I recently came across a post on reddit about keeping your home network safe with kids (and others who may be click happy) in the house. Many comments were made recommending dd-wrt as well as Pi-Hole for the purpose of ad and tracker blocking. It is well known ads can be used as an attack vector against your machine unbeknownst to the website owner. One stated major benefit caught my attention, a whole network could be protected by one device, much like a firewall, instead of setting up ad blockers on each device.
A few years back I toyed with the idea of flashing dd-wrt onto my Netgear R6400. I was interested in running a VPN server from home. I did some research, but ultimately, at that time, decided the risk of a brick was not worth the added flexibility. Whether the dd-wrt resources had improved or I now felt more comfortable I do not know, but I made the leap. It turned out to be rather painless. dd-wrt is pretty cool. There are far more customizations that can be made compared to the standard Netgear interface. It also includes a lot of built in services, an ability to script, and run cron jobs.
I then went through some instructions I found online to periodically download a blacklist of hosts and block via the DNSMasq service.
But it did not work… ads still loaded.
Honestly, I did not spend much time troubleshooting. I was kind of disappointed already by the lack of pretty graph reporting on dd-wrt. And I had seen screenshots of Pi-Hole. I was ready to move on.
I unboxed my Raspberry Pi Model B that had been sitting idle with a Kali install from a year or so ago. It had been in its box on my desk since Christmas 2013 with very little use. I knew my wife would be excited it finally got put to more use than just collecting dust. The latest Raspbian OS was soon installed on the SD card and an install of Pi-Hole was next.
Super simple.
I was up and running in no time. The only hiccup occurred was when I discovered the USB ports on my router wouldn’t power the Raspberry Pi. Had to resort to a regular outlet plug.
It has now been a few days with the Raspberry Pi running as my DNS Server. I use OpenDNS as my upstream DNS server. And I am amazed at the quantity of blocked DNS queries!
I mean … 32.3% of all DNS queries are ads/trackers? The Internet is filthy.
One of the things I really love about the Pi-Hole is all the data is organized and presented very well and readily available. I can see one of our Amazon Prime Exclusive (aka subsidized) Moto G cell phones has at or above 50% of its DNS queries to ads/trackers (as expected I guess).
Also I can see what the top blocked domains are on the network.
Pi-Hole 24 Hours Top Blocked Domains
What can I say? I am in love with my Pi-Hole. I love the data and I feel my home network is better protected. Highly recommended 12/10 would install again.