Pi-Hole: What is it and why you might want to use it

Greg Heffner July 7, 2024

The What:

Y'all... im so divided. Ads are the worst but I have them on my site. I guess they are the worst if you dont want them and dont know how to block them?

I was going to write up a couple paragraphs explaining what DNS is but I found this Everything you need to know about DNS when getting references and decided it would work just fine. Lets skip to the part where we have a brief understanding how www.google.com is translated to 142.251.107.113 (as of writing this)

DNS is something you cant go without if you want to do anything online. When you rent a "cable box" as some people call it from your internet service provider (ISP) there will be settings that will point all your devices at home to a specific DNS server owned by the ISP to access the internet. The problem with this is that your ISP can see every website you visit when you request addresses from their server. Its stored in their logs. They can sell this information to advertisers. This is where Pihole comes in. Pihole is a DNS server that blocks ads and trackers. It is a great way to protect your privacy and security online AND it does not sell your info because you control all your own info!

The scary stuff:

DNS Security starts at home. DNS was not originally designed with security in mind. As a result, it has vulnerabilities that attackers can exploit. These attacks include DNS spoofing (where incorrect IP addresses are returned for domains), DNS tunneling (used to pass malware or stolen information undetected), DNS hijacking (redirecting queries to different servers), and NXDOMAIN attacks (flooding DNS servers to cause denial-of-service). Protecting DNS infrastructure helps prevent these risks and ensures reliable internet performance.

Mitigation?

Pi-hole is a versatile network-wide ad blocker that goes beyond just blocking ads. It acts as a DNS server, allowing you to customize DNS resolutions for enhanced privacy and control over local domain mappings. When you set up Pi-hole, it becomes the DNS server for your network, blocking advertisement-serving domains and trackers across all connected devices, including smart TVs and smartphones

If you look at the install instructions it may look intimidating if youre new to github. The easiest way to install and setup in my opinion is on a docker image. Follow "Method 3: Using Docker to deploy Pi-hole" to follow the same process as I did. Once installed and your devices are pointing to the pihole IP address for its DNS server, you can load the homepage of pi-hole to see analytics, throughput, security settings on the top and most recent queries and most active devices on the bottom of the dashboard. All of these metrics are turned on by default and can be turned off if you do not want any of this to be logged or saved.

Installation Video by Network Chuck, a popular youtuber. Skip to 4:07 to get right to it if youre on an OS that has docker installed already. If not, docker will run on almost anything and all the other steps are the same once running follow this link for instructions. Docker Install

The Why: 7 things you may not know about Pi-hole

1. Ad Blocking: Pi-hole blocks ads for every device on your network without requiring client-side software. Its more effective than traditional browser-based ad blockers because it operates at the DNS level, preventing ads from being downloaded in the first place
2. Network Monitoring: By logging all DNS queries, Pi-hole lets you monitor network traffic. You might discover unexpected or concerning activity happening on your network
3. Improved Performance: Since Pi-hole blocks ads before theyre downloaded, your network performs better. This is especially useful for high-latency networks or limited data plans.
4. Reduced Bandwidth Usage: By preventing undesired digital assets (like ads) from being downloaded, Pi-hole helps conserve bandwidth.
5. Malware Protection: You can add block lists to prevent known malware domains from entering your network.
6. Non-Traditional Ad Blocking: Pi-hole can block ads in smart TVs and mobile apps, even if they dont run in a browser.
7. Thriving Community: Pi-hole has an active community across platforms like Discourse, Reddit, Twitter, and GitHub, where users can seek help, learn, and chat.

Personal aside:

I use pi-hole today. I use it to block analytics for some of my internet of things "IoT" devices like Apple HomePod Mini or my Smart thermostat. Some of these companies have beacons that monitor uptime and device usage. I use the local dns features to make my own dns records. I also use cloudflare as my upstream server. Cloudflare Gateway. With these settings I have noticed a HUGE reduction in on screen ads when I am browsing the internet. I also feel more secure knowing Im getting my DNS resolutions from Cloudflare rather than a local ISP which is trying to make a dollar off of me. ¯\_(ツ)_/¯

Example of pi-hole blocks:

In conclusion a funny explanation as told by Bing AI:

Once upon a time, in the magical land of Internet, there lived a little guardian named Pi-hole. Pi-hole had a special job: to keep away pesky ads and sneaky trackers from bothering all the devices in its kingdom. Every day, as the sun rose, Pi-hole would stand tall at the castle gate, waving its wand (well, it was more like a router) and saying, “No ads allowed here!” And poof! The ads vanished! The people of the kingdom loved Pi-hole because it made their online adventures safer and more private. They could surf the web without being followed by curious advertisers. And so, dear children, thats how Pi-hole became a hero in the digital realm, protecting everyone from unwanted ads and keeping their secrets safe. The end!