%QwujR+q2qzol#kL!o)|Sbw^) zwx&BqDgZ|pVfonyLPpO7%jv}XxA;yKm9|@Q<`O)FFIgihO0wP&{W+M){GKV}N&HY5 zZtvM#%k&_Z+z4%2DUCQUJl^Z;fQn<>sU!_S_TTB$chQpZi1YzmokF!1l9i3>S9$Z2 z6Q3qHkar#38gCD8ur|&cx?}^MRGpoug0I{UOaXuTg%H69^i~Q5E&$xyG-1U9kQev_ zw;joG8#NmZ(xPvp7NsU8!@sAoFk6|=sm&lfw1^t=gmi%}GQ)clx z=CUL6>>HwR4(&2w%SrLTh^ead@bv;d>tKQ5mX@K(M{`(skxGAh~wi3F6vtQpW(cS`k0_sdG)jtp%By{s^x{ivXp+RGg0mipd*7PBz zm#6vcv(Ut8(SZ$bD}E=4&Lbo2Yu-7iJIw>sBS9Zx8e=k*H1k!3hHH3*YY-fOC7ED( z!Xmbam;I)hPGpnk89a^=;_t}(c?vGRmlyR^m;!X32=A%_h(5CgIVXMiq5%+wGbqEH zUfPy5Xs?{vBzZfsmX3LGj{4zTsw}@oJo@DK-GMj^FT-JcWP1g6ahuE;xPWK1S(W%L zdDhOQAiMPdk&5yA2TaEl_-ND4*|6@Fn(Y$tG;k0!tz7~Nd{R!Uybd(oqO8NN7ANdj z>z1=6B$c$k)yd(**V!q6dG-paH{c)mhazQ_&Yz@P zgo&@LFsomrpq1`>aknM6A}P z<>e6MhoL)&pLJIuuy{`8bj7-JvZHUaO1_~wpLmnw49lC#g-W3tGZB+hrL&HOy_ZK> zH2>_CwnBCLC`DSi)BsvIcv01$D-48RPs7op(Eg^#s`=+|8J;Y*a zZ3ti4r3xHz?KVH9da&3Qsr~cSh*3S8)$*3d=q959ccg#q$TQE-JZp&`CTa`%&2_U8 zr!?*RXxd;5-$Bl?O3A{##Zb1Enlq2Vwst4ZSnE8ztWg*TZj7DM=gD=xkk}yj`U3rB zewYHbjN$H<-G$B)*_r%Qx>>r{olT~kP&-jWyJ32-PJYQc@@{VMiFCi4*k?^dS~wQP zYzh~+JGNlSiVjnfRkCkP{W2~NBl3r#9;-lJ<=9x3ZtOu2+vE9fDm8IbzNN5$>~JZn z9au?6*f3%IyM(VviycSj!_-E0=9|oOv$ymL_i6fKwyd-oMGKc&HNSLu&1KaPlP1ia zCm_(eNB%&rGS2F0_wIgQma-YV`8hEKmDYZQc7;hX4uGv9W!@*P~e7Ez} zR+ISo5EC(EVwJTjR=av3xNSU*elvgy_Fdnr-iJsmsB8smW8zvLralFL6mt!mgtd$P z^nE!yG%`b(4sn>$hu(Vwv10=85G+Z+sC7r$ZN7KxeAj;Rk?KaTc^(cf%yc}r6gu+d zGkq%nPia(}qXrEr9z&D;rHDa+`KR6Ed`7(^xJs;tew^V^ z6O0K6#*g{S$Gt^AVSZY8K5(e+DTQU1ObW(=hMscMdjd&xHAI67mfmz(Sy}Vp#+X4u zXUs>0sc3)W$*t!Ak_+JeDhut}_VgFEK)Hsmfy5AHZ~da&uj(5~$`1YpHd*``60*Q4(ZY1@$>VG0Hisv@lw``=Z!3-7 zm@1rS7fZLf!hY-CuXSEBYYf%ibmyENgDxiHhKfxMO@eNiXW+a-o)5_!;zrm{E5x9OuM?8u}X3eZ9+r z|4iEt(Z4+`0+_!^UcS6pmA+}pzAL+5Im8P-tG@~DGrexg30i$i`f5mYIRC3 zl}&d8yX=dHNJd4Z7i~JK)xjF|YyI-dZf1#c%q zaA+fkW9Y~_=vd=(iu85nP!)B+n>7#@xHW}FY{V@){${)9`~;redR%jUA(U$#rtB~! zxFKW0ixb`J-t+6H>FHU+!%cpjf-A|{7&Gxcyg|F6?3sPR5`W1edLPog5}7TlN~4ds z?WD$>t-xEOID=nIA;GMl{YJ0O?|)Br9#?S(ZwLpcqGsTJsd0BS>3k!`rTpaRlnqn= z6Nq2~*YtJ;so&TAiQnlujg?U_utN|dthYSWu;M$Mpnov}`jQ*k#2-HZdN7yW^9H6@VUhKi?P z8pqRK#={S%gjdY$ou`zig_kWUF}2UR+y{mCNA-*Q`>J#3rz;{sQ`S0Cy>Q#tV|wq- zm-?yMsbj@#nJJ{3K)Tz>PGi3ryyKM-g`4_3cPGdk!Q)wLwV$Wr?jY)0TK5|qB-;wf0-$o#=n%a=tIXMGx;dG(gm#-oV$ zZn`PJ?uYiI*0EgDf%W@Z*a<_5Π7s5%=qtonFqVHqhxn+I zGI>l?^4>u|KFL>USRQcZaSwc7o54PG>=F4JhwnK&X)-5oQX6dS^Q}jB{m(_Y`36!u z?jrSD(iow$(^~Aec3jGeA_)}v73MGIO=_Xfr{=mCC>75*8U`ynOzu^lxy{|ydi^#n zf*WSdN83TO$^uhTVcPoBTxutC+pKEJUSBBfD-p(|J2`~5PL)5EO-KCqC!5A#9D9th z+Ltrcymtw~tv9PVoWXbAX~FBJVmG-rgM~&Z6O6ElK0yO#_CWLt$A_A8P{I~F%0R`% zAY?YJ#Z`26yjW@ck13|Sl*X|aGWtOhgUao38v62*=-W!Vs=-+1;tJCF+x`g{JZt6R4N=Qr#%N$vFD-~Glg`W(36j4*o^LL8|L63cTkWvE<*2LdJ0@G$$vx8gpI@i+{bX_QiAGxRaSV=f zBWh`y|4P^sqyhnYAADK2eco2$vohEUil{P3f{t~;DzD_m3d_L;7M?gm(plLH=-tX@ z(tYXd-rw~Wmb9!NXbj{@sL}KyUT3h}-rscoPPyMqupeYyzv5Ev8TR{0^8mOk z=g};)XtHFpuy-b-mcSLRVl?Mw5_GmxVrEXX9<}#$NDtCxvB7vtqd2!$98!yzwNu(Y z_ZZpxhQHKI#3mp}_Ddv!Pp>H7Y+uKRN#%D%L%olwCA(S;znF)Zo)@rSW7peB1QhpV zm}QxJ)+pbCYPTsGe%N26>{-B_}TN25Q@wPjb_R1g)877 zHgro)TubuwTkQ28mo(1)X`o5T?%#aLromH{$to3y!b}gJ!A4!)rK#-7?2IXXn=0j$4n_yf zv}BN_4hz5lFS0VwE8m>tIOU1sKWB*FlGM;h!!Y!!%;b2jF8j;DSnGmEV+gO~`uMza zsruV_@Wo|B;a>>9qLm6buc!(>>EsID4EAGRue$A7_rC8kWTg$L4LF%L6-rroMjO~U z#7+6v^gz4#UjXrcL2VI)hOqjfg4tWfYsicl%l8?N+}fS@>YEP()%u1KAR6~mlXIYx zjdfaSb?4I|=^!Zkm)_L-R*63m(D2}XoH^I|uXE?kk8{=I&;CY57_hRKqZ1fTZ#>-?F?$;s8jS*aoHh3SJdr2HnQy3$Sh zG+S3=NZc+GTxp1j7Kn@L!=9&bc&%Y994(ra{)1lfe$({K!v9t{=x5`S6m%Qr&>=JE z+s_ms908bXw0fhi{aP0zLBh`cW`n!YjUdkyu`S$6it;Y~3iRHJpaC}+K0``Ww;8Aj zlYMWm8nRX{FE69~#CdFp7zOBMHHxAGZ7~hm25tMXFiz$<&2qS5lj@{=ug@}zne!ju zUske`3MfmrvkUoZAEq@e{I=CgS=O&QhL8Iv4NCA8*lF)mudEo@KEE1D<2LmO6}X?b zAYGi2G0BK$%M3BuDC&P;v!3kX;`xi;ubE{A$yF||IWZ`SIP27ARZ!A=i zy)pWx?@}n}-a^GxdX|7pbhfb#W*okW5dO$~1DCSQ_VP`86f04BrzA>OxK4SQPqf*d zrBs^hcnO%-CU=)K7X!5}B?n#EZ$8Y0wAG1H=FQZ!QjJH{9Dpul!~j4r2f6ar3ar0) zX4R*_N};8a)@)YNEnSpjkWl+jkIjC7M6hR}!r-;%ZIHA^4mArH;kIGqrNJ|OW~$*} z3cGyX5v>2Uqe*nt9v&Y$@A;ko*>(Ew26x%-DtfgvACSZjOHm%8T}0dU7DKUn;RaWZ zC-X(EF4y1Xw|p!hd#@Ad+3f0?KzrX|EvjCgcI*;lDjcde6)wFRX<}TKpinz^=kM7&Wvv zJ}cq_xg|xN8<3OO8%J@_(8teD89heZo3WwP`&ybW8|6Qn>J$s>0H>%f=~AuV#6EB! z%RQQCQQ23RkF(8j8Q3-k|=N2c;_9?0<1MD9|GvojZ%XxUvcG-ZawJEHr& zKl8Yxs}gtV;`S@Gf6j{Q_p5Ly#WRhh?`a^oRb;Fs#VK~q`OH%CslFadHUSq_1>@N7 zy%$Ul1QE}KQ;eOyuWe)H>@W;ED~8K=L9FdvjZ(!hCs^HZ)d$m6D>nL1ScC-UeX@y8 z_!wF9J3VAc`vAQ~liYp-Z^GOWc4UCk#tG~NJtmWP%0bXp4Tgq#+Mqb8u=Aparv4nK z`sFtu3|nBmgtYPHd04h~O-|`lrW}sNz)h$`^~|Go)d+;%?47*N0d-SBV(_I#A8RmT z#&2rjl(fBzXpF0Boy_@V!-9hD6_yt*pegd+f9)_TP)EG^;T*A-M~|Wsu^ant-n8|U zXugGlG`hF{V7%dvb`9FSmx4=9g1DHE+kd7k`%~=|8aY|dmjiT<;6P+o*=uA>8_;c}+y}ON`kH>>s8SebLE9|3$wApy&24?q` zIu=yuHxzufFL|4Af1%NF7an}NJ=Q*%zcgt?l%S%SQAsjuN5E^D<*+X7%Ztj6SmXS?vJKip$FY|8ZY{ZUwuw}LAga9 zRtv3u)et;&QhpOJ_1%52kyP+N1e<(HK{jx2s%=VWu#e}43MUnCl6nO$OFqsnF!3(j zR(VaTiRsru09>;u9@D(C-o;zeJG;3Fu(|vbunz6th2x%n?s>umwo`J*QIQ1qPb-aF z0q9GQ$in3&TR50Gcotf#i5;_==(QhA9U&#g{ePnFmcLZL)oA4pg)G+FxbkUBff4*5 zYd?ZQv0C=i7;QcEM!mA@mlUFiR|Zcp^Z46SCMu7o?3;$}$*yR>h>3D1)KwuSkSdx_ z{aUcHT@*ga_;I+MLtMQW*AY+xPTxOI_09<==w*z_H2F(}UtZ?{lf2=0m@(Z;#e&ck z;ZelrIm(X|W!9(DHb-b^U(!