diff --git a/plugins/services/ms17010.go b/plugins/services/ms17010.go
index 9b55e28..0f0948a 100644
--- a/plugins/services/ms17010.go
+++ b/plugins/services/ms17010.go
@@ -296,11 +296,18 @@ func init() {
 
 // checkMS17010Vulnerability 检测MS17-010漏洞 (从原始MS17010.go复制和适配)
 func (p *MS17010Plugin) checkMS17010Vulnerability(ip string) (bool, string, error) {
+	// 检查发包限制
+	if canSend, reason := common.CanSendPacket(); !canSend {
+		return false, "", fmt.Errorf("发包受限: %s", reason)
+	}
+
 	// 连接目标
 	conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second)
 	if err != nil {
+		common.IncrementTCPFailedPacketCount()
 		return false, "", fmt.Errorf("连接错误: %v", err)
 	}
+	common.IncrementTCPSuccessPacketCount()
 	defer conn.Close()
 
 	if err = conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)); err != nil {
@@ -401,10 +408,17 @@ func (p *MS17010Plugin) checkMS17010Vulnerability(ip string) (bool, string, erro
 
 // checkDoublePulsar 检测DOUBLEPULSAR后门
 func (p *MS17010Plugin) checkDoublePulsar(ip string) bool {
-	conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second)
-	if err != nil {
+	// 检查发包限制
+	if canSend, _ := common.CanSendPacket(); !canSend {
 		return false
 	}
+
+	conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second)
+	if err != nil {
+		common.IncrementTCPFailedPacketCount()
+		return false
+	}
+	common.IncrementTCPSuccessPacketCount()
 	defer conn.Close()
 
 	// 简化的后门检测逻辑