Blocking Internet

[AnotherUser]

I'm looking to easily block the internet from being used on just a single PC. The PC still needs access to other network resources but internet needs to be disabled.

OS is Windows XP I believe. I don't want to filter with Open DNS as we only want to block 1 PC and also want to use internal DNS.

I think I'm over thinking this, this has got to be easier than I'm thinking.

 

[scline]

What is your router/firewall device? If you have something that is manageable you can simply block the IP address of that PC on ports 80/443. DDWRT (I believe its called that) on a home wireless device has easy ways to perform such blocks.

 

[devman]

If your using IP tables on your router, I believe you can use.

iptables -I FORWARD -s <pc_ip_address> -j REJECT --reject-with icmp-net-prohibited

 

[k1pp3r]

Is this on a domain? If so apply a GPO to a new OU called "No Internet" put a fake proxy in there and then put the PC in the OU.

 

[jeffmoss26]

We do something similar here at work to block internet on the shop floor PCs. Point the proxy to 0.0.0.0 and have a list of 10 or so internal sites they can access.

 

[RocketTech]

Enter a static IP address and subnet, leave the gateway blank. DNS is optional if you use IP addresses for internal resources.