=(xTEIBSShiP%y+~Yopon;6m~7^UbRGUTmv%nNGYL5C!Sn4|$Tb0UtW7{=-oL2LnfA zcXM;EJvN(yuWxkk&zy5OzF<(c|AFLNk)V5N5yKDhH%rTsh9AEEYW~YpG;FyUmcbbB z?4_IEX2lo#k{{~Ud=KMyUcHH=u^Ae__0_x##Gph&i+wbCm37(PX-Hc$=gv*`hoon2 zHOtTJvK#lYbV3}64I>UX$pf93-(|aA5u%c59`v+K;)iiU70ZwP+opN~qH}^zb_dSF z&rNAL2MACIEyshmI^{_<@$r7<tGi+cLA2a;FL?bTC^pE|scU3J}3cA}sMcGRsaWtJ*j`sm@^b zoF=<0C04#Skutn<71+_Q5Ye83QGZ;~dlx&`^fRm)*<^Q7a8Vrn)GGalndK>aBd6g? zB+G)ItxAHIuj^Vnoum;_iw}OqcgnE}qZ%IE`jW{4_tAc_*LU9f+6{fbN}?#J`)qDY zd;7G)jd~9c2v1!ubOHwpC4gJG7x%oT2XR6U`L;C|Ex2&T56j<$pDJA^o*Uv|gtGkoP&rPE54B{pR96)ao z6K?!t4}M`ykuIM3k~f6|Z8gq}OO65k{@o-Aw;b9I;PWSNCn@@{Usq&1Kp z)iIXDuvoV%VCM&iozIKh`j%u!JjiJ|@J^w=u;YsG;7iy+@deXh^eC|=2gJ=!j(Lvs`$*zqr@L_MK-&HgB(rc^7cb^I zY9oR>k)t0=t=4P2@QX?x9iz9G<{g_(Q$0@efJ@rZdGdsc9dp4UiOzC8E1Q>kk;AzI*OOfg$wOMo#+aM#LPD^ zJu=QiviMPRtp&whC8tb+LPm&jkAOwY2LPO|WJzSyZAkOBbizds^yanhC@-(o;34uT zmFbo$9?URE8|EK@@ukQQA{J|R&!`7!jbO0Zf zU;L*QAbxvrKLlIEAqSbo9F%dcYQ5}(KeBWg$j53oyqqs*Jt`y5WRYaOE_oOIQ#-bp zKKx){5!N)OKV%bU1nHJ-n~fNyh!*5r)2V<7@ko z$e%C#Jh;Bi`^E}}6SU6j+X`uHZy`#5)7KHpe_6^}_x1K=${jEA#Hwj>tI(4zW;}&# ztYE3T10{A23%4onJd?&9`gkFRqsXx-s%pm3Hm;?xhB1ar2TJ}-Qf6sq#(rbjyTxav zoB_bkLyBXA`&*ABiyi!dj}jQ{@^|k6{wdn2jyM6wa|x0qklOW5C5M+<#|wcrL$(FZ zYEfXY9Z&%XzZr$zRbnt_mnsK-AUS+x$(+ku?8&1j%6T+9fF&U( zJX-3u$d61gP(%R97}yP2*03N0+O0dAUKU9h(7|A6%0g{JfU+1zvJS4qPP zx0INp?HOD)viakqcPD~`TlQj_bEmJ0-QRZxAj@8{DDedy*k;Z81N~ZMP zM9V{mf2q%i)x!$P+lOB#oBl{r7bBX#Gx-mav}_pAQ?$jQB#a>PFuJESWmld}$3Y!t zB@@AV^Zwaus@s+g`KrFv!;_N}AEIxVg*x!1N~Sb}`oh|{2-CX~>&7;yq?azYPVArh zjF9Zl=S%+C4pk=YVg?@>L?!|H6|bgAwAJ2p$GB{mO4UhOn!l7Cj9BXIkZMEPZ?Qiu zD4)}&E|icA9_y!w`&w9xZ)i6z@H zE>M_x)9~FPKT~PQbja`>(XO?YZnHUPk$K#{f^Ky7=)!~2EkYhXW3PL|ILs*` z!{(=WImAuJ4+?mK=MYBQsN;3bp>Pqe$v?EM(4bsbm(qvEDHioH)tw7Bby?p>#OEes z@yLNgW~+SqLX==mjEuZApSOWTij|$gf146ewcdDIBxctp0Ki;&eBw#_y3^c~9~6Do z?xk*{p1=Y&GSZ{Qn^x7{Jlgt*-BJQ1)elO>2PY@t7~!c4e@TA>Y)g@g4--T5j)iaY z=voI;MSRGPb*Z%QOq3b*Mp$4Lhjvt|ZM_SlBSk^vnT*@j|Af@0 zXX>}P`zLT@+!K;~YNd#-mu`JNu%VHIo^WI4ybw*`RX|U{1G=7jz;GL`m1kSu(LDMFs2^oX zj@Eh6e5x{SqV__eP&Xd@vMEJl{%&6%+q+>0JE2Yu!<>B~x>emT9w zk1q#HJsSE)EF^J85xiQ#cg5R(XFA3Vc9db}rw6+qP}Ud+`FY4sh+>^yd5@ibj% zZRq2zb)X|=$7*~k_L-&+o9*G3as0ziDKx>PJzw6DDH%-DIBmQBs9gjh3TN5#OGf~O z+kIyJ+}Dn`nw!{RJrrFM?d`&nI!Uc@7Qr)dRos-tJo2;Er6PyT%E*rX!AZ4WxQgjb zyvuOW3i@~1d|KNIK1|tO6{k+StjZ(Ydh!-xP~59l(Ppkt_jyyud6;Ir$@)CDk$7f+ zA%Iqbj^gqvbE{`FDR?LunJ9^~44-9FBWAHYP!VBR;Ym|VW|a>r{TuhyTvllF8$<7LPa{L3B8=rOK=m_GWboU`N1rz0jp2 z)?u&Q!Rv~^XD#7Kj@m6uIx$NcbQjHL_QncP2K4dtV`sxIoxt`|-jWa*I?*;OxF&Qg zRi{H#YLEH&i7en9$)DOa!W`Il+aw<4`-O@0xZs9nYxw$L;%zbtCr z#(||r`{~l8paK8F*o(FLRg~sMy;x^Kp4KS!X%ZChU*S}*!>8|7d->)NGD>1b^gmOn z`8i8mVMnRlQXR+ZIZ*a)5vk|@rc##zR^{KPkS@1nsaSQp`u;sPSyUw#N~4-%0*fy8 z9aCGP5FZl=w>4WEW|D))E?6x=fhd%PfU&hM9+8HLT)B_LnK%a>`W%iZb?2q)0?e*Vp-y9Iyrp=Q^(NpcsbfV5oH4b-Idhq42M_P0eHeiK%8lT&- zivv2nbSqVC`uv>*s^b@ra*C1zk5^Mj{#dhXjEEmmr<~%Fsj#u@J}*D31V3xXofeN{tIfh+o$y;VGEts_ zCG}*N=;4|Fq2+U&Z5WFaFi4v84QM;|Q0&748PjvKW3Jc2vT6c*)IU^O*d#|`pM5rM zZ<_*5!su*%Qg(<;4Nv@ja_o>(7Xj=!j5cha8g<;K*nYZdTqXhhtuCbDQ|1AdWmWJ% zr;3~!|75UWGQQBMPZO!N7E9C3dW9Ixt-8j)A}-5JQm)@`aDVOYCkI^n(2DRWaf%Rw zC_pUw0dcMUN9Ui=vlnzUSZ^eXjA3qa{&AA;icexGq|@2cCcE%;5`3{#p4Yo zw6HKKd9vq8(R5|(^pnEe;Vy&Yf5anzf2|{BdkLW z*R|7B<@yTG`(tfR%=g3K38-S*FE7GqqA2*EaIch5DeTv=to-)yP>K+z7iXFmVhd$P zF;O{wcVpdAPeGTUMb(aGp#Mi+GQoW2>C-6}BWkz`M<-3wYOu6Cl^emT5w3qa3nja- zV;KsC79bP~H5}?{B+hw!+ahtu z6Y&I%xtt^iR{y4d&}Y=(x*=`wGPr$oHoW5Dg4QW2xxyy=CN<|7DxhjK#fb;idKYr7 zOnBr*#(XqR5j>Cs!XyH*`HH8rGdhd?DH|P~yDxujWka11M>fipMbhvAG;2%fL-Hb)@o45wJAIJJmYq5JGg&wcnZJX&p(1w`&IK}pxUZy|O_^0$MAbQB^7f*8N%6P2 zinWEb>Iq7nn4gJk_4QUpOjLR8o_6pu`(AWoe}-fPadD+Gaao%Oy#iNTnc)UrXHjo# zhSM$uo0>GbC||zQoK!)p-!)>GHYiHsOZDUQU?mm-s+Zi~fOkBZ^LEy;VuMvex*HJs z)30P{JTJDMRen7_KAxke`eUMsNjm3f?VPZJv~mrAjbTXnZbh|l^sXm{%ETkfqhGql z)iWX)=ItR>A3^nb9BmU0o;X>X`KLMt9euAjl%Hf_TBipEmTuq48N#)qT2+urf}J-R zBiuUgmiK^`!1r?#AVCtzaaLY2X?T8|K(&l%qGUYZMNP6^l}Q$7*ZY4gQ?|X2OtwN; znvzX`XF(BxImG^t9vbtZRCb1S1`S?aSEYYq3+P|om-_D z{kiS_Cw55PR{yVuYN!XZ%?E_D_KmANZq3Qc+P}bqMpsM?!TiGk#jj~_@#FfNUv1LC z_d7T$0r!zP&TlCGe1&$h((N7NeEBPRJ-_O%HV^wxIk5r&D0Mq8gD&fD5)}KNywcA% zK9}Pf&ZMs||6g?-wQBIy8PbT4GJfc9%Ja)B4^Lor_CF-jIWAyHYY3Mh&8<(LUIclp zx@L7+NB!YMbw5wIw2MqszO>%L)~OE*?^nAvEl$Tal)kgD=+`y-DNa$^2%Qdd*sLOB zi`q*q^d0Gaseu%jfl8Uyr#}@`i#~YG(d3 zyhz)*L~Y2c9O)_27h2xGT`S+Pnu8j{C|VHvIfm?yP%fa4oaF7%39`7aiDu^>Ge&=S zXQm2?JvKHL_|kSX7f59L)4F1o)7>~uz05;n)NcKJEtV_eXoEUZsldNTGoi!eR7b;!5_j+Ewe5yaa*>ISccC1i1fXM1>COCU7g{2N-gOqkq1TNIYmT-yLvOX7s)w zdq|YZ9d}_Ts=(xsQ5-jYmD*H7BLBwutZvylJ1U7$!?%uy;Aor7xBmee5rN+eyWy9g z!}8sz+Q(pFG3(=nyKrBRmtR=EvMM1+rX4Cu%uT?%{S#73Exbt!iJU^~05XJ@vns0} zEDB5zY4lAwuhoT&aj=-d@5Ty$Ys&0maR_9Kq`sb{DW(Jy6Wef>LSyF1UgS0r1zETUkL z^P^LD#FBPfZ>(97Dsp$TXS{x7Ea7KJ3fs(>na2D&WgHs?8?dnO8R1HXp1^!J9>}3V zel_Vq$XrtAI<+33cm9@A<6c0rsBPO@Z63>dNmqpL=ErdtT&?I}#c44|)?}IN{4Hc6*anM%l zZtYxBKDM)aK7kZHk~B)$g_X;cju;5!lgWnwp3J$@qhsvV4IGJL%S&+i@~9GE91!xJ}(` zF|l3x)}|4;dS_@*kpY3lLmglC)0sJRK-97UrmWB|BFCBq*{N+ zBH=*QAiPSeM>mBKC*icEQu92P;W3)mhaEnV;#*JOv4>v3D=TH1l{jq&I?A7{@VE9; zuD1as3BOd41;|=qz5ybJP9s2&Od?lmFYj}CP z$r30Kn3}fFYY_vgm1N*X20XoqZqzP*JCyHb1(*aWvkLZUnO^|-B9y};-9)b`r(+$ZS+U6&m@8zc=aKJzRo}!eR~ACpPL4zQ z`V<6ydVbPbY+`MUh(qvI3`=DFCP~9EbBMK>&_C!