Pi Hole
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Pi Hole
Just set one up yesterday. So far it's awesome.
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole, intended for use on a private network.
https://pi-hole.net
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole, intended for use on a private network.
https://pi-hole.net
-
- Co-Leader
- Posts: 2242
- Joined: Mon Apr 25, 2016 7:59 pm
- Location: Narnia
- Has thanked: 22 times
- Been thanked: 22 times
Re: Pi Hole
Hmm interesting. I just read about it and watched a tutorial. I have a raspberry pi sitting downstairs in a box unused.
I get the same adblocking done with adblockers installed on my internet browsers and use a VPN. I just need to install a firewall.
I use a firewall on my phone to block some apps. I want to setup an adblock service or VPN on my phone too. Just havent done it yet.
As for th Pi hole.. am I missing something I'm currently not getting? I dont think I am. Jist a different way of going about it. If I'm missing something I may grab my pi from downstairs and set it up.
Update:
Just installed a firewall on my desktop =D
I get the same adblocking done with adblockers installed on my internet browsers and use a VPN. I just need to install a firewall.
I use a firewall on my phone to block some apps. I want to setup an adblock service or VPN on my phone too. Just havent done it yet.
As for th Pi hole.. am I missing something I'm currently not getting? I dont think I am. Jist a different way of going about it. If I'm missing something I may grab my pi from downstairs and set it up.
Update:
Just installed a firewall on my desktop =D
=(V)=RocketJedi wrote: ↑Wed Sep 27, 2017 4:44 pm During the Cold War, the U.S. considered airdropping enormous condoms labeled "Medium" on the Soviets
=(V)=RocketJedi wrote: ↑Sun Feb 18, 2018 6:33 pm how about we mute the entire server then all you can do is play or rage quit.
=(V)=RocketJedi wrote: ↑Mon Nov 20, 2017 10:49 pm BloodyRabbit is the sexiest man alive!! (Rubs nipples)
Oh RJ, the things you say. This is worth the super long sig
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Re: Pi Hole
pi-hole to block at the DNS level to stop traffic from 'bad sites' from making it to/from my network. Firewall and ad-blockers on the computers for anything that doesnt get caught at the higher level. It also makes it that anybody connecting to my network will typically have at least the DNS malcious site blocking by default.
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Re: Pi Hole
I think it is also transparent to sites that demand you turn off the adblocker to view them.
-
- Co-Leader
- Posts: 2242
- Joined: Mon Apr 25, 2016 7:59 pm
- Location: Narnia
- Has thanked: 22 times
- Been thanked: 22 times
Re: Pi Hole
I like the malicious aspect to protect your network. I guess you can consider it a DNS firewall. Stopping all 'bad' DNS traffic. Not fool proof but a novel concept. Please keep me up to date. I may copy you!
Thanks for sharing.
I also like the potential to not allowing sites to know. Because while surfing sometimes I have to deactivate to view a webpage. Which I do not like.
I use duckduckgo among other security tools like the signal app and other sites. I still need to setup my proton email. I was signed up for the beta years ago but never signed up I dont think?
What i hate is people do not have a right to their data. I mean we can opt out of everything but we couldn't use the internet. And while we can limit our online digital foot print we cant eliminate it all depending on what we have to do online. Such as divulging our personal networks as an example.
I digress. Give it a few weeks or months and give us an update on what you discover, like, and dislike.
Question, does the DNS log your requests or do they delete them immediately?
Is it secure DNS? If the DNS is over port 53 it's plain text. I like the idea of secure DNS or VPN so all DNS is secure and private. So if it's no on those fronts I personally think upgrading their service to that would really up the antie.
Thanks for sharing.
I also like the potential to not allowing sites to know. Because while surfing sometimes I have to deactivate to view a webpage. Which I do not like.
I use duckduckgo among other security tools like the signal app and other sites. I still need to setup my proton email. I was signed up for the beta years ago but never signed up I dont think?
What i hate is people do not have a right to their data. I mean we can opt out of everything but we couldn't use the internet. And while we can limit our online digital foot print we cant eliminate it all depending on what we have to do online. Such as divulging our personal networks as an example.
I digress. Give it a few weeks or months and give us an update on what you discover, like, and dislike.
Question, does the DNS log your requests or do they delete them immediately?
Is it secure DNS? If the DNS is over port 53 it's plain text. I like the idea of secure DNS or VPN so all DNS is secure and private. So if it's no on those fronts I personally think upgrading their service to that would really up the antie.
=(V)=RocketJedi wrote: ↑Wed Sep 27, 2017 4:44 pm During the Cold War, the U.S. considered airdropping enormous condoms labeled "Medium" on the Soviets
=(V)=RocketJedi wrote: ↑Sun Feb 18, 2018 6:33 pm how about we mute the entire server then all you can do is play or rage quit.
