Blocking Internet Access Per User

[owensdj]

Is there a way to restrict Internet access for certain users, or at least the use of Internet Explorer? These are 3 XP machines in a workgroup.

 

[RebateMonger]

What do you mean by "restrict"? No Internet access at all?

There are multiple ways, that vary in complexity and how easy it is to bypass the restrictions. The most solid ways are either a Proxy Server or "NetNanny"-type software. The simplest way is to erase the Default Gateway on the PCs, meaning they can't reach the Internet at all. But without additional controls enabled, this is easily thwarted by a knowledgeable user.

 

[QuixoticOne]

http://www.ditii.com/2006/05/2...xplorer-in-windows-xp/

You should be able to create a system profile in which the network devices themselves are disabled. A limited user account shouldn't be able to change that. I'm not sure if the profiles are user account specific, but I'd expect there's a way to switch them depending on your login.

 

[ChAoTiCpInOy]

You could use OpenDNS on the Gateway or the Router so that they can't actually change it.

 

[Kakumba]

Or, this may be overkill/ too difficult, but running a proxy (like squid), and requiring all computers that want internet to run an ident daemon, which you could then setup a rule to not allow internet to certain users. But that might be a crazy solution where the above ones might be better/ easier. Just a thought.

 

[Cooky]

Set static IP's or use DHCP reservation, then block them on the Internet facing firewall.