$`w8C7^NkR=7dbX|3KE(2h$XeGUGBmDo-ckW;{QK=we8>ZEbnu` zsYqaM(80jK|KL?xcQylGta~rD{AYRfY~{ru(S5r@GJHI-pfmB2TU-#O=1UY%Y~oQc zeMAu^6~79iY&ZFQe6m5BfRwecbb_qKIe$?6t*eM`UkGSY@rBzv_Xu8%Y`=ppEucDn ze_Y({l79Ox_>^1PzxMVkZHLr9cI6z^6I&+uS)pU9JSvF_UrL1!MQe?&^RpW<2@w?$ zL$-x~qLQW|*SS|ToyVieE6L?1YFi8C=?u<&EOT7|AhNDsyTVua&t(LPF!$q10nLeJuSC_{^Y9{HsFeOesD@hu<-b}vd zZ8>%cXFM?ZM^#BK{!vv%DF+qp?YLcUBF$>$Ah9JXM6X>3-)TcQm8~?Lt5~d6xt5)K zI~oXJh8XTj&yFO8dQ{%}`zsuI8%j_>$vyqt!5o;Mh`N2TxE)cx<|j@P?sY6w$&LPw zR@Ms0o^oL{rzC7k_DvLLtY1Tkv7xP9eIHL>WOz^;KXogG<7iat4roNzfN%A|RcIzo zp29zHYJH$uRAmD8dxF?%8fX8B{<66B`(ZzZNlYW*g{jzFg;Z%9w)c>fE&tK8LyB7x zCBAW|63N(~T&IVqn8Ie%E4x4`is9tdl>6lhBUS3{pEO&xrD@X8W<($>o~pS0IqBA% zME*wf?r#5)$&y!%#mXb6xU8mS@R`%x-EcpdYk!Xf4}Kax)8J@I=I->}9KVwmS4l?p z{7KHyYvv>Mx?6nXQ;ze3>=&X!7Dxczhno2BF8u(vdD(VK20XS9%38;t25yu!UERz_ z6IZB>GCp$RZJ^WN(0Uju0Y{OA@T$^|)lvKTP8=?%OG-8x1yHNz$F`wb&RYiGq>m@A zD73h8HB5pGeDs@+M;0)jgBTYkio_(YMLnJ2#_#O3PHQD@t3@&zD;@((l$BF=HmjMD zM-VyTqMtLmvg)amWC&~5Rx~tW1+kZ`+cE&|v-76tqCjq!^p9ZN5ONnfY&=g*0Va`G;hi$M9JfHtbit z8r-Hr1d14=g=8kXaTY+H%Ny+a=O1Z7Tx=;Own^J}iTOgafJCCp)_M;}%@A{QAaBd# zgki~RBt=Ac-*JMGltx)*^AEMxF1^S<(&$_c*4(FTJlU&{pRR)L-`s2e_^pWpEyD?D z3Oc&Hp?o{6*YY{BV29f;oVAxGBC%1+p{LfIqzww@84sCU*uB+lzqTQ9z~r7sYb^A4 z(mNJ5vv&5UnrF!^C`yQ!)H@e;gaQNWpMqrDnL|AUzc{kaX8^vvbCL3PI;H7Wyt8Ky zT|uX=-z9Z&tTlwpKi0_zddzTcC|H)d>Y5la9fMiSQ|d6X@SL+I(%>v?f9g$6h8aD5 zx=N;3n00M2r8jPi9!Q6t`(gZ?twuV)7rsI8Z(a9f@Q@xvSWo!1qZlEzylw<}5x zzAE$2vd$5(bNj-1CSrys$9M4zX&U(1Gtxld&dn_I-IPggop2g|DR@2(|3S!)SB#X2 z{^0R4Fd}AkKshA!B4f$Guxru;YycuX5b`i zi#IRAGQVhIhD7{z>pC8x1d`SUo<`v{#P)ougZbWdc)_`lw*-+EKUQG=D5Xmi6D<`n z$x0jyJDy3-}6i|ys`Ol7wkVBuJ+h|vl|4|;r z!6YOlC6~OSEW!6Cf*OdAbtKY31J=wArFGN9S(A;@aY^{U$$`S-s0}S&)O`KG-GZp9 zO>TkTc9iYfp&*L#Yqi?K3-NWAkL`ianesJ-=bWc$JwU2Yk zS1+NiZ&TI@(3Rj1Wt;?#s9if`TkRK?<0M+hAPR5ZZ%H*?5G@rkz z8N!`hZb5W1JMfWaR|*;N33eK*chANkPKuP(9p7aRl?_Lv_P$5DXVzluM>dAq!RT5E z&#MmaPf}hUOh7UE` zuxuO^<)#XEw5uCp72*%*v$?Y@sYPt*EO;ty_zlQPMjYdt%>Tp|t3AFXuV22)8gZeCMWEzYu2 z{MZV>In~y7RhmKzA5N>4VIUPCPJdDdSpDka0F5psJa)gNqx<9PAwiksD7hpn<`cvz zqLlSrb5aY}8u6uD4wDYsbYA2eJ$Iot6KzRPv0pI{@s6Cj=sM*qp);v*b({X}Lt&9H z$JHMn7ov!1q>>=IGzmV|dQW>n3}P)T3lp|BD!yK#kji-L!+pZzU6Bs}e$CyIm^u|C zPX<3*!{l<*Zgx`ABXLCGRDP4qQj9_|Dx0MsKb?Ceq$ypzr`BK(BeMcDIn0_Zs9Bob zl_MZciy^SFnEbMsH6!VgX<{7d5S)PdA$sbMDUjzKMX)j|ZqZbfMq;;oUFs7XokE$+ zHn;x_8Q_Q#NlfcRgn8OCAZ{-UtF$jTS;)!|DMZMy)qs+8kIK}qCI?;S}r zf3FVm_h?M9^%|RJ<17<{kiq?ueu}DULm8}{(DlcVoKxGwPeej$Mo$;|u-b_Pi`yAF zhKqD@kXu(VCT3u3$V{#CS=`=fpVE|aevj>@@r=Cj+-ctk4(X_AY2d25+DPsAP<&zu z1uODqBl%oC^9v!Jl4Koe9Y9?lgA1;XxH4x8AveP}NrqMEV~5m;UTO&cAeUG7cZD@+ z43=}NNh?;v5X#i4Am0pUA_2Z)AwQflZsySz(bS5|sceHfmr6?u;kr2I7?DS&@_O3M z0lkxXB&o_AoSk{lUd~W^Dzy346Ac9Y%kNpJnn?|;!jq7%t~K*uQO~6(d;;Hg3<%~< zaN1sTeG`g>h4E<=%b<)rM}2s&)2B+O6tLLfDl><Z-fkTdlHRTA&rPX9MR!L6zs%sr~abH&o&U?7N0LQU>WgFyxX&siGHJ1Dyd| z!@5nq+xm)LR-fXX)VNNwD1Pwe|FB9SNBsc-dA6_Sh!!G8Wapu9j<_M}A&h#3n7STu z`=LfdLu0A-MD$Xv!#>|!&im0i5$008|z~sVmJ=sLzYU$>6^b_4Sc{AHHPGCFndV+l8lZbGG)Lm&NvnP9r9Z`;H3_FPOyISu#&qmF^<}SGUQ_tt1+xgLho132sA2+Zm07<4(g1=O2v|8ttq<2>gb4Xa_@6n#LloNDjTP!#R2yk0tI@bAoksF zZA&LSfHrk~&mT?)6(;RLEJir`OmtCp5U+Ll z1}~Qgk?6&Bvtzan4IXuQlTzf#r+rMtBnrJvt~42UR27Ch|CHRdi8!-Bab(PMr#vO( zN)q>nDUN0$f2BAi-S& z1lK?a4#8atmjHoa!CiwSSa2)c-66O`0t6}CDKrF^!V5xSy-ChF_nv#t?~V6*^ytye zKgh0Kdlg&en%_6)T#Wo%BQv`2jbPG=;W^Z5JhSje-OGbev>5j1qWKkL_9?Y|&U$Ww7u6dYi~5U6qZVCqv#21J-Vm+Bbup40y5 zsJZ+(jJdAZ$rtl{Gh86|&UYiA+k_C)za>j6n_l=d^GkSoDAO!;1EZ~mraAWuo)zh; zU@fM(Ogib7V0sb!-0)xA$d@T%P9g^C{|byEtwr(!Fk0M7Ei)$hP|+Byq+aXOW!sWS9O zq?Z?66V}q#Arp7c=7k=3yLRZyVoa(v?GMf9mui6V+)!4(L_DY0pCOx(1Kh3G*mL_;=|)OL+GfYVkii zhQEnAB^RluoncJ;F}g`>H~~_1LjR&L6VWTh0Bu$Q2ovAPFKBwHgqxSG)tsu<>e{JK zTE<$eL%4C*QM|#%<5AAnarwsWRF*oKRZ5-VzffsG`H>5w?$61gr4J$>0k7}NV(uT8 z*5wn!@40Z$$DFPtD%ihO_gg}_Q6CWnk>Icf%08xYi7arY|oSU-9?-E_zOeY88 zjq2<@s8KZ|yT6j*s*<2kS;xu~+dh1rpSkxKIw-@*E1s11e@{J~UK6AQXP-1iJV8^G z;GTlNe<#3#7p=-xln3=&4R>*S8)9!_YplXg=dA8h)YNaT5WNt$&6MPWmBzdV8c%CZ z7uYJmto4$6pObbOu@^E16SRtEtoO*1mgH4=kaZbIuIkW+RWJjiG%MwpS+l*$N9V0w z6wEaaGz^YMLMJ9f3Of1=q_WFpY%}DhS6y^subVDE=HZj6#($0R#)!{%%?z$&^~2lV z82QXTPiR)h-flrANhQ-spZZ0Gh9Iv#yXMl$J2EyWusSS8z05sVW&G;4eD{4<{sMoP zMyU@^9dJw3DD!!i|(w-G;YP>d5h zC>ox2jb@ZspLhs>6W`QY;>MdUVNdFUuHkM1RjoZDI;>S#a3CgO^AfVrtAj; zjjSrFq}6J>vkva(Km1^3tvdDn%5E=nc8b75qbVpb)O-ZzZIj4<;nYyJ|0B^3jGfMQ zKJxC?W&Vz#miKk~r1FS-7+1GOBV4zJ#J6K6Y_Anrb$GUvKu zwcY?K0-tyIvnV(RL^o6?oSr!rjws|FSUxMRZb~ut+2WYkKYl?b>xcuH3PofKmFr7B zCLJ`5@(&(G>+RpZ`;Rh-+SUiT4;ouwzu_yJ@1=xF-#54h>qu@z9eu}0uDp-t?tbOq zp>iBai1B+t(a$zv%*BYGz*USUy7{5-dF%mp1jHVw^)e!xPg)Kt z%pzw{Vi;qZQ`MnJ1%Z3_N)HA*=ruHafxAAoDP2^A>6TM51#EX1g6T6NHn(DF{1djN zAN=?W#G>O;EM{Z&sNgEHCZNF5ZB=ZDgD4T2yP8*#$t+78%mS~!Y~AS&AlVt}Od zw&a($oJy)dM_|HfD5lH!qBu2hB_8_IVr7XgUN4Z%q+141pDL8P^9r2y;&`Q3Zphv8 zs)66U3idgGq&7!4)lYZ!liT8Ck(V*T8g)EhM{nIQzW`ZRnkk-Xe}D zgX~hNl0N-KbV{*FQ~Q1X6#HxE8%RBIscKK(?n=*M?=#h~%dt>ZZdvOTq#X74b5T#K zSwtCB$hj6~8h~OWO3_tpDD(vs&ya%ns_|LV9;ITERB`0$3;*C$yG9hucv5x7ohM9X zBq4GzlD8Pn6|y|hyX<0->_R|i8xYIk(lyXK7)9i#W(U;tGBVb3TsfaVkYjPlXO00( z;LHlPp{X|2ICd6?