NGSEC has released a tool 'AntiPhrming' to counter for pharming attacks and the great thing about that it is free for non commercial use. Some features are as follows,
Source:http://www.ngsec.com/ngproducts/antipharming/AntiPharming uses active and passive protections for identifying and stopping Pharming attacks.
AntiPharming will actively protect your windows server from pharming attacks by:
* Denying any user (even Administrator) to write to the hosts file.
* Denying any user (even Administrator) to change your DNS settings.
AntiPharming will passively protect your windows server from pharming attacks by sniffing on each netowrk interface for DNS replies (both TCP and UDP) and recheck them against at least with three secure DNS nameservers.