In this blog post, we’ll be revisiting an old favorite from my previous blog, “A Pentester’s Journey.” We’ll be taking a look at the Pi-hole DNS server, a powerful network-wide ad blocker that can be installed on a Raspberry Pi device. We’ll be re-sharing the original post, along with some new insights and updates on this useful tool. So, whether you’re new to the Pi-hole DNS server or already familiar with it, read on to learn more about this fantastic tool and how it can enhance your internet browsing experience.
Original Post:
Recently I decided to try my hand at installing a Raspberry Pi running PI hole on my home network in an attempt to block the ever increasing online ADs all over the internet. When I first researched this issue, I found a lot of talk about just switching your home network’s DNS from your ISP provided default dns to a dedicated AD blocking DNS service like ADGuard DNS. This would be a decent solution but I wanted something that I was in complete control over and didn’t have to sign up for yet another account/subscription to clutter up my inbox. So I kept digging and found PI Hole.
What is Pi Hole
PI Hole is a network level ad blocker for all your smart and network connected devices, and unlike browser level ad blockers like uBlock, Pi Hole will block ads on all devices and on most software. So that means (with some fine tuning) no more pesky youtube ads, in-game ads on your smart phones, no ads while browsing your favorite website, or streaming from your favorite streaming provider to your smart TV.
Pi-hole runs on almost any linux OS device with a network connection either wired or wireless. On top of being an AD blocking DNS server it is also capable of blocking any undesired internet traffic on your devices as they would all need to be routed through the dns first, and it can also act as a DHCP server. When setting up the device I ran into some issues with my router setting the PI Hole up as a DHCP server so this walkthrough will skip that function for now; however, there will be another post about it in future.
In this walk through and in most user cases Pi Hole is installed on a Raspberry PI hence the name pi hole, although as previously mentioned it does not need to be on a Raspberry PI. Raspberry pi is just a nice way to run it as the pi itself doesn’t take up a lot of space.
So What Is A DNS?
To fully understand what the PI Hole does you need to know what a DNS is. A Domain Name System (DNS) server is a system used to match a website’s domain name like google.com to its corresponding IP address 8.8.8.8. This is how computers communicate with each other, when you type in Google.com into your browser url bar, it doesn’t look for google.com as computer systems are unable to make heads or tales of domain names, it provides no real info on the location of the web server you are trying to connect to, other than its public facing name. It’s like trying to give a friend visiting from another country your address and telling them you live on Main St. well there are a lot of Main streets in the world. They need to know a lot more information than just your street name to be able to get to your house. An IP address on the other hand provides a lot more information, you can think of it like giving them your full address and zip code.
The reason this is important to the PI Hole is by routing your dns request through the PI hole any domain that is registered on the block list will not be resolved on the device making the request, thus the AD or website with that domain will not show up on the device.
Click the Image below to create your own Pi Hole DNS Sever with a step-by-step instruction!
Reflecting on My Journey with Pi-hole DNS Servers: Lessons Learned and New Insights
This post was originally written for my first blog, A Pentester’s Journey, as a supplementary guide to the Step-by-Step guide I created for making a PI-Hole DNS Server on a Raspberry Pi 3B+. The purpose of this post was to provide insight into how a DNS server works to better explain how the PI-Hole works and how it blocks ADS on your devices.
Looking back at my old post, I really liked the analogy I used for explaining what a DNS server is. But I realized that I didn’t make clear the DNS server’s role in the analogy. In likening an IP address to a physical address, I would liken a DNS server to an address book. A digital address book’s job is to keep track of the addresses of the people and places you want to visit. Similarly, when you type in a website’s name, like “thered.tech,” into your browser’s URL bar, it gives that website to whatever DNS server your computer is pointed to. The DNS server then looks up the website name from its database and pulls its public-facing IP “82.180.174.216”. Your computer now knows where to go to reach your intended website. If the DNS server can’t find that entry, it won’t be able to return an IP address to your computer, and it won’t be able to take you to your intended website, giving you the dreaded 404 error.
Something I didn’t think about until creating my own Pi-Hole is that it’s not just the users that rely on a DNS server. The website itself relies on it as well, like in the case of YouTube. YouTube needs to know the website hosting the video you clicked on, so when you click on a video’s link, almost instantaneously, in the background, YouTube is passing that URL the thumbnail you just clicked on is linked to a DNS server to get the IP of that video you wanted, so it can then route you to that video. The same thing happens when YouTube puts an ad before or during your video. Most ads aren’t physically part of the video you are watching; they’re hosted on other sites and called on when it’s their time to get played. But how does YouTube know where to pull the video from? That’s right, our good pal DNS. The same way YouTube needs to know what IP the video you want to watch is on, it needs to know the IP address of the ad you are spamming the skip button on. If YouTube can’t find that IP or, in our cases, it would be more not being allowed to access that IP, it can’t play the ad. This is the same concept for those banner ads you see on the sides of web pages.
This is where the PI-Hole comes in. It acts as your personal address book that you have full control over. The Pi-Hole acts as your DNS server, resolving websites into their IPs and giving that back to your computer, allowing you to visit the website. When you sign up and receive internet by default, that internet connection you’re using is using your ISP’s default DNS server. For most users, this works completely fine, and unless you are an expert in DNS, it’s recommended you leave that as it is. Your ISP’s default DNS server 99% of the time will have the website you are looking for, and you shouldn’t have many, if any, issues using it. However, when you are in control of the DNS server, like you are when you create and use a Pi-Hole, a new power is unlocked that is really useful. You now have say over what does and does not get resolved by your DNS, meaning if you don’t want anyone on your network to have access to a specific website like YouTube, you can put it on the blacklist, and anytime someone on your network tries to visit youtube.com the Public IP of the site is not passed onto their computer and they won’t be able to access the website at all. In fact you, can put any website you want on the blacklist, whether it’s a site known for serving ads or a site that you don’t want your family accessing. It’s all up to you. Plus, the Pi-Hole can also act as a caching DNS server, which means it can store previously resolved domain names and their corresponding IP addresses. This makes accessing frequently visited websites even faster, as the Pi-Hole can retrieve the IP address from its cache instead of having to perform a new lookup every time.
Since I first wrote this post on my old blog, I have learned even more about the benefits of using a Pi-Hole DNS server. Not only can it block ads, but it can also protect your privacy by blocking tracking and malware domains. It’s a simple and effective tool for improving your browsing experience and keeping your network safer.
In conclusion, the Pi-Hole DNS server is a powerful tool that gives you control over your network’s DNS requests. It’s easy to set up and can significantly improve your internet experience by blocking ads and other unwanted content. So, if you’re looking for a way to enhance your browsing experience, give the Pi-Hole a try. You might be surprised at how much it can do for you.