&KIe*MmaJ@W^$_Oc4`e4GYYvCV@K8Jf{Kb08PJ$K>Q%6;!WrGH zO4>&jB|VBMc!6pe-WuV#VAHXy=xD1H=dAR-lx)L?3C}!9O%C4D-RiM*{qOM}1MHep zJQsfz4QITZX)T23LCV#n=}$^+gKy(5MHLe;hDV*jUKi_mghvDDs2_l*C&RzA5q|PC zH%D2VbAt*^*$+m?NW!gpSj?eZ`dSMFHh|LM6;^RO=&*-~w`(jYHuAS70m(nr<+oh# z=>y&3y#Wv_q(2gakr4fk*C0Tc(A8W7N49P`)K3V(enZCgt$ZCy71jZ~E@+=zjlE{W zPibUY{%<4;LrB~EWE?2_wHfL+QA!*@mS${_ zg-LjGbf!qE>;2bkHBEkeR_moW?Mqh3-xX&OpOkoJ0XD<`rSC8NO`!gOsKF^E-h0q4 znB?3KwUWmrLyN4IU{@JxH>x1z0Jm(oJ zTEXG3&NcAh?I)}m?v_W6iIj|VjN__+CHwic>IXKn8?!YEskl77)`EDEWHcl@suWkO zCL)V$`~A=Q5Op9N&0n(brDY%%TBlPK>axrFL5XAE4NnK=AkR7|p1$D)IC^7gGY(RU zP3$;|{^hV1Ul4a$6V4EeF^ZVHQ7eWA<|0NGy*AjEdMWaF_F?i&AbU|Hq$+>!Z|kOo ze<Pv%$>s}_tFbm6 zt@`L?>zIGQdsX0Y~gjc%00w1??5qM7}Jl2w1N* zaMlJ$tq!1+*v4=VNU&3j$T`!-UGZZ7&MvIgVE?)5kp*0xYKEbR=0~x;n@YDqpIDvX|hL0ilX^v-t|BZwRU)6VO` zh^CS)H1 z=*Yjcb$}~+l1xAgl0*NbEQ+DDiF)&0UqEOZv~ZR@e84E*)ies7ca}1>f4PR6o?MR& z>B~3eR;&$M$2{-#k|evR{9iqybUl5!^HOcEp{~!96L2}_ebr<5wd!ZrDz0a>GY0k# zO=WcFB>1&dbZ1R__9lhI)D~34FRF|Rzz9EH*N_>Qt!=@ybwPXr_k4*6w_ z*O)&xhbLcp2$IXnf1c$+k*l@^p0u380F#DI*$3Y9DkBiilDXw+W>UFZWx| z(&^@M|L6pXsLQ>m{Y0LpMl#4CH%&j%kSp7~zQihF@TdoR6AF!mUZZiMt$lM}1^VN@ z+FG4Y4cUzaH?aexCdS#6mb^XQ@BCw7Ex3aqr8TjZxWvnM=ydbvdWBRAn67$J*Lba@ zEu^};ZlceJN}HP}Y(?U^AiSHty;^@`ve4x`m%qQ>5=iKfN-1%37%=Ixyv`;YYeF2y-Z7$es6Fco=|fre4`q-!Ix zA*XRQzBLb1NuWctS~PDQVT2;vt!5(@S)%#3-A@ z*PNYCvSDU??%+-}M-TKg!qjJ3ks3&rmvP+RT^;vEWi?Rqa_9Ti_!S4Dt|BbnfUK0(6 z#W=hT^OE(%-WNN*(j3C3;w)5aKkL$enV#L8oEW*R(u=h=ECGi|kM>tPCP{Gi4mANr zkpFNfNi00CHQSnlcwvMq|tB`xkv zn&Z}@BJKJ813!VT)$Uf)3FtwXQZxD~?t>t9CWj7cY+}n1= zOkcd#Eu5Q%ZPzJMcrD6CZDZt=TNT+lzCEFJOB`L`;d> zs4#lT6wb{2R0F3MYqBhHichkt%+;z#6YC7Q+(CNnyRoqWJljKXUgJ*2%m^jecz%k9 z$d+mO=y`t?HH`nF$Z<;Y!hVc6yH1U^IN!SX%dRAUj%Nwn6H{!9iBVu~xQ^W$v;zU9 z&G6j;l3J89^sco%YWPL2=9MRQAHUQ04hUhA)C4snA>sFAoqvr?Yw>_@TVbKE4j7yi z4`EUcdU<+r>uN$YTu}0xsG_X}KNY2Ai+;AMd8R9O!d2U=lWQ419Ti>ucZq6$bs(P;N4f7b4+)ekk&wlQOfS@s+{&2T1uNzBJSm zE;57jA7p2$UdKHK02Ko9KqP<|M?aLn)At9+h-75o1%ZiU+L&jKYx{EyFDCXM8?$*zy-AAzTv`}^rUC)*D&5ZZIT52(w|ueX#qwcpg+UP zYq=HHe!ijdHyH7yt?`19;AlL?8GL*>#IFQukOW>Hpz+!|Cjn8@&n@w-xwB28Nq;%- zAMwOo?gf*CYUFdn0B*^Q$QXDz&zY=VchS!hpL1v|4CDF$J{m*%HHj61$V5!{1A>Fm z)GDX&yWw)hHI~;fl@n*X)T{PH!6d*Vo`P^<8=?j*Eb}P5Y%@cWiHQg_YmgTP|45|= zSC(zHX+#TI&Z^@*hQCKwWCw)6TB87@$+-LzX(r^{TkCrvuH}r*Zq?KOjWp_SfqPnX z3kc-s7mj$TdAOQ*wrc`st1wP*bH%PTGUFxj+kCwD$|dMq`e>n04BGzaOiSpCv#YFr8H*7mO+#Yce(EFqje`*2hu|D~u zwHGTTSxx-GN(h^YLtZN3JGY&*1**?8T7YZ|5D@7zS9oxtL!E;+l9ftz$_>6>4!55# z&VPyI#$Fu~ek{_q;1t&poY8&XU8n|mZ-{ndj0~PsHW<~tC{-|U@oWyZzhB2TTIcLJ z-;&epp|4I%$-&i{BK;^%pj7F>=j^u4y5Z1M-+_zkM#g{C&slnUh$XzCe(@WO=H{dY zR3vPZ)cRaIBfQ1sRzlw~O0+TxV&2%KuAmWceg2Hh3!hM_S+MaGh@2t7jbq@yG`~VO z`FTpJSsk{hz3ShLrJ!2`XTFfsR#YVtG2~Yod)9SJYZ@cmx0f+&42|V&uE7G?j(^fIN%pub`m7DVuC(r}n94TdkKLy6 zWK`!yPven|EcdGM)p`~g_I$7M?S!iyqYnMJ>Un(!f%RqKTD$wjt^$|^uBdTb5aVRkNhXS0q2h97RvntrG?PD5^ zxT-{v_kM7zfPjQ6S5j|hUKBMXBXm11Iy+%wh$F#2^^_l~-zj9CcDFp_chE&Jy{wN) zdBBNEhjgfyt(x~XHmiad-&J-(rGTmGiB&?I_QPQ8*S;24vjO5n`JbydjH0f?;=2o& zeC()7m`vtNNU~M7$X4YI_iJR!&wyRW5*>-0u&=3>tTaMNipTB2?K6x_Wa_y$zu z7NESdh|L9kdAxp*x7U-xB@wqns8Y9e-86Ps>%kkz6L%&`9rV}lJ)+nAA4on53Hw{* z6BSXmO|Vc<+00&Cb6xI*T9bVVy`Xx9PFvZ>>`UGA^r0e4w)s254q`kr*(aYsx`VT$DsyjV^@6Mw8Wt+qqLAS$+noyM^Q6T)J7|sdvvH0 zIF|6-t2h{{-B_-_p*|U0hVxWi@#hH?h^dfj#+ev?A~6^dwZ4{6{DmC5N{KP>$JRb3 z55Wc!`$NagR%tWZ)S<9d3n$ z6hV}U3)v`o;`Y9URAxz^Gtwf(93^8PA=w0A=|EWz`I6Iq@iEuTl2C^cu@t?U<0UO8 z&v$rb8lgdXPRmn6Zyyx;^(^@JIY(NQG5e z6X*Y&##sL|9;n3KMkA9z4sL^`)o|CwE68qZc56MGmb8CMw788gdg~*_FD>+rK=0)?97LbF+x9-*w z$hrz9u=|2NADU*;QbtCGAXL9S{U~xI0|sG_S&7y!T>1_S zyPs`8VeqM|$QI~k*=AR6F7I_@w;^r60iZtCgAk6ez%bc8f>YZUTR zS9VR$?{S#pN)RUm3gf6)dyrRJc!$TiO}h75EFZePh?K}}foiCW`xU&vcfyZmEBGtz z$!*!Nb6sPcwqD`78sJ67ymU+z;m0fL2<#p+gY$ylcZ z^2Q3x`EzTRwU|cvnr0VYmA70F7rZeZW*tt*pweFTipwWjxnPX4-WiEjAk|xtF4A3(?Dn<(!W*v1&*;De#3RDy zUl%aL7uR1;ViqkTxr?8>(&F{`-+4~^v;j4%yYp8OkHRjg&4Xc^rZ9U+vI15{)^wjF zYb6@~s^i_8f~^XjVTIS3?gsAU!e8}8B88ZfJ6ERFRym4}W}ZYR*_w#`>{-sA61pJI z`xr6aKe~1g>5HA!{^cJUzSx5?|MeyFUk#^c!K_6kNB^dlh+a~;pq+J4b=u$REz=%r zlP9VICQ9V0JZtadr}GM;wrM=}ow5mZK!~GL56ID}7;*Vy@sfKMPHGyI864->(kAh7 zKrjR(15upahB@(#7GA>q2#K|$&fc=mx(fv(qgRe8QmUnz=>c1;*-_Za$Av;4q^t~Mw8o3lY7*2Qv^ zMHNNtnI6t^V7X_3qZMswVQ^wDN39~3o2G%>^~j0bA>z?TIhUVxMI(3W4Ap&gpZ?PB z30;q>M|klQ!&6a^RrIHe%rha^)H!3u;uiZQ+6>UBvZizbAxuI6-?A&3>>97DGH zNP)$d$xaTNo8+MDr#!VpZC0?QwLTqvUV|79wv<-2!(5c7Qh0R=H60)6yvP9#fu%m7@F_pM@ zof7IDOANmnCLO7a@=L)P3^_2%<*XPF&iQwxF5fF;B&2?OBq*Y=KY7MLZcA#FTOJ$z(TFbv*EFWE;WQX%g8tBi~d5< z;bH_%f!j(*=3=8$%;|{A^ZCX}Py7y=Td9P_r^*kMvah*~`v>y2tlbe|A)fW7_=8tP zEPO5!ct2pq@?L2XO{M9?NO+Ql$3mpyk==%)c9I8f*QYcN&AAhS@s5+DBlHb9-RPkjn_C@gu+oEmm12 ziSS{hp#|K=yoMjP=~c$7kN6RJr=*5f_idwUD%`seU`m8hIv-o_s- zDf98s%lp_DqGtI9hhP02$OFfiLh^~GLb!CUxyZuXeaLlmyuXfG8g)(3=t*1|lgY7( zT*=VZK1$@J#F6+g81#!DQkHzRN|Ic+fRS)`HqEkrrJjp1e_QObp=bSdEDc@lAs^It zfG~RI?@B(EDIbepWDyT~%-XLwECw><6DOB2Mj?z&0%KIiB{}owpjoV&tE=;=QJ1W| zj&LJAWlt8cyI*R3?@N+^L(ux9+}ocl30WnfW7f+M?NNKnyfXYix(@yH7ubTR^=0u< zsziI4nHG{esiUhOs9*IXjXWIg7ynb%M@RA7v5WMW7xo)(USZcME+po>1}9KZsIimY zMI_(S#ecEEqe-$eh3CrL|EI|j+&-6ijt^$u{BL)rEYc_1jkL4G`CYET__N!2hVRgT zMYDWEDLZkmzdWFfxCU6_bc(^PW%pljw@!co*H@n~WUvqg^UjT_EtPW<3)+HH)hq4y zi>n%O?*pW@{zvQC;<2$OpjG*UA6h&puFJGAfOJ_z_ znO!hK-p*&E->cmT5qPxHeRy%3?xa&0DAMt!*JFeRC9<%z*z)*$!);NN{sd@V0s zyXD?he9oouLw$p?B!Ij9|32&;__pnR`FkW25EuNuWiVn+?