Locking the hosts file
The hosts file is the file that Windows uses to resolve any domain names before confirming with a nameserver. Let's assume that your favorite bank's IP is changed in that file and when you try to do some transactions you open a cloned version of your bank's website. You assume that it is the legitimate site because you see the name correctly displayed in the address bar.
Normally, the hosts file can be changed only by administrators. However, we want to ensure that it cannot be changed even by administrator accounts and is always same in all the hosts. Achieving this is very easy with Puppet. We will only upload our ideal copy of the hosts file to Puppet Master under a module and with a file resource we will maintain it in all of our hosts.
In the following screenshot, you can see the full path of the hosts file:
C:\Windows\System32\+drivers\etc
The following items are contained in a hosts file. In this example, as we do not own the example.com domain, the IP of puppetmaster...
