Protect / Defend Windows Hosts File

1. Flush DNS of malicious Domain/IP:

ipconfig /flushdns

A screenshot of a computer

Description automatically generated

2. Flush NetBios cache of Host/IP:

nbtstat -R

A computer screen with white text

Description automatically generated

3. Check Host file location:

reg query HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /f DatabasePath

4. Add malicious domain to host file, and route to localhost:
(Poor man's sink hole)

echo 127.0.0.1 <MALICIOUS DOMAIN> >> C:\Windows\System32\drivers\etc\hosts

A screen shot of a computer

Description automatically generated

5. Test by pinging malicious domain:

ping Netflix.com -n 1

A screenshot of a computer

Description automatically generated