(0kAH63q>QtF+0CoRAkzh z97mydpKb2Y{$rcUq{Svsy0iAUOg?8-g@mdZRID<;g4}E*Qz|C)(%#9LI?pCanD}1Z zosAdzu)^N5&tAcG-S%l!6P_uK>Pnd&_g1mimXg$-;dBG>4F3NclEA9*6V0*>T2|#_ zYsH0wpU9^u9w&yQq~z`SR0%S1JvN^P-k0$938ODHxT?Lx5@X!tX(iPY0u0uEfM(sN z7YJGS!{Ey=lP$Mh{NBkn5&GNV>kKo1#M1m7?<7*Xs&tO62>o!2^s~*%iNurqk7*MfdH;!W@}B>P zC|8+q^o?K1A-IbjFK7{YO(xkVTXdzuZ79!{=ac*W9{pDIinoS>+t>ZYH{dv8y{O06d2Wc!=V&u0IGvybozzTH={8T!t9-Hns_ zYMnq6n}q*F>TAD5_3z_XolF??6;a~l#7bp z6VqFT{o6%%lnqy2?stlun1`LSENI)-x~W(W9X+C$@hc=mdibk^d9ibp?tGZ-1Rq&d zwyFwe+dvo=_~#8eokp59%cY(3mr7buX|nUl;(B=9cETF_d&fy`J7LbaMSrVg7IL&a zRt&KXE_(9Dfx?u~?vsZSi@3h*JB4_Pyq2H4z0ISO7R>_1&mWqdd_6YhA*{abgg55ZK`Xhs}VrZ@U{a}+5Idm#Hl1uxA9WGQgzZ4k2cg7X7fpo zYu1&62NPJz_zK#Y1da&$a0FE)&&{?*_xwvAR+|tfmDJky?rvE$-;cDC%MLG^g>hi0 zJb$_OI+LxJT#D#&rmsY^VhDfv)zGCx#Wori!;WxmTS^(Anb>ttGbz}}Dr6_4ilnL{ z3G0=I1VJGKO=+NqT#hveCbHt_Nqbf)0d!A71#+Id8nt&a??J_mNfU&lfv6ynV})9{ z&%DmNl7QvlLaqK9YH28k>YC=yFRseUTsh7|=0{(!GED$$>;IdAzyFnu>dk-JsDP9S ze?NNF%dE1K)yrsP?QlF5Ho^RqSS;=r-zsoyMX3Z1{QxImkXbT;E&u2(fGbZ)17w!(1j@>3l5r{I z^xkA*&Z74s{%?ZjHw+N8{JtKu0<4K3mePI(^=By`>{Iz_HLVu|hVguS@@-lW|6*V-LK)s9)L+xlyBLtgb{ROcd*fFo27Nbhsk%H&*j{ zKgmAtt&VWPUl1)V267Yj(GVeouMOZ<#qj3M}wPlb63jwSnMm~GxZl=-{4-FFyyM&@AtQF`- zN~{^19mt3nXui622h;3UZd%07pibOYDJ3{DZQA7rFLz^~^Zk#RcaYJMP+kg~nW;QlBG?l2NaA4Yn@55chIwyfT^~fklDL zbLdWdv1Bfr%8(xCwLrfZIC~>Uj9cGjuaiPnw(!c5k;{& zCzKPVV?4DMRJ1dz5Mcc@VL?lQNz&;X)lDN-*@QK8brCV@oH%>sSv)bQ3}p_~?w*6w z4LIIbso^?XB}sKy+OZSy^!ny>kIpzYSLnN&aCNu)J)18wftXcyFtR_I2HW4Y#m+HA z=XHC`DmyP{mt>4Vnef1Gm5NILp-7_KDW+lKxBic;$)paC8-g;~DXW9E(afKU+ffEZ zYj@o@HF3!x^?;QX3AZEEot>|?HZBac7q`mGi}yUPCn`#cDQ4vs7n^g7v~yA?ike31 z+y-Gv3AFWLXJyWzYP~)RJ`1{#WxIp*q^8!=i5;S*W@>{O^75M)Zzx_!?L0V(^u-*1 zjYQ-)@n;?JaZ7Q7mk5U(c+t`)30e8piDXd{Nm?0+X`hlhSRWo*N^E(jwBAh6s6Nr! z=>@zXOzB8cT3N5!AYmFUORZtqBCh=MX#831u;o04(+9h88YhV0YoF?SED3W3ox{^( z4J#7s6pL(}t_jNiDMB?@go&7WXhu0KBoNs`Gy21-{y`TRob5-Y@4vcLW3vV{>+w9` z%%Bm)QDgyoD~vPWygr@s33j1^o5VWtY0OD*YPNO997Wr1%7uR8g4z`Iv5$~FJc{|C0 z+r0wiEz3HBXi(wxtc_Y%@`)%s2Bj9;GjcMwFVjV@&-K9Bd@l>{ftf3#UmWlCo10kWVaIE@W$w|ySnc=6+ z%|(roh4P;ZSVs~3IcWwrf?OIwI(quacu0!T>zzv}v|K`<_y@J!{l9vKUnZ;?Z)5H; zyC#Zo>eN3Sbvcrlged_3pRCqEF`$`e&4)j0$)hyS_sw0kMVUZ1fZpJ|OOhz3rNAJw zRZ`URNf7NE#jF!^&9q&*w;=-XW!pSnTiNIHJ``KB)D0SLJ^4_Fr^Ws&#DAgjA_<3B zy76)?7PZfq`4@@8iqSh15b<7tElhnNU}HCtUp|YX z;mxOVy2P&mOht!Dl)EubW#JZAsIOUS|IR2eAMQewdBb8dIW z*>iqFqR9zO<9A)XuUY=ONHz8cADKjDAlm@{{OF>ielTJVW_?U5I(8rdhUOnHAyOB> zh)pN(dOzxdYDI2T+fhKwFgLt~xJvQa7OgY}U15drQF)xV`0OmUAcS}$(gq0ga6(D* zX&Tdq!0u^hqjC-$*x*LMUdlpCh$%zrLyKCrY+xa$UU4|BDmbOwKLmf4H9ti#Xf49z z;73#OVb>p;?UryS+Z2;qisjO5=iYP+KA^Pkq(wiR^2w3oQ=Z{vSkGjfR;R^FcCr_( z$P1g+S|sZ%Z+r5NjWZ}0cJKL02n}#ZaAcfnb^~z4X75)xZvJiY@soES*p9KeygEM})ST7sb2RnTc8tD!v zG3#+DX|M*q_hurmJe`Na=m#jVTyx%~BdyzHz=V^VCgNPLuyWeRBr9$_rs@L^XvQve)Jcrs-SJtl zxKaK1p}7(c&bx;~z5VkNnN?}CmLUJ;@BQ&3X`Z&zQz?E`v{_>QZB;@yTg&uo6N}5J zXB?)H0}Z@xK(5atms0s^r?u3!VS>9cD$Dr|y_pwt&4TC87s5|b zs%+YZ28KdX^xeNcvL?j3 zmXbUfofma=fANHv(e;z=QO&d#tahDS!n`C*ZxTN4GdkR2uws&%gFQPnjZN`}l zKAXrn_jOfIAt6y%%7}}op`+-Blo`~#T`+`|De+qSlyU40A{#UyN?#b*Wr02|&i0CX z_RUFked@_%tzpr3ycoYy%5d)nJqQp&pWnM)lfqaeeCq6}om}}=b#pI5petG}HVkK4 zQ;Z@K4%L^i8tvqiVqce|G>FQz%yV~U=ntPN@TQi0l=EUsE>4&6W+HzYm)K)r>fg}0 zK~HOT2aMI^R1U4^w+vK{sY^)CtRgF^n70 zyej^fB?La@7)%%-M<$zbqOv7rkrum{HB}p8T5dI-`@ZFC*16P)SPs+ed3XNt-=LhL zadHheDI-OB?A(=L5rm>J+s0)gu%%$i6^^Om(X3EZK#CB6pYrP+Z8=Tq69sG!d*x6~ zTFWB2xp42FS!vr^^)V*T6*-LO-95vaF%IRWW z_XqC9NexG^j2DGtoXalXS^FO#oiI0`A7QGWt@xlLqzc3t0W{dr+< zdVNYfQKp_ZR<^H~eJe_^_Kj{?`7@TsNOVIaw#Jt{)S+72<}JTn3-W{Uzl;o&@(Dbix9(XpeSVXDYhY+{yu3ta zkr#fyyei5;^n0e@lxy+HfoJAUcC&;}DYt^OgWhuWx40L_^M!d}=n)^VG;hVcA%BW{)eK8pyDY}FDPO4r_pFj2n?T99W+7!LQ zLnI`Z{i1^Ov1cSFQk%Mg^o|vybFL?+SPS7$y>8`a)UJ+V&Hh4&D!EUF4}Vx!tjU+P zPVtuSFX>|C2>A}s_X-Y*qyQb+fzGGvZ+crsz7dljmV5KQU$(ovw7Cj8%U4_t*gFOlQOglk zdf6YH=cj9mAqb4WHgk?5N^O6PxZ_zRFAM1$3%v&yBpn`o?mo|%tL}f2Cc42Q?a5G& zVI0glz~0#m;;EaXH>t2Fm3U6zpXf7C@pD9=a82ttoRTgbr{M+HM22EI)^xXV!d7bsnIbQi?*lc!iTtS9MT+9#?P~sRF zfhFcz#&{&l7`SVA#eWpN9mCp)I_j9dsYn(IJs>+Uef>O$C@cJ^(m@ti^DVB4J00_t zqV0EkC%%YSHi*GuNM73wx-dls7K-yu>43|5!P%|{ZED4weos(Pqss75({4vN>2e0N zWsN*d#xhUeHceWP%oec*d!4UHvpLL!5M40HVQZoIrps*~9SU8Rvq7bENNyInh4SaW zp&VUe9wrCwu!Br(E1Xn``s@r^JtQA}+;z#L1%;nI#Fh|!YCF#rVm{cPo|Y6zN*oY_ z*I3lT@#rbw9Sv?&q0df}PVAxUKfoshM&ArG|Y?Lf-Ld@j%$CmbbL)tasyJ z6Z)Z5C(Ny#)Ke54dXD?-CfoEP_)G zw%%X0SazNqgSX=Hf@CXQ0>&uT>r^;6vz~Eb@|hob)^7 zhIG#vu2c%z{2?4m49V~AnwY#;a>x`2i`OhanB7~w7k`RkQUVoXbvz7iw!B{Xd7i^n z%>*X-+Bd}*KtIL&l>6c1R-9~uK5?AnqsOqGG@E8O|0ZR&L>D@E3Ao+&7DUEqFX5 zWA#H>C`*-TvMcKtTi;=kR{E-Nzzum4*TRxJDJnQh=%fz&D53pP-1*6kb9~V0EX|p= z{yOWA@Fe%UIf**!v=q@>Q<0m zU+o>Dwj(s=s{)8AWlv0VpPmeX@NvtuR2pSk;tsuW_gS* zkZ&snUQTmAjf*eE*&IV1NPPzDBlwG6sn+j`E~MLRwmkHRWfH!AxlK9&sJaVzAF3Ez zRf9jW<*KClX(VK4D(ttIu8zZ;=Mav}D~qWI0VTt-#}5dI12&77Y_nQdVbpxlSdrl^ zD^`g9$QGi!%kLBsH)n{H!#+0QCihV;Zvu(T#;dI{vvhkkk*vsj^ugz0zEBon@7BX*kfWfMOBD%YV!i*joE+mfYkP_$oGxa%7WRADLVeacLWz zgJvy}k4uSleoYga<>)&UC}zFUQ7Q_gd~CKtqB#Egj70D)5sQVG#jKt#8GA^b9HfVZ8;&=LH)~mX%4dJe zvXmjDdGFyFkv>OraX(^WHA_Dhj9*8wtweYH7v5cn)F7egFg{DtjTLIfNcosD1txt2_9X-=)YMG8( z51YcR6uJrPZ+_9uy2`b$?p2@j$fn&O;!2d;HT1-@WlhIbX#vI9U~!