Problem
TechRepublic member gryandmary
used the Technical
Q&A to pose the following question: “Can I target a client PC and
disable Internet surfing, through a Windows 2000 Server with DSL connectivity,
while still maintaining communication with the server? We are using Microsoft
Windows XP Pro on the client.”
Solution
Here was the response from TechRepublic member zaferus: “There are two ways you
can disable Web browsing from a Windows system:
- Go to
Internet Options in the Control Panel. Go to the Connections tab and click
LAN settings. Uncheck “Automatically detect settings” and then
check “Use proxy server” and put settings in for a proxy server
that doesn’t exist. This will time out the Web browser each time a user
tries to pull up an Internet site. Unfortunately, a savvy user could go
into the settings and fix this. - Alternatively,
you can set the Internet router to deny all port 80 traffic to the WAN from
the IP address of the client PC you want to block. This is something that
the user is less likely to figure out, and it will effectively block that one
PC from Web access, while still allowing all over LAN users full access to
the Internet.”
TechRepublic member brian
added another option:
“Go to:
- TCP/IP
Properties - Advanced
- Options
- TCP/IP
filtering Properties - Select
Enable TCP/IP filtering (All adapters) - Select
Permit Only for all three selections (TCP, UDP, IP) - Add only
the allowed ports that are needed (leaving out port 80 for Web browser
traffic) - Click
OK multiple times to close out the windows
These settings could also be set in a Group Policy GPO so that
the user can’t change them. You would make a special group just for this user.”
Note
The text of discussion posts from TechRepublic members has
been slightly edited for spelling, punctuation, and clarity.