Solved

Completely disable internet access

Posted on 2009-06-29
8
459 Views
Last Modified: 2013-12-04
Hi all,

I have a Vista Home Premium desktop system where UAC is disabled and I've been asked to completely disable internet access on it. (It has wireless and an ethernet connection)
Quick and simple solution is to take the aerial away from the wireless adapter and take away the cord for the ethernet.
That however will not work in this case.
They need to be able to enable or disable internet access easily. (Or as easily as possible, Think Mum and Dad use it, then an offending person uses it, but both groups need to have the access they need.)
So then there is the false proxy method as per http://mintywhite.com/tech/vista/disable-internet-access-in-windows-vistaxp/
Considering theres (currently) only 1 username setup on this machine that auto log's in that will not work as the offending person could use the same method to unlock it the parents do.

So heres my thinking (Unless UAC offers something I don't know, And to be honest I've not been a fan of UAC)
Create 2 accounts, one an admin for the parents, the second normal user for anyone else both password protected with obviously vastly different passwords.
Parents have admin access and ability to change the reg keys in the article, the second does not.
Parents have to get into the habit of running the proxy off reg script (Or create an "on logoff script" that will merge the proxy "enable" reg keys for all users)
Under vista home premium you can assign security to files/folders, so the reg files themselves can be locked down on that level.

Now to my question, is there a better FREE way via UAC or any other way you can think of?

Thanks for any insights,
Terry
0
Comment
Question by:qz8dsw
  • 4
  • 4
8 Comments
 
LVL 15

Author Comment

by:qz8dsw
ID: 24734229
Sorry, Made one mistake.
"Parents have to get into the habit of running the proxy off reg script"
Should be
"Parents have to get into the habit of running the proxy on reg script"
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24734291
Your thinking is ok, infact that is preferred..
Except UAC should be left enabled for activeX's etc.
http://en.wikipedia.org/wiki/User_Account_Control

Have you looked at Content Advisor within IE?

0
 
LVL 15

Author Comment

by:qz8dsw
ID: 24734384
Hi debuggerau and thanks for replying.

I'll try to explain the layout abit better.
Offending kid with desktop also has an Xbox 360.
Xbox 360 because it costs for a wireless addon has been connected to the desktop using the ethernet port.
The desktops wireless connection is shared so the Xbox 360 can go on the internet and as a cause creating a couple of places they can play from depending on the games.
Unfortunately this has been abused.

So the parents concerned want to lock the sod down once and for all.

I had another thought after posting, My thought was what firewall are they running.
Windows standard firewall.
I'm not a fan of software blocks unless they are on an OS level but I do have to admit for free software Comodo does a VERY good job with this on a local machine level.
I'm however still considering my best way to go in this case is my original thinking. It's alot harder to over-ride the OS than it is to over-ride a 3rd party app in my thinking.

Cheers,
Terry
0
 
LVL 15

Author Comment

by:qz8dsw
ID: 24734428
Oh and considering the perants are not just talking about IE in itself I've not looked at the content advisor at all. (The offending kids could install firefox if they REALLY wanted to get on the net)

These kids we are talking about are what I would call OK on a computer, but I think the basic blocks using the hosts file and the such has already been used on them. So now I'm thinking up the level so they need to deal with actualy security. Hopefully they will give up and do their school work instead. LOL!
0
Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

 
LVL 23

Accepted Solution

by:
debuggerau earned 500 total points
ID: 24734452
yea, so I was thinking of a script file (.vbs) with a command that stops the wired adapter.

http://forum.sysinternals.com/forum_posts.asp?TID=9483
0
 
LVL 23

Assisted Solution

by:debuggerau
debuggerau earned 500 total points
ID: 24734459
yea, separate logins will alleviate most of those issues, even without UAC..
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24734461
and they could always rightclick the network icon and pick disable..

(if they select the 'show icon in taskbar') in the adapter configuration..
0
 
LVL 15

Author Closing Comment

by:qz8dsw
ID: 31599862
Thanks for your help.
As ossposed to the false proxy I'm using a batch file using netsh interface set interface "Local Area Connection" Disable
and netsh interface set interface "Wireless Connection" Disable

Seems to work well and the user accounts can't enable it using the command or right click.
Since the wireless interface is a card inside the machine as opposed to USB the only way they could get it going as a non admin is to open the box, remove the card, power windows up so windows removes the wireless IF and then power it down, put the card back in, power it up.
Then it would in theory be a new IF for windows (I can't test it)
About the only thing I have left to test is the netsh interface set interface "Local Area Connection" Disable survives a reboot.
If it doesn't I have the false proxy up my sleeve. :)

Thanks for your thoughts and confirmation
Cheers
Terry
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now