~1dt#HIT%*2; zzx^9Jfx^SgkDJ-&I0mds8k3kNITcB}i#IOyPwJY_b$TEd(I&&()cJ!Yz5>~CX)N+( z<&@Ukq{(Qnv=`l|S9*xFyHuoB)_yHY@W!I<*A(Khq3k5X9HY4VkH&D0Zd&t-$`Sp} ztiIErmt?3guGGl(9o!97uf05snsQM#!e1-Qvn!0BoS>Fj0^ji|A%k=VOzCvDa}AuY z4!_nMAfpt&6&;UYiQ)p^kp3U|^>lyx+`TqO!$bFq>h`Vu-`~VZwVhb2vt3nFcptR& z=(DNsO&%W;*eIF_4>#-Gm$mN1QprlET zXB>|xAue=V5HLze05`R-drH;B2caRU^%z2VU_7 z9eGEov=Wyy-1AedYYIfjAM;k;Jrl=Us5O|5YNT*hEIb|hdmEmK_~?64 z&BvBNz6LM~|6e0~lToD^=SJtMo^mMh``EEWpqi_%KcB(qJOaqw^OxGzHQ8Hx;#qD7 zM)=9q&};D8?gE6nKimUGIU0C`r4@h@9I6SF9*{QYkD`qBm5L@xWiBvHjsz36eenF{ z-mUF=9XJ+Q+#VE2RKNa_+!^N>FkfzqA-p>y@rgt5eX;XhKXc#Bh(doCyb7&Cjeb@m z;9UB)B33;OZV(vcpnNo#ER1z(KOA*7h+Y(ITDD(#T_-7B8r4ZAkks`ddSnGX8Ldow zBkOqwFpkff6c^w9BE1eoc64ecgv66N1RZRXNA_RqRQj`D$QAnWT9gwyKnX;%nEtnnQoy${jo>nZ@mWOrL{Q8WR_F_^1fDA7m4s zx$X>t7Y|Iw={#s)wNk2&|B{|BXFko%)otB zZb`%0N%&&<(Z1)dGv$X723MaU{#id)ANqN|*EcxJSyfU7N zwn7X6^s1SWd$18Y__{%h*IXD*%#T=Qdz-RS75}Prmj3cMXI;Nv1G;cJ?wek{Kb_vL zRX|H=+HOENu0=%dpB-(3m3{m1Vp#CsXt}fApgk#LMqU>#4Ns;LCE-WY{Qaqdy|Xnf z(jD&`T^qzMmL;;=_sc)UHBOJfdpF`F(#&zgP}B zD$+h;UHcTme_@GIp%;y+qS4?``g`+z>l3#UWt-8>j(K{`zO?*W(~XeZ_t(P+U3z+FlitvJ+y3_VRKme-5r(BcQ^6{P67KzZ zJ7#Csh_;s7M+9BARlz)Dke`Pdm(0UIp|(a(dMlm^mw@j9uLy%*0R6FfAaDNjAj~QH zAnx+Sl_!+jpHH!GyOpUtjr-|{1$7(lsKzf&0;yflDX}S=bZXL(&d93xS%Zj^YO*g9aLmkU3jO*4~OS zl-Vb)Wx#_pTG*6#_5+7~ft`35=HTmtA3`VIPM11WG!{P_W~U4xB1{yc+LIh7eb+Fz z@uhR#1pS+Mfj`%>m&fhnM-+IXKEKd%hs5$<$xu`_99M~oF|E6}w%(%1VDuraw>)|acZB7K_1j%xNmG;3Z&-zp^ZFhWidHw4V#ST1Rl-DZcWUXG zKiu9slCA*J{VECa=h|V~FbU8|5#NZh=JU?hPPpB=+b2y4;m9& zZT!D_yYfe<-tRwpw;)m3$(Cg-S+XRe$ykzoi?Iu%dEpbVqc{J#+(~7eJ-hh&dQJ7dWXwt#s zpD=Tr*?CE{#^sgXB$C5E`ISJ>BIy}{eQ^*a)3kwF3!0`jP3Bx4SFo|X;nmHE@Eeuk z<$M1xP?CTm`+9|OXyXdV@eYLZXm@vv^d$gcpB&!kx7QMJJhNUrT=XYsPj{Th=7xJ; zI(y%ODcJ+qWp8pVBK3k~dNQk&-J|)8*A3BiuH3(Oz*_=yHbG7|9mynNKSUmhy0SjB z_8}Yclf}l;rHytq&n?>34|Gf=eFQXr>xr{X#yW5fM;y8C^Ir9*tUdi299~&6;3F-S z+n=^OxNrv^LT{SKTDhHnML%>Z>?}4=TW`ZjCs7>@bgTqbc+*BbMwPl}#|5(Xjygh7 zO{%nJ1uLCMp*UqV-2~&`s~7>bVv6QTOpJ9=l>kN~6EB{;ybJU~jFF889q*=X2{SR4 zhs@p)3Pc+=koW>`PIfku)B`ct(qYmY6)jAYN*OD>=SzQoYL-q>3w_FI zeooMpLHpWVnJC?!U0}1j*WQ^sQp%T>_E0*I=$l{1int#=JLs6#1TCBf5NLnaKhT8L z#c}=R!w_J};qWdX0gRXVPN`9XIzPKYn&{Mm4T#pj!TCecV?+XnYO(r=mtRZp*3zG0 zA}3d5H2^Cs(YI_{S3hOgMvpo!#MQu4nBUOfZV;-01}OB%GAKtGez?rq7#R*&IFeTA zg1x43UD|e`^pxhsm==S6Ibom$Umqi2Hs7YvRA!yIMs3p<7eBLxDWVd(NV(2eNxH>O zmJSfW4B*=c%hselanV6b7>qs_NHy{jsQx9^B%8SlHuFMQb?Y4Y#a?Z7pYZn}Rh2%w z?u)atpA`&0xnt>)87jb=-U$urEX!7WV9S9$k!{~M=KI65+|rA$H;GRuGS%|iZldKX zm*Q@Kqc&AQgTwM#8@ord@0}9e@gr_Vp4zvdKcGhhhbdMk#NqW6i9TcJn}w{F+Y4t? zNPkF>#?d^LN&BLp<<336-wDM}rE%0Jmdrmt53kvW6!|L=ubw{JE#obCDdE3uEGqD3 zJ7u1L=?22{>>9uh6TQwI2Cg2&mwuFco@M-nP|wJKux`ZKSl-EBUM=c>k|{He>mRmZ zGYpmIZsj8;^m{f+lnS~YJfvdMKF-fu!sL$?D)|6MA4xf1DwPXAdshF=#5f}OURY+bDHO*Giq1O)f8%prwO}u5=8#2k9)ijJI_aWtI`bszR-br`I0SU{YEHg^Bp(rE2py;Bpu%9#XAPfU#?*9x@%lU{38 zNu-X|FZ29=(yEwDU#e2sTb>$)f4t5XaxujT5wT5D4qxQluTHE*PVOgvBO>hM6)Q_R z&@`A)3LpS5(*tFLt6elSzww^_!mnCiU?wt?uS~RsZBto}_SHje?^3?Hc!w@g0LoZ^ zfh*~FTGJ(zVL$7flk}+OC`4^A#*?|G#7gejb!VpZ1vs%;MQnW?`ZIGr1cex7)yn^8 z#DYA#xvYK86+klLJN~RDw#Bf0m{FlNMUlo#j0pVD)CHS>H5n-{>{(-I6MA4>*$fzn zH1D%Qzid<$Rl5DC1{J+1cUq<_w> z0Bg#amvlHTh_Ac+moyc%T02g*VNOhdtXC+5zqmwd!Sp^BcD;=VlQeI+! z-$=k29lz0B!a^~mvV~06&!;wbMo;|}(z&v1tC0WuP75zPOx@qR>ma9FM&b4S*MphM zNt*-(i+bE#o3vHkVWHqjKDJ_#T*b=$_OWl>_rpA;Cr{Ek_|E7hB+4gB{>@byrrs7P zzQ^5jjPF~#E8E@m*y<|H#AdImRrh%b*ks=eT|eqQTeXwAE%+{%&In>clpO1D-k17( z9pqfYcEHeHT=hXt&Oal&F?{Wpf-NV_`z$78qFAUu?Kw$d_*WF;we(J91B~O5%tQ7r zaB$I_DFz(eX?*x$ORHR8+53M%q`fdp85R#j>_{qCSQth82A}>(YS|p__i2LH<9UtU z(X0X)KJV2pU@N(?h@2lCz191pTHl-hs(>v<47lt2B-7N~Z)-VCp#kI#@^f~v43|i& zwLgy4xZvZXE4=s!SV$vkhJESR)!t8q!0(%tU}*Uy&x~naU-}0LNaS>!3h`nd^IAo0 z!v&Lm7o4|`)* zF8b>BW~u!gWH?Em-X7Sm&-S@OMvzPd%K7O|a%>1=;ifABAclftavrAm$Op^{P=J#? zOP$k^V%#hm&BQUal6$B2c6#3QR9ztiY`p+fH(t$^MP+=;j6hDa&i=YwGe>v=efFx2 zG|5DBUQgEyQ#OSTIh5A#gd&wZpBh=yINthDZWFwKx@tG#0(L(oansVv~5lCu}9z}27jM#W~m2YzA1v? z7aoIJ;GuB+0GL4Ce%rXx@y0&Y*8?e%npJVsW;1KHMdt`Tw*9FjJ0QycgeTUNl!FAnv^zKne>iDg`NmjiD1d#@l*T?M&ipAoT6s zijDw9*52y#o|bbZj`5#9k1&B=%q$()Ql9|vrn)-IHu&@4`qIGx<+$^`4`fHVe7zE$ zHn%(>-KdKpQWWGR?&lDh1oBqycW9McFSSV;^2y8lMVxP^B&3>15QwUL)WL5Ytl=OK z4sY~sD8;DDRd3NReW^g^L2Mlyp8fM|*n%k9W>c1^(d%`KtrB%nRF!~TG;Z-$48M9T zl83`iXrg**zh6k085p;A_e!1Wkb|a0Zldd zSmBSg1p~8^*gI!H6+XfVF=^LVkurU?_)))g9$Br84&LI8*ic=wOnb?lEXj6Xj!o0s zrwy#>sLnv4%2nTZFpf2Sl_=h#Dp`NiwZWv#Ho|vR4^jSNXy(l;GAb+SR+7;d1m+Mq zKdmi0-nE?jFOQ)*cz!CHfR7$PIjDKX61QGD))YSHq!Cai5yeM{QPQfjO}BJO7Ks3P zwe97lonBnKlOr`@&*41ub*0~CY(7HfxTd}x6Iz67=)M=>vGjS|-zQ6~JR2IOxH!Jw zQ~K1$p=G%`_xuY~W2b!X8gepXK zzm=|d@5-=_qK0^!R}^iTC-P-U!*o7FHFFy-g7;F`3IeY@mBeL5hc|mzLlH4>ePAaVoX*a6?!e|7Dw~HN&Pk zRm1=|EekuY>anLwR2oj;{%40>;4e(WKDM6u z)?5oaX>yh;{J&`WH_!fmID8DmA7VW-FlV6kqT_S>8(&XDuB{Hzj_+w3X_Y~pqW%wI Cq8Ro7 literal 0 HcmV?d00001 diff --git a/assets/image-20240115160311962.png b/assets/image-20240115160311962.png new file mode 100644 index 0000000000000000000000000000000000000000..8e9a6f2e0e9c5ded14c3abf9fdbe4954ae21ba38 GIT binary patch literal 1851 zcmV-B2gLY^P) zOOD(&5QZfqK@OC@$RIm!0^|rjNG_0-H%4~8$oMK*8}LF|G)z?2i$#i*Na_C;gC2@3 z7GKiO5~pYV@B8=VCx89>+X4Up00000n2mq_SbmYIU;jMb6Hv+9XN=cOV7#USLv}qd zrgMSunvS>6%hzAmv%NT)w;$W-t$zElEsLh?0RR91005}x<94=`9RL6T z00000G$5+%*OhNaWJRyPx6lcvP5eAG4?0i*5j#$TB~)Uty;qBk0a&x6nRcM5mqZ zBt!OFq$k+~U|T+G=f=`c?