Tuesday, 18 April 2017

pi-hole - awful name, great product!

Advertised as "A Black Hole for Internet Advertisements" pi-hole (https://pi-hole.net/) goes a long way to living up to this reputation.

What is it?

pi-hole is a domain name server that can be installed with one command onto a Linux box or Raspberry Pi running Raspbian or similar. Once this is done, an update to your site's DNS records and all queries get pushed through the pi-hole, blocked as appropriate and then sent out to the world.

We are running it on an Ubuntu 14.04LTS virtual server, with 1GB of RAM and a single vCPU - and the DNS response time is quite acceptable. A tiny server will run this software quite easily.

Why use it?

If I'm looking at websites and browsing around, typically I'm not just getting my content that I want - there's a bit more sneaking through. Ads! Most sites will use advertisements to make money and I have no problem with this. My issue usually stems from having too many of the damn things popping up and chewing up resources like bandwidth and screen space. That's where pi-hole fits into the picture. Currently it's blocking over 100,000 different sites. We've noticed an improvement in web page speed and in testing - by going to www.news.com.au , we found that there was quite a few domains blocked.

Here is an example of our office's information from this morning (midnight to noon)

5% of our queries blocked! That's a reasonable amount of traffic in a 5 person (at the moment) office. Imagine if it were 100 people or more?! The amount of DNS requests and the traffic would drop considerably.

Additionally, pi-hole has provided some protection from malicious attacks via dodgy websites - these seem to get blocked as well and the additional safety is great to have - particularly when the cost is virtually nil. Combine it with OpenDNS as the relay (the next step in the DNS resolution trail) and the possibilities for controlling your DNS with a high degree become more realised.

We've been happy with our little pi-hole (oh that name is dodgy). Try it out :-)

No comments:

Post a Comment