Pi-hole

Last updated
Pi-hole
Developer(s) Pi-hole, LLC [1]
Initial releaseJune 15, 2015;9 years ago (2015-06-15)
Stable release
5.18.3 [2] / 5 July 2024;5 months ago (5 July 2024)
Repository github.com/pi-hole/pi-hole
Written in Bash,
C (optional DNS server FTLDNS),
PHP, CSS (optional web console)
Operating system Linux
Licence European Union Public Licence
Website pi-hole.net OOjs UI icon edit-ltr-progressive.svg

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application [3] [4] which acts as a DNS sinkhole [5] and optionally a DHCP server, intended for use on a private network. [1] It is designed for low-power embedded devices with network capability, such as the Raspberry Pi, [3] [6] but can be installed on almost any Linux machine. [5] [7]

Contents

Pi-hole has the ability to block traditional website advertisements as well as advertisements in unconventional places, such as smart TVs and mobile operating system advertisements. [8] It can also be configured to block specific websites, or apply parental controls.

History

The Pi-hole project was created by Jacob Salmela as an open source alternative to AdTrap [9] [10] in 2014 [11] and was hosted on GitHub. [12] Since then, several contributors have joined the project. [11]

Features

Pi-hole makes use of a modified dnsmasq called FTLDNS, [13] cURL, lighttpd, PHP and the AdminLTE Dashboard [14] to block DNS requests for known tracking and advertising domains. The application acts as a DNS server for a private network (replacing any pre-existing DNS server provided by another device or the ISP), with the ability to block advertisements and tracking domains for users' devices. [8] It obtains lists of advertisement and tracking domains from a configurable list of predefined sources, and compares DNS queries against them. If a match is found within any of the lists, or a locally configured blocklist, Pi-hole will refuse to resolve the requested domain and respond to the requesting device with a dummy address. [15]

Because Pi-hole blocks domains at the network level, it is able to block advertisements, such as banner advertisements on a webpage, but it can also block advertisements in unconventional locations, such as on Android, iOS and smart TVs. [8]

Using VPN services, Pi-Hole can block domains without using a DNS filter setup in a router. Any device that supports VPN can use Pi-Hole on a cellular network or a home network without having a DNS server configured. [16] Integrating Pi-hole with a VPN allows users to extend ad-blocking and tracker-blocking capabilities to devices outside their local network, providing consistent protection while on the go. This setup ensures privacy and security even on untrusted or public networks by funneling traffic through a secure connection. [17]

The nature of Pi-hole allows it to also block website domains in general by manually adding the domain name to a blocklist. Likewise, domains can be manually added to an allowlist should a website's function be impaired by domains being blocked. Pi-hole can also function as a network monitoring tool, [18] which can aid in troubleshooting DNS requests and network faults. [7] Additionally, it can enhance security by blocking malicious domains and phishing attempts, reducing the risk of malware infections on connected devices. [17] Pi-hole can also be used to encourage the use of DNS over HTTPS for devices using it as a DNS server with the cloudflared binary provided by Cloudflare. [19]

Difference from traditional advertisement blockers

Pi-hole functions similarly to a network firewall, meaning that advertisements and tracking domains are blocked for all devices behind it, whereas traditional advertisement blockers only run in a user's browser, and remove advertisements only on the same machine. [7] [20]

See also

Related Research Articles

<span class="mw-page-title-main">Captive portal</span> Web page displayed to new users of a network

A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement/acceptable use policy, survey completion, or other valid credentials that both the host and user agree to adhere by. Captive portals are used for a broad range of mobile and pedestrian broadband services – including cable and commercially provided Wi-Fi and home hotspots. A captive portal can also be used to provide access to enterprise or residential wired networks, such as apartment houses, hotel rooms, and business centers.

ipconfig Console application program

ipconfig is a console application program of some computer operating systems that displays all current TCP/IP network configuration values refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings.

The Web Proxy Auto-Discovery (WPAD) Protocol is a method used by clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods. Once detection and download of the configuration file is complete, it can be executed to determine the proxy for a specified URL.

Ad blocking or ad filtering is a software capability for blocking or altering online advertising in a web browser, an application or a network. This may be done using browser extensions or other methods or browsers with inside blocking.

<span class="mw-page-title-main">NetworkManager</span> Software

NetworkManager is a daemon that sits on top of libudev and other Linux kernel interfaces and provides a high-level interface for the configuration of the network interfaces.

A proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server for fetching a given URL.

dnsmasq Lightweight DNS and DHCP server software

dnsmasq is free software providing Domain Name System (DNS) caching, a Dynamic Host Configuration Protocol (DHCP) server, router advertisement and network boot features, intended for small computer networks.

<span class="mw-page-title-main">OpenDNS</span> Domain name system provided by Cisco using closed-source software

OpenDNS is an American company providing Domain Name System (DNS) resolution services—with features such as phishing protection, optional content filtering, and DNS lookup in its DNS servers—and a cloud computing security product suite, Umbrella, designed to protect enterprise customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide.

A home server is a computing server located in a private computing residence providing services to other devices inside or outside the household through a home network or the Internet. Such services may include file and printer serving, media center serving, home automation control, web serving, web caching, file sharing and synchronization, video surveillance and digital video recorder, calendar and contact sharing and synchronization, account authentication, and backup services. In the recent times, it has become very common to run hundreds of applications as containers, isolated from the host operating system.

