Re: Windows XP in Kiosk-Type Mode

From: Kevin K (WMTRP205_at_nospam.com)
Date: 01/22/04 

Date: Thu, 22 Jan 2004 15:48:00 -0500

Hi Norm,

You can restrict access to many things through the registry. Visit
http://www.winguides.com/registry/

Here are some tweaks I've found that you may want to use:

Disable Menu Bars and the Start Button (Windows 95/98/Me/2000/XP)
http://www.winguides.com/registry/display.php/905/

Remove Tray Items from Taskbar (Windows XP)
http://www.winguides.com/registry/display.php/983/

Remove the Toolbars on the Taskbar (Windows XP)
http://www.winguides.com/registry/display.php/984/

Disable the Ability to Right Click on the Desktop (All Windows)
http://www.winguides.com/registry/display.php/160/

Hide All Items on the Desktop (All Windows)
http://www.winguides.com/registry/display.php/147/

Disable Taskbar Context Menus (All Windows)
http://www.winguides.com/registry/display.php/159/

Disable Task Manager (Windows NT/2000/XP)
http://www.winguides.com/registry/display.php/163/

Disable the Change Password Button (Windows NT/2000)
http://www.winguides.com/registry/display.php/265/

These tweaks will restrict access to almost everything in windows. If I have
left anything out, visit the WinGuides registry site
(http://www.winguides.com/registry/) and do a search for it. Also, make sure
that the account is a limited account. The tweaks can be applied from
another (administrator) account, visit
http://www.dougknox.com/xp/tips/xp_adv_reg_editing.htm for more information. 

-- 
Kevin
Please reply to newsgroup so that all may benefit
"NormRumac" <NormRumac.10f3qg@mail.mcse.ms> wrote in message
news:NormRumac.10f3qg@mail.mcse.ms...
>
> Hi.
>
> I need to setup a desktop computer system in a retail store.  This
> system will be accessible to the general public (i.e. anyone can use
> it).
>
> The purpose of this system is to allow users to access one single
> custom made database application that will run on Windows XP Pro
> persistantly 24 hours a day, 7 days a week.
>
> Since anyone is allowed access to the computer, there are obviously a
> number of potentially dangerous security risks (this computer will be
> connected to a local network).
> But, if we can assume that the database application and its asscociated
> resources are secure, what are the steps we need to take in order to
> virtually elimiate any possible damage that can be done by malicious
> (or curious) users?
>
> Basically, I just want to have the database application running all the
> time.  If possible, users shouldn't even know that Windows XP is the OS
> behind the application.  They should not be able to kill the
> application process, minimize/close the application window, start any
> new applications, read any files, access the internet...install/run any
> other programs...nothing....they should only be able to use this one
> intended application.  Note that this application requires access to
> SQL server, and a local instance of this service will need to run on
> this computer, so i understand that I will need to turn on the MSSQL
> service locally.
>
> Can anyone give me step by step instructions on how to lock down the
> system so it does what I want?  I need to elminate as many potential
> security holes as possible.
>
> Thanks,
> --Norm
>
>
> NormRumac
> ------------------------------------------------------------------------
> Posted via http://www.mcse.ms
> ------------------------------------------------------------------------
> View this thread: http://www.mcse.ms/message312994.html
>
Quantcast