FOR, the "traditional" way of doing that is to use 127.0.0.1 as the DNS - that's internal reference to the computer itself.

The problem with this approach is it just blocks address resolution and not Internet access. By using IP addresses it's possible to get in and out. Also it's not isolated from the network so if another system happens to cop a dose of something the WinXP system is vulnerable, and as has been highlighted it's still vulnerable to infected files. Obviously those are a smaller risk than actively taking it online, but it's a risk none the less.