To control something such that it only 'works' internally is difficult - if you distribute the code, someone can disassemble it, even if it's compiled.

To make it _more difficult_ on the other hand: what you need is something you can check - from within your script - that verifies that it's 'ok'.

There's nothing you can really do here that can't be spoofed but my thoughts would be (one or more of):

• check local hosts fully qualified DNS name.
• check the local host has the right network configuration.
• fire up a website, or daemon on a server internally (and ensure it's firewalled/not resolvable externally) and have the script perform a basic web fetch.
• Authenticate the user running your script, against an internal service. (E.g. LDAP/AD/nis etc.).

The short answer is of course that if you've given away an executable, someone can _always_ retro engineer it. The only way to retain some degree of control is to turn your script into a server side application - keep control of the code, and let people access it with their web browser. At which point you can do a lot better in terms of access control/authentication.