~3G)>fZ9&mPor;{$Rbqt4{B+A&dB6)u@&oVR1ca@}eng zU*6~jY5ujz#;VjwUYd@fYy!q*Zi;ksD=B}#4q*&3%API;rW)C2wX7AGm-Jp#ju3Qe zA4g9Fk>an3|NXWEaao_zpC9~qznpBT6g&EL?)Wl)=&$N3i?l1Ui+1u@{bOnOQu|JR zmJ%#`FxC*XwO=%vDr0Wrr^6cSJ?W?4b}j(M!v}dOaH`qC%XRN;1XTMJ(D*!>>+lMFeLDfjN3x<+HbY)E;*TJBzs2!r+{&pp6t1HdMR5Ryi#z^p1vSvm!!ycPQTDVqm@7F zNj$T3vWd0nP)`%eEmq{j1shFihwbsQQF*x`RAmj5^{R(5k5%dTMEV~Lg|##mZI#i8 z$&#C*ERPx-VO2ZEi~IynA_v&$mJEBdW5Bpv92uVPhkuf19`eeb1_Fytr#Z(enve~m zI}fv>S}IBnh$XVub+ukis4Cw&u$X=_&0*Q0zp8sht0LAM`N7IFEY1XWbep_%ZlJe! z?L&pJ)lH*1W7A;CDeBKp)?WFBlP)x8Ib`qHSwDewn^M!a+`DUZY%4G>pgo6tB~EY3 zz8go~0b6uhCvvBe-D50)c(6s?TZMBeJ-x7BEoFtctc$wm1gELUh=dXcQGP`@JD;KC ztV5I4LDzK;`wgiW5qk4%?M|rD;6ysb&%v?wU{(-Brn5I8qs`|@!MIF`rIkxh-AsNI zzAO3f#*vZl;2pnV%)VOOIFeB&UgJr&o%%A}3MA8C*#}zIdd;#&;LakBOBtj^EEqhU z{di<(!cKtMr+50vl+YEU%s1mBcrY%b^OV~1%jSK3 zU%dgi;W_&!5hY!kt{Q9=va%lP$$pddJa|Ac^&}I=i*}qniM(f#jr^hQW}L2xRL%1H z^G7{~5$s;pE@tG!(@G4h|I^jf+w60)AR8E&gwhT*sP>PVp7lS_2YOD~_M!&%!|_2~ z8tS@JOQ~&?%aDF%Q)Ll-rQYJ|{JbaD?XEO^F~$PafpNJJEKa{uYM1`A+s=o79*;*4 zvt`O&eE_G=r9zzT5Uht~kxQySjuG}0ly<1WZ0l$%+U|LZP#sY1`+3;y&o{Na-bS;T zv$0{;nNp@_#fsB3$N8PIy>23t?m;xbJU5n6i&imdMTw{7pd28S9}@9 z7hs*AmnYa)b?N>kPzuK7B1D4gG=miS@`#ReF5lWAoDrLU|Mabs<;w5Ism>r#qf>F? zO|(wYbFRWkAd$K}u4(Evfj7jOt7rAqX#M~I063G!mPo000M1Nkl zJ&xTt497h|x4Dbl1177Uy;1A zC7Gr^NKu?OPanSj*#H0l00000OY!yN_ICddtiqR{=&zMPe=P^P?0TS2*8=^u9AAEJ zzkkmb;&h&$=fCyy^R{i<+sRS@00000fW`Uyuh|lu$fqB(CCGR)TL1t600000KnrSA z{^i}%uYdp8SNwHHFiW17cTb*TCupEAqxCtc{c{Ez004kEz^vbyPe0mE0FKlR%bWz8 zGzsnbBbMnqmqY=Ik4Odb)r5TRCu5m7`UC&~0H#BH{i5NEX4Y?lou+azpZlM04^Of8 zpI>WR_PX->fEM?`;`rtl^NM*>WU`5#r8bw+kInvQ@@~o7+0#D1t9?F`IQkrobFl4% zeG32p07Ky(i|v$0GwV0OaMm?1f4{EXO%0L)`GfLXC+`+sUkh&f$R6V+VAQEBW0^m5r9DAZ&ydrO>tBjxp?#J8YS@o&> z_5AqF&XpIFH+IB?3Q{*OOg6-uv`f~i7iAmd$`s3VITJrlaDCcMX@ZH@FP{uhr42A0 z64(=Okpjgk{v#3IcrC_c=j{{mNHm9k=1pnycZ!n)&uk%T&4e*ZNlE8LtiVI5O;{IW z^CCP~e!EXpo@ASFPf=U_kIaFpsiGa09bcVA1GA!o6-1v!j7$=vRvMgT1+8Up8dWZ}=Ev8j*(Cq|8V-Ho8*K9EyT`$DK20@yNZvwG&X^b$CBFZ<(?!qus2I_H5Q=A*Tjff7L zVTtJma>Qt3Lkr@qIA$G)Xui8A(9WxDEd6Ftgm19nxf%YAFTdz<0eMAF)ZdPp+d-z{ zvphtY-U0R5fIY@MCqj21$cvNiSg!pO-~sIP**@|2(_J$s?;(Tq?48$>MG?=CJ)P(* z8DwOFBK&t=J$^h-=2_i|-%-E8CconJr95-Mb0mH8^4dIgBW<>NA&N|BwznI!6A; zBd&z4sB?N#JdZ9e4kw7Q3Zm*dzDt*O=4NM2d2Y_4L+j48twL1^T@lPW$Pr`hBu|EX zRXq7CQT*3l^TOAl;!i{sSH0Rfpjo(+?YGlA6wfOLid9bpeQLqTBvoHYJP9^=M(>g9 z7vm*MfG+O(8hWk!kPFg}&cL2s#@KsDP_^@+#WJ;{>&z~$a_>L{?5r5i+T}4o(abu? zu~TUFySa0({pHu|;d13Y@!i_%3I9GjnvWH8`#x8n+FF?|t{Z3V!me}TyQDFbc02rY zYJq2K_)m?s)G2a)Vq7oE@6dr}YxF>8AKx-!-w08Tm`mxsPJFDmnpA-l$bfnxDn{&#!}8_I`s+a{*^9ZLjPxHkvQ4 zRV3v#pR(32P9&5*`Q4&;wpN{PeKFi}2Q*zp3w++Zn*adkV1(+^Ei6ZKafZxEvF1Sg zy>jKxAKX<>w1Y$b7-VhTg_xpG|J~yeO literal 0 HcmV?d00001 diff --git a/item.xml b/item.xml index ec587a3..372105c 100644 --- a/item.xml +++ b/item.xml @@ -6,8 +6,9 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp PortNumber !3389 - fixed - 1 + fixed + dword + 1 检查源路由配置 @@ -16,7 +17,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters DisableIPSourceRouting 2 - enum + enum + dword 检查密码最长使用期限 @@ -24,7 +26,7 @@ secedit MaximumPasswordAge 90 - greaternumber + greaternumber 检查密码长度最小值 @@ -32,7 +34,7 @@ secedit MinimumPasswordLength 8 - greaternumber + greaternumber 检查是否启用密码复杂度要求 @@ -40,7 +42,7 @@ secedit PasswordComplexity 1 - enum + enum 检查"强制密码历史"个数 @@ -48,7 +50,7 @@ secedit PasswordHistorySize 2 - greaternumber + greaternumber 检查是否启用帐户锁定阈值 @@ -56,7 +58,7 @@ secedit LockoutBadCount 1 - enum + enum 检查是否已正确配置帐户锁定时间 @@ -64,7 +66,7 @@ secedit ResetLockoutCount 5 - greaternumber + greaternumber 检查是否已正确配置"复位帐户锁定计数器"时间 @@ -72,7 +74,7 @@ secedit LockoutDuration 5 - greaternumber + greaternumber 检查可远程访问的注册表路径和子路径 @@ -81,7 +83,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths Machine - array + array + multistring 检查是否已删除可匿名访问的共享和命名管道 @@ -90,7 +93,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters NullSessionPipes - array + array + multistring 检查是否已删除可匿名访问的共享和命名管道2 @@ -99,7 +103,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters NullSessionShares - array + array + multistring 检查是否已限制SAM匿名用户连接 @@ -108,7 +113,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Restrictanonymous 1 - enum + enum + dword 检查是否已限制SAM匿名用户连接2 @@ -117,7 +123,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Restrictanonymoussam 1 - enum + enum + dword 检查可关闭系统的帐户和组 @@ -125,7 +132,7 @@ secedit SeShutdownPrivilege *S-1-5-32-544 - equals + equals 检查是否已限制可从远端关闭系统的帐户和组 @@ -133,7 +140,7 @@ secedit SeRemoteShutdownPrivilege *S-1-5-32-544 - equals + equals 检查是否已限制"取得文件或其他对象的所有权"的帐户和组 @@ -141,7 +148,7 @@ secedit SeProfileSingleProcessPrivilege *S-1-5-32-544 - equals + equals 检查是否开启策略更改审核 @@ -149,7 +156,7 @@ secedit AuditSystemEvents 3 - enum + enum 检查是否开启登录事件审核 @@ -157,7 +164,7 @@ secedit AuditLogonEvents 3 - enum + enum 检查是否开启对象访问审核 @@ -165,7 +172,7 @@ secedit AuditObjectAccess 3 - enum + enum 检查是否开启进程跟踪审核 @@ -173,7 +180,7 @@ secedit AuditProcessTracking 