How to lock down Windows XP for use as an internet kiosk?
Solution 1:
Windows SteadyState is a free tool from Microsoft to perform exactly what you are looking for. It is also easy to setup and manage, and appears to be a great fit for your kiosk rollout.
Windows SteadyState includes the following features to help you manage your shared computers:
Windows Disk Protection – Help protect the Windows partition, which contains the Windows operating system and other programs, from being modified without administrator approval. Windows SteadyState allows you to set Windows Disk Protection to remove all changes upon restart, to remove changes at a certain date and time, or to not remove changes at all. If you choose to use Windows Disk Protection to remove changes, any changes made by shared users when they are logged on to the computer are removed when the computer is restarted.
User Restrictions and Settings – The user restrictions and settings can help to enhance and simplify the user experience. Restrict user access to programs, settings, Start menu items, and options in Windows. You can also lock shared user accounts to prevent changes from being retained from one session to the next.
User Account Manager – Create and delete user accounts. You can use Windows SteadyState to create user accounts on alternative drives that will retain user data and settings even when Windows Disk Protection is turned on. You can also import and export user settings from one computer to another—saving valuable time and resources.
Computer Restrictions – Control security settings, privacy settings, and more, such as preventing users from creating and storing folders in drive C and from opening Microsoft Office documents from Internet Explorer®.
Schedule Software Updates – Update your shared computer with the latest software and security updates when it is convenient for you and your shared users.
SteadyState supports Windows XP Professional, Home Edition, Tablet PC Edition, as well as Windows Vista Business, Enterprise, Ultimate, Home Basic, Home Premium, and Starter. The hardware requirements are the same as for Windows XP and Windows Vista, so any computer that runs these operating systems well should also be able to run Windows SteadyState.
Solution 2:
I would say for simplicities sake, take a look at using a bootable CD/USB Drive to load a lightweight linux OS to allow browsing the website.
With the kiosks only being used to browse one website, you really do not need the complexity of securing Windows when there are some prebuilt solutions that you can look at.
Check out Matts Tech Blog on Bootable Kiosk CDs
This should point you in the right direction along with links to KioskCD and Boothbox (an open source Kiosk type CD.
Solution 3:
I use Windows SteadyState on over 75 machines.
Its totally free and offers many specific restrictions as well as locking down the HD so that it is restored to a specific, preconfigured state at each restart. For example, if a user manages to infect the machine with malware, a restart will clear it up immediately.
THere are way too many options to mention here, but SS will do everything you mentioned in your question and more. Download it and try it out. Its a very small download and is very easy to configure and use.
Solution 4:
Some ideas for you:
I did a job like this for a Customer a few years ago. I configured Windows XP to start Internet Explorer in "Kiosk Mode" as the shell, and disabled the context menus. No keyboard was present on this unit, so the user couldn't exit full screen mode.
If I had to do this today, I'd start looking around for kiosk extensions for Firefox or "shells" for Internet Explorer as a first step.
To prevent memory leaks in the browser from taking the unit down I used a screensaver to logoff the computer after an inactivity timeout, whereupon it auto logged-on again. I also scheduled a nightly reboot to keep the background processes from leaking away memory.
On the recovery front, it would be fairly trivial to build a Windows PE / BartPE bootable USB stick to re-image the machine (ImageX, Ghost, whatever you want to use) if it failed.
On the "access only certain web site" front: You might be able to get away with pointing the DNS on the PC to a restrictive DNS server that only served the zones for sites you wanted to enable access to. You could use a "HOSTS" file, but then you run into update issues if any of those IPs change. You could use some "netnanny" type filtering software on the PC, but I have no experience with that to speak to. Finally, you could configure the PC to use a proxy server (either hosted locally on the PC, or centrally on the 'net) and filter requests that way.
That old kiosk job was really fun, in part, because the kiosk itself had no Internet connectivity! It ran an Apache / PHP / MySQL stack and a wildcard DNS server in the background and served up the site to itself and the other kiosks in the area via WiFi! You could even load updates to the content on the kiosk from USB memory stick or CD (with a proper authentication file on the media). If you tried to surf away from the main site it was hosting, a wildcard virtual host and the wildcard DNS would take you to a "Sorry, you can't get there..." page.
I would've liked to have used a Linux-based solution for that job, but the Customer had a requirement that I use Windows. I would've ended up doing a very similar thing w/ a Linux-based system anyway, since it allowed the Customer to load their live web-site onto a kiosk that otherwise had no Internet access and didn't require their web site developers to make any changes (i.e. the kiosk executed all of the PHP and used the database in the same way as the real web site). It was loads of fun!