NOTICES 1 Im new to RPi and Pihole
- Slides: 44
NOTICES 1. I’m new to RPi and Pi-hole. I’ve been using Pi-hole at home for 2 months; 2. If I’m not making sense, please interrupt me and ask. If you are derailing the presentation, I’ll tell you and we will move on. 3. The night is split into two parts 1. First preso ppt death Nick Kavadias 2. Then workshop - instructions nick@cryptoaustralia. org. au
We know how to internet. . @Crypto. Australia or #cryptoaus
What we will be covering… 1. 2. 3. 4. 5. 6. Why block the internet? What is a DNS blackhole/sinkhole; Pi-hole hardware and software supported; My home Pi-hole install; Advanced topics on DNS, lists and VPNs Workshop with RPi / VM
Can’t you just leave the internet alone? No! Flash ads which hijack pages; Pop-up and pop-under ads; Ads which stalk me on all my devices; Ad networks which track and profile me; Ads that tell me I’ve won stuff; and, Malvertising…
Tech support scams! how do they work? Check out Jim Browning’s You. Tube channel
Pi-hole, the solution to all your problems?
No! No such thing as a silver bullet! But. . • Good job blocking ads and trackers out of the box • You. Tube video ads? • It is easy to setup and configure; • network based; • It is not an traffic filter. • Act as a second line of defence for malware/viruses • I still use browser extensions • … and antivirus
How DNS works normally https: //go. gliffy. com/go/publish/12358860
How DNS works with Pi-hole https: //go. gliffy. com/go/publish/12358867
Pi-Hole, not just for blocking ads and tracking • Out of the ‘box’ ads/trackers & C&C blacklists ; • Blocklists are well maintained by sec community; • Blocklists are literally lists of domains • Many additional block lists can be configured with Pi-hole; • Other 3 rd party DNS services
What a blocked page site looks like What about: • Images? • Java. Script? • Https?
Hardware? What is a Raspberry Pi? • • Raspberry Pi was created by a UK not-for-profit in 2011; simple, cheap computer designed to teach kids how to program; support for GPIO, additional instruments like cameras; and Geeks doing cool things with them now: • Retro. Pie • Kodi • Other stuff. .
Hardware for Pi-hole? Well tested on Raspberry Pi SBCs NOT Raspberry Pi exclusive ARM, or Intel x 86/x 64 Will work with a Pi Zero and a ethernet dongle Works on other SBCs, like Orange-Pi, see this write-up. • Works on crappy old Intel desktops too • • •
Its GNU/ Linux What OS will Pi-hole run Not on? Linux. Ok? • Will work on any modern Linux OS. Officially supported Linux distributions are:
How did I set Pihole up at my place?
Hardware: • Raspberry Pi 3 model B+ (overkill? ) • 2 GB micro. SD card (smallest!) • micro. USB cable for power into back of router • USB Y cables useful. • WARNING on underpowering: https: //www. raspberrypi. org/help/faqs/#power. Reqs
Software I used • Software: • Windows 10 & Etcher. io for prepping card https: //etcher. io/ • Raspbian Lite https: //www. raspberrypi. org/downloads/raspbian/ • Pi-hole – installed using curl. No curl? apt install curl
Get image onto SD Card • Format SD • Etcher. io • touch /boot/ssh Windows will try reformat unknown card because ext 4
Plug into network • Patch into home router • Power with micro. USB • if you don’t have a USB slot close by, an old 1 amp USB charger will do.
Figuring out IP address of RPi? • If you’re lucky, DNS lookup might work, try: ping raspberrypi
Find RPi IP by? DHCP table on router?
Network Scanning • Good ol’ IP scanning. Pick one: • Nmap sudo apt install nmap • Angry IP Scanner http: //angryip. org/download/ • Masscan https: //github. com/robertdavidgra ham/masscan • Arp-scan https: //github. com/royhills/arpscan • Scan before, and after. See what’s new!
Angry. IP Scanner
All else fails, plug into tv/monitor
Then ssh in, run install. .