=(V)=RocketJedi wrote: ↑Mon Nov 20, 2017 10:49 pm BloodyRabbit is the sexiest man alive!! (Rubs nipples)
Oh RJ, the things you say. This is worth the super long sig
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Re: Pi Hole
Configuring DNS-Over-HTTPS on Pi-hole
Why use DNS-Over-HTTPS?¶
DNS-Over-HTTPS is a protocol for performing DNS lookups via the same protocol you use to browse the web securely: HTTPS.
With standard DNS, requests are sent in plain-text, with no method to detect tampering or misbehaviour. This means that not only can a malicous actor look at all the DNS requests you are making (and therefore what websites you are visiting), they can also tamper with the response and redirect your device to resources in their control (such as a fake login page for internet banking).
DNS-Over-HTTPS prevents this by using standard HTTPS requests to retrieve DNS information. This means that the connection from the device to the DNS server is secure and can not easily be snooped, monitored, tampered with or blocked. It is worth noting however, that the upstream DNS-Over-HTTPS provider will still have this ability.
https://docs.pi-hole.net/guides/dns-over-https/
Why use DNS-Over-HTTPS?¶
DNS-Over-HTTPS is a protocol for performing DNS lookups via the same protocol you use to browse the web securely: HTTPS.
With standard DNS, requests are sent in plain-text, with no method to detect tampering or misbehaviour. This means that not only can a malicous actor look at all the DNS requests you are making (and therefore what websites you are visiting), they can also tamper with the response and redirect your device to resources in their control (such as a fake login page for internet banking).
DNS-Over-HTTPS prevents this by using standard HTTPS requests to retrieve DNS information. This means that the connection from the device to the DNS server is secure and can not easily be snooped, monitored, tampered with or blocked. It is worth noting however, that the upstream DNS-Over-HTTPS provider will still have this ability.
https://docs.pi-hole.net/guides/dns-over-https/
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Re: Pi Hole
Also, you can set the DNS request to log, not log, clear logs, etc.
heck, go here: https://discourse.pi-hole.net/
it can probably answer all of your questions better than I can.
heck, go here: https://discourse.pi-hole.net/
it can probably answer all of your questions better than I can.
-
- Co-Leader
- Posts: 2242
- Joined: Mon Apr 25, 2016 7:59 pm
- Location: Narnia
- Has thanked: 22 times
- Been thanked: 22 times
Re: Pi Hole
Excellent!!!
=(V)=RocketJedi wrote: ↑Wed Sep 27, 2017 4:44 pm During the Cold War, the U.S. considered airdropping enormous condoms labeled "Medium" on the Soviets
=(V)=RocketJedi wrote: ↑Sun Feb 18, 2018 6:33 pm how about we mute the entire server then all you can do is play or rage quit.
=(V)=RocketJedi wrote: ↑Mon Nov 20, 2017 10:49 pm BloodyRabbit is the sexiest man alive!! (Rubs nipples)
Oh RJ, the things you say. This is worth the super long sig
- =(V)=RocketJedi
- Lieutenant Colonel
- Posts: 11559
- Joined: Fri Oct 11, 2013 8:41 pm
- Location: New York
- Has thanked: 72 times
- Been thanked: 17 times
- Contact:
Re: Pi Hole
im pretty sure chrome and firefox are doing this or are going to do this.=(V)=Prince Vegeta wrote: ↑Sun Dec 01, 2019 2:30 pm Configuring DNS-Over-HTTPS on Pi-hole
Why use DNS-Over-HTTPS?¶
DNS-Over-HTTPS is a protocol for performing DNS lookups via the same protocol you use to browse the web securely: HTTPS.
With standard DNS, requests are sent in plain-text, with no method to detect tampering or misbehaviour. This means that not only can a malicous actor look at all the DNS requests you are making (and therefore what websites you are visiting), they can also tamper with the response and redirect your device to resources in their control (such as a fake login page for internet banking).
DNS-Over-HTTPS prevents this by using standard HTTPS requests to retrieve DNS information. This means that the connection from the device to the DNS server is secure and can not easily be snooped, monitored, tampered with or blocked. It is worth noting however, that the upstream DNS-Over-HTTPS provider will still have this ability.
https://docs.pi-hole.net/guides/dns-over-https/
=(V)=BloodyRabbit wrote: ↑Tue Oct 10, 2017 3:13 pm That was EPIC! I just creamed all over my panties!!!