3 - enum + enum 检查是否开启目录服务访问审核 @@ -181,7 +188,7 @@ secedit AuditDSAccess 3 - enum + enum 检查是否开启特权使用审核 @@ -189,7 +196,7 @@ secedit AuditPrivilegeUse 3 - enum + enum 检查是否开启系统事件审核 @@ -197,7 +204,7 @@ secedit AuditSystemEvents 3 - enum + enum 检查是否开启帐户登录事件审核 @@ -205,7 +212,7 @@ secedit AuditAccountLogon 3 - enum + enum 检查是否开启帐户管理审核 @@ -213,7 +220,7 @@ secedit AuditAccountManage 3 - enum + enum 检查系统日志文件达到最大大小时的动作的序号 @@ -222,7 +229,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System Retention 0 - enum + enum + dword 检查系统日志最大大小 @@ -231,7 +239,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System MaxSize 8388608 - greaternumber + greaternumber + dword 检查应用程序日志文件达到最大大小时的动作的序号 @@ -240,7 +249,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application Retention 0 - enum + enum + dword 检查应用程序日志最大大小 @@ -249,7 +259,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application MaxSize 8388608 - greaternumber + greaternumber + dword 检查安全日志文件达到最大大小时的动作的序号 @@ -258,7 +269,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Security Retention 0 - enum + enum + dword 检查安全日志最大大小 @@ -267,7 +279,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Security MaxSize 8388608 - greaternumber + greaternumber + dword 检查是否已开启Windows防火墙 @@ -276,7 +289,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile EnableFirewall 1 - enum + enum + dword 检查是否已启用SYN攻击保护 @@ -285,7 +299,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters SynAttackProtect 1 - enum + enum + dword 检查TCP连接请求阈值 @@ -294,7 +309,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters TcpMaxPortsExhausted 5 - enum + enum + dword 检查取消尝试响应 SYN 请求之前要重新传输 SYN-ACK 的次数 @@ -303,7 +319,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters TcpMaxConnectResponseRetransmissions 2 - enum + enum + dword 检查处于SYN_RCVD 状态下的 TCP 连接阈值 @@ -312,7 +329,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters TcpMaxHalfOpen 500 - lessnumber + lessnumber + dword 检查处于SYN_RCVD 状态下,且至少已经进行了一次重新传输的TCP连接阈值 @@ -321,7 +339,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters TcpMaxHalfOpenRetried 400 - lessnumber + lessnumber + dword 检查是否已启用并正确配置ICMP攻击保护 @@ -330,7 +349,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters EnableICMPRedirect 0 - enum + enum + dword 检查是否已禁用失效网关检测 @@ -339,7 +359,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters EnableDeadGWDetect 0 - enum + enum + dword 检查是否已正确配置重传单独数据片段的次数 @@ -348,7 +369,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters TcpMaxDataRetransmissions 2 - enum + enum + dword 检查是否已禁用路由发现功能 @@ -357,7 +379,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters PerformRouterDiscovery 0 - enum + enum + dword 检查是否已正确配置TCP"连接存活时间 @@ -366,7 +389,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters KeepAliveTime 300000 - lessnumber + lessnumber + dword 检查是否已启用并正确配置TCP碎片攻击保护 @@ -375,7 +399,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters EnablePMTUDiscovery 0 - enum + enum + dword 检查是否已启用"不显示最后的用户名"策略 @@ -384,7 +409,8 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Dontdisplaylastusername 1 - enum + enum + dword 检查是否已正确配置"提示用户在密码过期之前进行更改"策略 @@ -393,7 +419,8 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon PasswordExpiryWarning 14 - greaternumber + greaternumber + dword 检查是否已正确配置"锁定会话时显示用户信息"策略 @@ -402,7 +429,8 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System DontDisplayLockedUserId 3 - enum + enum + dword 检查是否已禁用Windows硬盘默认共享 @@ -411,7 +439,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters AutoShareServer 0 - enum + enum + dword 检查是否已禁用Windows硬盘默认共享2 @@ -420,7 +449,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters AutoShareWks 0 - enum + enum + dword 检查是否已启用并正确配置屏幕保护程序 @@ -429,7 +459,8 @@ HKEY_CURRENT_USER\Control Panel\Desktop ScreenSaveActive 1 - enum + enum + string 检查屏幕保护程序等待时间 @@ -438,7 +469,8 @@ HKEY_CURRENT_USER\Control Panel\Desktop ScreenSaveTimeOut 300 - lessnumber + lessnumber + string 检查是否已启用在恢复时显示登陆界面 @@ -447,7 +479,8 @@ HKEY_CURRENT_USER\Control Panel\Desktop ScreenSaverIsSecure 1 - enum + enum + string 检查是否已启用并正确配置Windows网络时间同步服务(NTP) @@ -456,7 +489,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer Enabled 0 - enum + enum + dword 检查是否已关闭Windows自动播放 @@ -465,7 +499,8 @@ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers DisableAutoplay 1 - enum + enum + dword 检查是否正确配置服务器在暂停会话前所需的空闲时间量 @@ -474,7 +509,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters Autodisconnect 15 - enum + enum + dword 检查是否已启用"当登录时间用完时自动注销用户"策略 @@ -483,7 +519,8 @@ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters Enableforcedlogoff 1 - enum + enum + dword 检查是否已禁用"登录时无须按 Ctrl+Alt+Del"策略 @@ -492,7 +529,8 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Disablecad 0 - enum + enum + dword 检查是否已禁止Windows自动登录 @@ -501,7 +539,8 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon AutoAdminLogon 0 - enum + enum + string 域环境:检查是否已正确配置"可被缓存保存的登录的个数"策略 @@ -510,6 +549,7 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon CachedLogonsCount 5 - lessnumber + lessnumber + string \ No newline at end of file