Magical command to install Pi-hole curl -s. SL https: //install. pihole. net | bash Bad idea? Read why
After Pi-hole is up and running? • Connect to web admin using http: //pi. hole/admin • Pi-hole over-take DHCP, (disable on your router) I’ve done this on my setup because: • network printer • Get actual hostnames in your Pi-hole log
Re-configure router • Log into your router. • No idea how? Find your default gateway IP and try connecting with browser, e. g. http: //192. 168. 1. 1 • ipconfig or ifconfig • To get all devices on your network to use Pi-hole for DNS, you have to make a choice…
You have two choices for router config Change IP for DNS Server Disable DHCP & have Pihole do it Questions? ?
Changing IP for DNS on my home router
Or. . . Disable DHCP on router
…and turn on DHCP Server on Pi-hole
Blocklists • Default blocklists in /etc/pihole/adlists. list • Blocklist collection here: https: //wally 3 k. github. io/ or see our blog post • Lists maintained by my members of security community, they try to update at least monthly • Your Pi-hole has a cronjob • Manually run: pihole update. Gravity
Blocklists using the web admin interface
Setting up Pi-hole away from home • If you roll your own VPN on a VPS, you can setup Pi-hole on it. Then you can run it anywhere! • https: //github. com/pi-hole/wiki/Pi-hole---Open. VPN-server
Are you a Pi-hole Power User? • Self-hosted DNS • Advanced Upstream DNS • RPZ
Your Own DNS Server • No DNS requests go to third-parties • Run your DNS server in the cloud • Pi-hole <--- DNSCRYPT ---> DNS server • https: //github. com/jedisct 1/dnscrypt-server-docker • https: //github. com/pi-hole/wiki/DNSCrypt
Advanced Upstream DNS • Third-party DNS servers • Complements Pi-hole • Blocks malware and phishing • Admin panel • Block categories (adult, drugs, gambling, social media …) • DNS query logging and reporting • Manual blocking / whitelisting • Integration with real-time Threat Intelligence feeds ($$$ feature)
Advanced Upstream DNS • Strongarm https: //strongarm. io/ • Comodo Dome Shield https: //cdome. comodo. com/shield/ • Open. DNS https: //signup. opendns. com/homefree/
Response Policy Zone (RPZ) • The previous two combined: • Use your own DNS server • Download RPZ-based block list • Register Strongarm business account (free) • Download BIND 9. 10+ config from https: //app. strongarm. io/settings/rpz/
Workshop instructions • If you’ve brought along a RPi, use these instructions: https: //cryptoa. us/centaurus • If you’ve going to play along on the virtual machine, use these instructions: https: //cryptoa. us/fornax • Join us on #Slack https: //chat. cryptoaustralia. org. au/
Where to get help after workshop Crypto. AUSTRALIA Slack channel #pi-hole-workshop-help https: //chat. cryptoaustralia. org. au/ Pi-Hole website https: //pi-hole. net/ Has links to Discourse(!) , sub. Reddit, You. Tube channel Stay tuned to our blog, I’ll be blogging a detailed write-up with details of this presentation https: //blog. cryptoaustralia. org. au
Pi hole adlists
Pi hole hardware
Aoifes notes speech writing
Note writing for grade 11
Notices for grade 11
How to write notice
Notices for grade 11
Notices in business communication
Notices in business communication
Ester is walking to class when she notices
Penalty notice for disorder
Notice writing for 7th class
Describe spirit bear and its characteristics.
A fisherman notices that wave crests pass the bow
A student notices that the lettuce in a salad
Rpi in prosthodontics
Rpd design principles
Rpd design
Corrected reticulocyte count
Reverse action clasp
Retentive terminal of clasp
Bjt rpi
Rpi calculation reticulocyte
Upac rpi
Jeff morris rpi
Peter fox rpi
Electronic instrumentation rpi
Retic count
Varela rpi
Grampo de ackers
Carlos varela rpi
J rowl rpi
Chjan lim rpi
Rpi orientation
There is no tissue stop in the maxillary gride work, why?
Rpi rcs
Iea rpi
Michael shur rpi
Linear algebra rpi
Rpi litec
I-bar clasp system
Module 'rpi.gpio' has no 'setmode' member
Rpi alac tutoring
Rpi electronic instrumentation
Partha dutta rpi
