I have about 10 users that access 10 different pcs in a facility that is open 24hrs. I want to be able to deny them access to the internet. I can not do anything hardware specific and they must be connected to the same intranet as everyone else. I can't put them on a router. I would settle for a regedit fix that would automatically send them to one page no matter what they typed in. Or complete denial.

Things that I have tried:
Delete IE icon.
Solution - open <start><run>http:\\www.google.com
Solution - open any explorer window and enter address in path bar
Solution - I am sure there are others

Setup proxy connection under connections in IE to loopback address- works good and I can use policy editor to deny changes, however... it is user specific, I would have to log each one into the pcs and change the setting for each user - not practical.

Any help would be appreciated!
Thanks in advance!

One possibility is to use the Hosts and/or lmhosts file. You can research this file at support.microsoft.com. It can be used to redirect calls to web sites.

I looked into the lmhost and host files, but it looked like it would be more trouble than it would be worth. I don't think it would be that hard to go that route, but I think that those work as a DNS server and I would have to add entries with bogus ips to resolve domain names for every website I could think of and probably wouldn't cover the ones that they think up to visit. However...

You did spark an idea that seems like it might work. We are running DHCP, but the only thing that a DNS server does is resolve ips to domain names for?? Internet Explorer!! So, I am going to put the loop back address in for the DNS servers and... there is no way for IE to know where it is going and therefore returns a page not found! Thanks for the help and hopefully this help some others out there! Of course, I am sure that something else will depend on the correct DNS ips. We will see.

Thanks Again!

Be very careful in doing it at the DNS level as this may cause a lot more problems, also bear in mind this would affect ALL users not just the ones you want to limit.

I use a access monitoring program called Surfcontrol (http://www.surfcontrol.com/) which works extremely well and can be used on a user by user case.
Not only will it monitor any internet activity, but it can also be set up to block access to certain sites and limit access to everything else.
It's very easy to set up and administrator.

Are these computers on a workgroup or a domain? If on a domain you can set a group policy for these users to block internet using proxy server settings!