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Re: Pi Hole
Yup:=(V)=RocketJedi wrote: ↑Mon Dec 02, 2019 12:52 pmim pretty sure chrome and firefox are doing this or are going to do this.=(V)=Prince Vegeta wrote: ↑Sun Dec 01, 2019 2:30 pm Configuring DNS-Over-HTTPS on Pi-hole
Why use DNS-Over-HTTPS?¶
DNS-Over-HTTPS is a protocol for performing DNS lookups via the same protocol you use to browse the web securely: HTTPS.
With standard DNS, requests are sent in plain-text, with no method to detect tampering or misbehaviour. This means that not only can a malicous actor look at all the DNS requests you are making (and therefore what websites you are visiting), they can also tamper with the response and redirect your device to resources in their control (such as a fake login page for internet banking).
DNS-Over-HTTPS prevents this by using standard HTTPS requests to retrieve DNS information. This means that the connection from the device to the DNS server is secure and can not easily be snooped, monitored, tampered with or blocked. It is worth noting however, that the upstream DNS-Over-HTTPS provider will still have this ability.
https://docs.pi-hole.net/guides/dns-over-https/
Here's how to enable DoH in each browser, ISPs be damned
https://www.zdnet.com/article/dns-over- ... pposition/
-
- Co-Leader
- Posts: 2242
- Joined: Mon Apr 25, 2016 7:59 pm
- Location: Narnia
- Has thanked: 22 times
- Been thanked: 22 times
Re: Pi Hole
@@=(V)=Prince Vegeta
I'm curious, what do you do for a living?
Ps thanks for sharing secure DNS info
I'm curious, what do you do for a living?
Ps thanks for sharing secure DNS info
=(V)=RocketJedi wrote: ↑Wed Sep 27, 2017 4:44 pm During the Cold War, the U.S. considered airdropping enormous condoms labeled "Medium" on the Soviets
=(V)=RocketJedi wrote: ↑Sun Feb 18, 2018 6:33 pm how about we mute the entire server then all you can do is play or rage quit.
=(V)=RocketJedi wrote: ↑Mon Nov 20, 2017 10:49 pm BloodyRabbit is the sexiest man alive!! (Rubs nipples)
Oh RJ, the things you say. This is worth the super long sig
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Re: Pi Hole
No prob.=(V)=BloodyRabbit wrote: ↑Mon Dec 02, 2019 3:57 pm @@=(V)=Prince Vegeta
I'm curious, what do you do for a living?
Ps thanks for sharing secure DNS info
Right now? Short answer would be real estate investments, and concrete manufacturing (pops' company).
- =(V)=RocketJedi
- Lieutenant Colonel
- Posts: 11559
- Joined: Fri Oct 11, 2013 8:41 pm
- Location: New York
- Has thanked: 72 times
- Been thanked: 17 times
- Contact:
Re: Pi Hole
=(V)=Prince Vegeta wrote: ↑Mon Dec 02, 2019 2:26 pmYup:=(V)=RocketJedi wrote: ↑Mon Dec 02, 2019 12:52 pmim pretty sure chrome and firefox are doing this or are going to do this.=(V)=Prince Vegeta wrote: ↑Sun Dec 01, 2019 2:30 pm Configuring DNS-Over-HTTPS on Pi-hole
Why use DNS-Over-HTTPS?¶
DNS-Over-HTTPS is a protocol for performing DNS lookups via the same protocol you use to browse the web securely: HTTPS.
With standard DNS, requests are sent in plain-text, with no method to detect tampering or misbehaviour. This means that not only can a malicous actor look at all the DNS requests you are making (and therefore what websites you are visiting), they can also tamper with the response and redirect your device to resources in their control (such as a fake login page for internet banking).
DNS-Over-HTTPS prevents this by using standard HTTPS requests to retrieve DNS information. This means that the connection from the device to the DNS server is secure and can not easily be snooped, monitored, tampered with or blocked. It is worth noting however, that the upstream DNS-Over-HTTPS provider will still have this ability.
https://docs.pi-hole.net/guides/dns-over-https/
Here's how to enable DoH in each browser, ISPs be damned
https://www.zdnet.com/article/dns-over- ... pposition/
I enabled this been meaning to do this for a while so thanks for the info.
=(V)=BloodyRabbit wrote: ↑Tue Oct 10, 2017 3:13 pm That was EPIC! I just creamed all over my panties!!!
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
- =(V)=Prince Vegeta
- Pilot First Class - Contributor
- Posts: 897
- Joined: Wed Oct 16, 2013 7:43 pm
- Has thanked: 2 times
- Been thanked: 2 times
Re: Pi Hole
Just added OpenVPN to the Pi and my phones and computers used away from home. Ad/malicious site blocking from wherever I am, not to mention the VPN tunnel to my home network for more security on public networks and/or corporate corporate firewall evasion.
You do not have the required permissions to view the files attached to this post.