<span class="mw-page-title-main">Zeroshell</span> Linux distribution

Zeroshell is a small open-source Linux distribution for servers and embedded systems which aims to provide network services. Its administration relies on a web-based graphical interface; no shell is needed to administer and configure it. Zeroshell is available as Live CD and CompactFlash images, and VMware virtual machines.

DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards.

Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546

A DNS sinkhole, also known as a sinkhole server, Internet sinkhole, or Blackhole DNS is a Domain Name System (DNS) server that has been configured to hand out non-routable addresses for a certain set of domain names. Computers that use the sinkhole fail to access the real site. The higher up the DNS resolution chain the sinkhole is, the more requests will fail, because of the greater number of lower nameservers that in turn serve a greater number of clients. Some of the larger botnets have been made unusable by top-level domain sinkholes that span the entire Internet. DNS Sinkholes are effective at detecting and blocking bots and other malicious traffic.

A public recursive name server is a name server service that networked computers may use to query the Domain Name System (DNS), the decentralized Internet naming system, in place of name servers operated by the local Internet service provider (ISP) to which the devices are connected. Reasons for using these services include:

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. By March 2018, Google and the Mozilla Foundation had started testing versions of DNS over HTTPS. In February 2020, Firefox switched to DNS over HTTPS by default for users in the United States. In May 2020, Chrome switched to DNS over HTTPS by default.

DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. The well-known port number for DoT is 853.

<span class="mw-page-title-main">IPFire</span> Linux distribution

IPFire is a hardened open source Linux distribution that primarily performs as a router and a firewall; a standalone firewall system with a web-based management console for configuration.

<span class="mw-page-title-main">AdGuard</span> Ad blocking and privacy protection software

AdGuard is an ad blocking service for Microsoft Windows, Linux, MacOS, Android and iOS. AdGuard is also available as a browser extension.

1.1.1.1 is a free Domain Name System (DNS) service by the American company Cloudflare in partnership with APNIC. The service functions as a recursive name server, providing domain name resolution for any host on the Internet. The service was announced on April 1, 2018. On November 11, 2018, Cloudflare announced a mobile application of their 1.1.1.1 service for Android and iOS. On September 25, 2019, Cloudflare released WARP, an upgraded version of their original 1.1.1.1 mobile application.

A virtual private network (VPN) service provides a proxy server to help users bypass Internet censorship such as geo-blocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.

References

  1. 1 2 "Pi-hole®: A black hole for Internet advertisements". Pi-hole®: A black hole for Internet advertisements. Retrieved 2018-04-15.
  2. "Release 5.18.3". 5 July 2024. Retrieved 25 July 2024.
  3. 1 2 "Turn A Raspberry Pi Into An Ad Blocker With A Single Command". Lifehacker Australia. 2015-02-17. Retrieved 2018-05-06.
  4. "Adblock Everywhere: The Raspberry Pi-Hole Way". MakeUseOf. Retrieved 2018-05-06.
  5. 1 2 "pi-hole/pi-hole". GitHub. Retrieved 2018-04-15.
  6. "Pi-hole hardware kit". 2018-05-07. Archived from the original on 2019-08-14. Retrieved 2018-05-08.
  7. 1 2 3 "Seven Things You May Not Know About Pi-hole". Pi-hole®: A black hole for Internet advertisements. 2017-05-12. Retrieved 2018-05-06.
  8. 1 2 3 Pounder, Les (2021-08-01). "How to Block Ads Network-Wide With Pi-hole on Raspberry Pi". Tom's Hardware . Retrieved 2023-05-17.
  9. "Block Millions Of Ads Network-wide With A Raspberry Pi-hole 2.0". Jacob Salmela. 2015-06-16. Retrieved 2018-04-15.
  10. "Pi-hole: A Raspberry Pi Ad-Blocker with DNS Caching (Ultra-fast)". Jacob Salmela. 2014-06-11. Retrieved 2018-05-06.
  11. 1 2 "pi-hole/pi-hole; Contributors". GitHub. Retrieved 2018-05-06.
  12. Jeffries, Adrianne (2018-05-10). "Inside the Brotherhood of the Ad Blockers". Bloomberg.
  13. telekrmor (2018-02-22). "FTLDNS: Pi-hole's Own DNS/DHCP server". Pi-hole®: A black hole for Internet advertisements. Retrieved 2019-11-10.
  14. "pi-hole/pi-hole; The Origin Of Pi-hole". GitHub. Retrieved 2018-04-15.
  15. "How does Pi-hole work?". Pi-hole Userspace. 14 May 2017. Retrieved 2018-05-06.
  16. "Overview - Pi-hole documentation". docs.pi-hole.net. Retrieved 2019-08-11.
  17. 1 2 "How to set up your network protection with Pi-hole" NordVPN Meshnet docs. Retrieved 2025-01-03
  18. "What Really Happens On Your Network? Find Out With Pi-hole". Pi-hole®: A black hole for Internet advertisements. 2017-02-22. Retrieved 2018-05-06.
  19. "Configuring DNS-Over-HTTPS on Pi-hole - Pi-hole documentation". docs.pi-hole.net. Retrieved 2020-11-01.
  20. "Enjoy The Rio Olympics Ad-free With Pi-hole". Pi-hole®: A black hole for Internet advertisements. 2016-08-11. Retrieved 2018-05-06.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.