• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 623
  • Last Modified:

Password protect access to Internet explorer in XP

Hi,

Can anyone give me a suggestion on how I can SIMPLY password protect access to Internet Explorer.  I'm looking for a SIMPLE solution, if it exists.  It could be a small program (preferrably free) or a registry setting, as long as it's not too complicated.  I have to be able to get  a regular end user to  impliment this.  The Operating System is XP Pro.

We just want to block the users of this one particular PC from accessing the Internet, although the manager must be allowed to access it when needed.  Unfortunately, the user and Manager log on as an Admin equivalent user to access their proprietary software during working hours.

Thanks,
Yeller
0
yeller
Asked:
yeller
  • 3
  • 2
  • 2
  • +9
1 Solution
 
luv2smileCommented:
I don't know of a way to password protect IE.  Plus...even if you did, a user could use another browser to access the Internet if they really wanted.

To completely block or control internet access then you need a firewall or a proxy setup...sorry, if you want to 100% have control of internet access then there is no really simple one button solution.
0
 
yellerAuthor Commented:
Let's say I don't need 100% control.  I just want to stop Internet Explorer access to "not so smart" users.  It does not have to be a fool proof solutiion.  I understand they could load another browser.  In this environment I doubt they would.  I am look for more of a deturant rather than a high security soltion.

I don't need a simple "one button" solution, just something not too complex to implement.

Thanks,

yeller
0
 
luv2smileCommented:
There is this program:


http://www.winguardpro.com/

But please realize that you are not completely blocking internet access....savy users especially those with admin rights can get around settings and get on the Internet.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
madspireCommented:
The easiest thing to do would be to use the built in IE Content Advisor

from IE, click on Tools, Internet Options, then on the Content tab. Click on the Enable button under the content advisor - from within the settings, you can set a supervisor password to bypass, and add sites to the do not allow, or allow list, if there are a few sites any user should be able to access. This will not block every single siyte out there, but it will block anything offensive - adding common sites like google, yahoo, aol, msn, etc toi the do not allow list will take care of the rest. For those persistant employees that find unblocked sites, just view their history, and add their favorite sites to the do not allow list.
0
 
fixnixCommented:
If you currently have no firewall on the workstation (meaning you are relying on a perimeter firewall elsewhere on the network), then this method will work...it's more than a couple clicks to set up, but will be easy to use for your manager:

Download and install Sygate Personal Firewall, http://smb.sygate.com/products/spf_standard.htm

(The following can be tweaked for better protection, but this is the simple way that won't be any worse than your current setup and accomplish what you desire)

Set up "Advanced Rules" in this order:
1st Rule should be to allow all traffic to/from your local network on all ports and protocols.
2nd Rule should be to dent all traffic to/from everywhere (0.0.0.0/0) on all ports and protocols.

Set a password on Sygate firewall (Options screen)

From that point forward, all your manager will need to do is double-click the firewall icon in the system tray, enter the password, and select "Allow All Traffic" (Actually, he may be able to right-click the tray icon and sellect "Allow All" and will then be prompted for the password (after an "Are you sure?" box)).  When the manager is done accessing the internet, he simply does the same process but selects the "Normal" mode to put it back blocking the internet.

As with any application level firewall, the first time programs attempt to access the internet, there will be a popup box asking if you want to allow <application name> access to the internet.  Simply check the "Remember my answer" box and tell it yes.  You should probably jump on line yourself and run the internet programs you expect your manager to use and get those boxes checked and settings remembered before he uses this new method, thereby saving him the annoying "Do you want to allow...." popups.
0
 
fixnixCommented:
typo above:  "dent" should by "deny" in case that wasn't apparent ;)
0
 
MHurtaresCommented:
Enabling Content Advisor is probably the solution you are looking for.  You can allow certain webpages to show or you can simply block everything.  To display a webpage, you just simply type in your password.  Try it, it is easy.
0
 
parkerigCommented:
Hi,
Windows XP Pro allows you to set security on files ( XP home does not ).
I would just browse to c:\program files\inter explorer\iexplore.exe ( and any other references of iexplore.exe ) and just change the permissions on the security.
eg change security so the user signon that you don't want to run IE is denied permission to run.

Cheers
Ian

0
 
paraghsCommented:
You can use Password Protection System - Lite edition (freeware) from :
http://www.nthsystem.com/ppslite.html

Using PPS Lite, you can put a password on IEXPLORE.EXE.
I think that is all you need to stop "not so smart" users :)
0
 
JimsZCommented:
change the dns on the local machine to one that doesn't exist...  When they try to get online, it will try to get the page dns from this "non-existant" dns server.  All your supervisor or anyone authorized will have to do is change the dns server back to a good dns server before they leave the computer.
0
 
Mohammed HamadaSenior IT ConsultantCommented:
http://www.softheap.com/iesecurity.html
What you looking for ;)
0
 
jculkincysCommented:
Just delete the Icon from the desktop and the start menu
0
 
CodedKCommented:
---->I just want to stop Internet Explorer access to "not so smart" users.

Open Explorer.
Open "File" tab.
Choose "Work Offline"

For really not smart users :)
0
 
star57techCommented:
Simply the best program free for 3 users is CCPROXY. I use this all the time and is simple to set up and use. This will give you the username and password for the intenet with content filtring, website filtering. You will love it.
http://www.youngzsoft.net/ccproxy/
0
 
yellerAuthor Commented:
Thanks everyone,

I'm going to lookm at each solution and get back to you.

I will say again that the users of this PC logon as ADMIN to user a proprietary software.  So I  don't think I'll be able to use some of the soltuions.  Also, I'm sure I won't implement any content filtering.  We SIMPLY want to block ANY internet Explorer access to users of this PC  BUT the manager needs to use the internet on this PC fairly often.   That's why password protectin IE was my first idea. He also logs in as the same Admin user.  Everyone logs on to this PC as the same Admin user ( yep, I know it's a big NO NO but they are not about to change their lazy habits).

Anyway, I'll check things out and see if anything solves this little problem.

Thanks
0
 
Mohammed HamadaSenior IT ConsultantCommented:
The software i posted can secure ur IE with password.
Good luck Yeller.
0
 
star57techCommented:
On the CCproxy, it does have a filtering feature, but you do not have to use it. The feature with logging on is that you can create 2 users, 1 Admin that can log onto IE and surf and go anywhere, And then another called user, That has no rights to surf the internet and get an error message that " This User has been restcricting from using Internet Explorer" . Even if they download Firefox, Netscape.. etc. I use this program in alot of Wi-Fi spots , Doctors office's, Lawyers. etc. People like to play when the boss is not looking, and CCproxy stops that, Period. I can rescrict what is downloadable, installed, anything. You will like it also. Its free to try and keep up to 3 users.

Keith
0
 
fixnixCommented:
I don't see why a password protected firewall like I mentioned wouldn't be the best solution.  It accomplishes your objective and goes much farther in securing the box.  To me it's a no brainer.  Boss just toggles it on and off at will, nobody else can send any packets out.  For someone to circumvent that solution, they'd have to set up either a proxy or another gateway elsewhere on the LAN.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 3
  • 2
  • 2
  • +9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now