Pi-hole

Last updated
Pi-hole
Developer(s) Pi-hole, LLC [1]
Initial releaseJune 15, 2015;9 years ago (2015-06-15)
Stable release
5.18.3 [2] / 5 July 2024;4 months ago (5 July 2024)
Repository github.com/pi-hole/pi-hole
Written in Bash,
C (optional DNS server FTLDNS),
PHP, CSS (optional web console)
Operating system Linux
Licence European Union Public Licence
Website pi-hole.net OOjs UI icon edit-ltr-progressive.svg

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application [3] [4] which acts as a DNS sinkhole [5] and optionally a DHCP server, intended for use on a private network. [1] It is designed for low-power embedded devices with network capability, such as the Raspberry Pi, [3] [6] but can be installed on almost any Linux machine. [5] [7]

Contents

Pi-hole has the ability to block traditional website advertisements as well as advertisements in unconventional places, such as smart TVs and mobile operating system advertisements. [8] It can also be configured to block specific websites, or apply parental controls.

History

The Pi-hole project was created by Jacob Salmela as an open source alternative to AdTrap [9] [10] in 2014 [11] and was hosted on GitHub. [12] Since then, several contributors have joined the project. [11]

Features

Pi-hole makes use of a modified dnsmasq called FTLDNS, [13] cURL, lighttpd, PHP and the AdminLTE Dashboard [14] to block DNS requests for known tracking and advertising domains. The application acts as a DNS server for a private network (replacing any pre-existing DNS server provided by another device or the ISP), with the ability to block advertisements and tracking domains for users' devices. [8] It obtains lists of advertisement and tracking domains from a configurable list of predefined sources, and compares DNS queries against them. If a match is found within any of the lists, or a locally configured blocklist, Pi-hole will refuse to resolve the requested domain and respond to the requesting device with a dummy address. [15]

Because Pi-hole blocks domains at the network level, it is able to block advertisements, such as banner advertisements on a webpage, but it can also block advertisements in unconventional locations, such as on Android, iOS and smart TVs. [8]

Using VPN services, Pi-Hole can block domains without using a DNS filter setup in a router. Any device that supports VPN can use Pi-Hole on a cellular network or a home network without having a DNS server configured. [16]

The nature of Pi-hole allows it to also block website domains in general by manually adding the domain name to a blocklist. Likewise, domains can be manually added to an allowlist should a website's function be impaired by domains being blocked. Pi-hole can also function as a network monitoring tool, [17] which can aid in troubleshooting DNS requests and network faults. [7] Pi-hole can also be used to encourage the use of DNS over HTTPS for devices using it as a DNS server with the cloudflared binary provided by Cloudflare. [18]

Difference from traditional advertisement blockers

Pi-hole functions similarly to a network firewall, meaning that advertisements and tracking domains are blocked for all devices behind it, whereas traditional advertisement blockers only run in a user's browser, and remove advertisements only on the same machine. [7] [19]

See also

Related Research Articles

Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

The Simple Service Discovery Protocol (SSDP) is a network protocol based on the Internet protocol suite for advertisement and discovery of network services and presence information. It accomplishes this without assistance of server-based configuration mechanisms, such as Dynamic Host Configuration Protocol (DHCP) or Domain Name System (DNS), and without special static configuration of a network host. SSDP is the basis of the discovery protocol of Universal Plug and Play (UPnP) and is intended for use in residential or small office environments. It was formally described in an IETF Internet Draft by Microsoft and Hewlett-Packard in 1999. Although the IETF proposal has since expired, SSDP was incorporated into the UPnP protocol stack, and a description of the final implementation is included in UPnP standards documents.

<span class="mw-page-title-main">Captive portal</span> Web page displayed to new users of a network

A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement/acceptable use policy, survey completion, or other valid credentials that both the host and user agree to adhere by. Captive portals are used for a broad range of mobile and pedestrian broadband services – including cable and commercially provided Wi-Fi and home hotspots. A captive portal can also be used to provide access to enterprise or residential wired networks, such as apartment houses, hotel rooms, and business centers.

ipconfig Console application program

ipconfig is a console application program of some computer operating systems that displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings.

The Web Proxy Auto-Discovery (WPAD) Protocol is a method used by clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods. Once detection and download of the configuration file is complete, it can be executed to determine the proxy for a specified URL.

Ad blocking or ad filtering is a software capability for blocking or altering online advertising in a web browser, an application or a network. This may be done using browser extensions or other methods.

<span class="mw-page-title-main">The Spamhaus Project</span> Organization targetting email spammers

The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers.

This article presents a comparison of the features, platform support, and packaging of many independent implementations of Domain Name System (DNS) name server software.

A proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server for fetching a given URL.

dnsmasq Lightweight DNS and DHCP server software

dnsmasq is free software providing Domain Name System (DNS) caching, a Dynamic Host Configuration Protocol (DHCP) server, router advertisement and network boot features, intended for small computer networks.

In networking, a black hole refers to a place in the network where incoming or outgoing traffic is silently discarded, without informing the source that the data did not reach its intended recipient.

