I don’t think so.
cis doesn’t want to know about hosts, and e.g. every allowed or blocked network zone you write in cis is not written to hosts.
But nothing keeps you to write hosts as a protected filed in defense+ (or, without asking cis whatever, to set hosts with the read only attribute).
There’s already a rule in D+ to protect %windir%, it should protect the hosts file.
Download this one (regularly kept up to date)
and set it “read only” (as they suggest)
There are 2 good utilities for managing HOSTS file:
and HostsXpert at
The first is very easy to use and has a simple interface; the latter has more functionality but can be a bit unclear.
Each will make HOST writeable for updating/merging files and then make it Read-only to protect it.
My HOSTS is currently at nearly 195,000 names, so disabling the DNS Service is essential.
I use this script on my router.
Here this default rule works perfectly (indeed protects hosts file).
it may seem a stupid question but imgoing to ask it anyhow.
how do i find my hosts files?
ive looked in system32 folders/drivers etc and i cant find it.
im trying to make sure it is on read-only status.
I just responded to your other post, but it looks as though you’ve already looked there. Here is an idea, just use the file search. Search for HOSTS.
Win Patrol protects Host Files and notifies you if any attempt is made to alter them.
It also displays the Host Files → open Win Patrol → Options → View Hosts.
Why use another program when all it takes is a simple read only flag?
You have to uncheck both “Show system files” and “Show hidden files”
ive tried hostsman but it locked up my computer solid.im jst wondering if you have to disable the dns service?
i left that option unticked when i installed it.