<span class="mw-page-title-main">OpenDNS</span> Domain name system provided by Cisco using closed-source software

OpenDNS is an American company providing Domain Name System (DNS) resolution services—with features such as phishing protection, optional content filtering, and DNS lookup in its DNS servers—and a cloud computing security product suite, Umbrella, designed to protect enterprise customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide.

<span class="mw-page-title-main">Zeroshell</span> Linux distribution

Zeroshell is a small open-source Linux distribution for servers and embedded systems which aims to provide network services. Its administration relies on a web-based graphical interface; no shell is needed to administer and configure it. Zeroshell is available as Live CD and CompactFlash images, and VMware virtual machines.

Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546

A search domain is a domain used as part of a domain search list. The search list, as well as the local domain name, is used by a resolver to create a fully qualified domain name (FQDN) from a relative name. For this purpose, the local domain name functions as a single-item search list.

A DNS sinkhole, also known as a sinkhole server, Internet sinkhole, or Blackhole DNS is a Domain Name System (DNS) server that has been configured to hand out non-routable addresses for a certain set of domain names. Computers that use the sinkhole fail to access the real site. The higher up the DNS resolution chain the sinkhole is, the more requests will fail, because of the greater number of lower nameservers that in turn serve a greater number of clients. Some of the larger botnets have been made unusable by top-level domain sinkholes that span the entire Internet. DNS Sinkholes are effective at detecting and blocking bots and other malicious traffic.

A public recursive name server is a name server service that networked computers may use to query the Domain Name System (DNS), the decentralized Internet naming system, in place of name servers operated by the local Internet service provider (ISP) to which the devices are connected. Reasons for using these services include:

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. By March 2018, Google and the Mozilla Foundation had started testing versions of DNS over HTTPS. In February 2020, Firefox switched to DNS over HTTPS by default for users in the United States. In May 2020, Chrome switched to DNS over HTTPS by default.

DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. The well-known port number for DoT is 853.

1.1.1.1 is a free Domain Name System (DNS) service by the American company Cloudflare in partnership with APNIC. The service functions as a recursive name server, providing domain name resolution for any host on the Internet. The service was announced on April 1, 2018. On November 11, 2018, Cloudflare announced a mobile application of their 1.1.1.1 service for Android and iOS. On September 25, 2019, Cloudflare released WARP, an upgraded version of their original 1.1.1.1 mobile application.

References

  1. 1 2 "Pi-hole®: A black hole for Internet advertisements". Pi-hole®: A black hole for Internet advertisements. Retrieved 2018-04-15.
  2. "Release 5.18.3". 5 July 2024. Retrieved 25 July 2024.
  3. 1 2 "Turn A Raspberry Pi Into An Ad Blocker With A Single Command". Lifehacker Australia. 2015-02-17. Retrieved 2018-05-06.
  4. "Adblock Everywhere: The Raspberry Pi-Hole Way". MakeUseOf. Retrieved 2018-05-06.
  5. 1 2 "pi-hole/pi-hole". GitHub. Retrieved 2018-04-15.
  6. "Pi-hole hardware kit". 2018-05-07. Archived from the original on 2019-08-14. Retrieved 2018-05-08.
  7. 1 2 3 "Seven Things You May Not Know About Pi-hole". Pi-hole®: A black hole for Internet advertisements. 2017-05-12. Retrieved 2018-05-06.
  8. 1 2 3 Pounder, Les (2021-08-01). "How to Block Ads Network-Wide With Pi-hole on Raspberry Pi". Tom's Hardware . Retrieved 2023-05-17.
  9. "Block Millions Of Ads Network-wide With A Raspberry Pi-hole 2.0". Jacob Salmela. 2015-06-16. Retrieved 2018-04-15.
  10. "Pi-hole: A Raspberry Pi Ad-Blocker with DNS Caching (Ultra-fast)". Jacob Salmela. 2014-06-11. Retrieved 2018-05-06.
  11. 1 2 "pi-hole/pi-hole; Contributors". GitHub. Retrieved 2018-05-06.
  12. Jeffries, Adrianne (2018-05-10). "Inside the Brotherhood of the Ad Blockers". Bloomberg.
  13. telekrmor (2018-02-22). "FTLDNS: Pi-hole's Own DNS/DHCP server". Pi-hole®: A black hole for Internet advertisements. Retrieved 2019-11-10.
  14. "pi-hole/pi-hole; The Origin Of Pi-hole". GitHub. Retrieved 2018-04-15.
  15. "How does Pi-hole work?". Pi-hole Userspace. 14 May 2017. Retrieved 2018-05-06.
  16. "Overview - Pi-hole documentation". docs.pi-hole.net. Retrieved 2019-08-11.
  17. "What Really Happens On Your Network? Find Out With Pi-hole". Pi-hole®: A black hole for Internet advertisements. 2017-02-22. Retrieved 2018-05-06.
  18. "Configuring DNS-Over-HTTPS on Pi-hole - Pi-hole documentation". docs.pi-hole.net. Retrieved 2020-11-01.
  19. "Enjoy The Rio Olympics Ad-free With Pi-hole". Pi-hole®: A black hole for Internet advertisements. 2016-08-11. Retrieved 2018-05-06.