Recently saw a post regarding pi-hole, and I am considering to try it out. I am wondering if it would fit my usecase, so I want to ask about specifically what it solves.
I heard pi-hole blocks ads at DNS resolution level, so it does not block e.g. youtube ads. For me and my family who mostly watch youtube with handful of blog surfing, what value would it bring? Most blogs do not seem to contain much ads, so I am not sure ad-blocking helps much there.
Given the praise pi-hole is getting, I guess there are more to it than limited blocking of ads. I would love to learn more about this topic, as I am blind on the networking stuff. Thanks in advance!
Two things. 1, unless you specifically need to run the software on a Pi, I recommend using AdGuard Home over Pi-Hole. It’s more actively maintained (not to imply that Pi-Hole isn’t actively maintained), and is going to be more of a setup once and forget type of solution.
2, the value in running a software like this is to be able to monitor your network traffic for suspicious activity, block ads, and access to malware, porn, warez, gambling, crypto, etc (especially if you have children). You can use custom blocklists like Hagezi’s threat intelligence feeds (TIF) which instantly decreases your attack vector while interfacing with the clear-net. The TIF blacklists block malware, cryptojacking, scam, spam and phishing. Blocks domains known to spread malware, launch phishing attacks and host command-and-control servers.
I very highly recommend using the Hagezi TIF lists. You can setup AdGuard very easily (mine runs off my Synology NAS), and you can easily force your entire network to use it by changing your DNS server in your router configuration page to your AdGuard Home instance IP (in my case, it’s my Synology NAS IP from within my network).
Takes a few minutes to setup, and you’re done. From there you can use the web-ui to change settings, update blacklists, and even see what your network traffic looks like: https://x0.at/D-aY.png and you can even block access to services directly: https://x0.at/QlbJ.png
I’ve had AdGuard Home running in various places, but always struggled with getting it to show which device was making the call while also being protected while away from my local network. Just keeping the house secure wasn’t a problem, but routing my traffic while out always seemed to cause problems. Moreso on the synology.
What’s your use case look like?
but always struggled with getting it to show which device was making the call
This depends on how you have your devices setup to use your DNS. For e.g, in my home I have my Phone and PC setup to use the IP of my AdGuard server. In AdGuard, I have them as named devices. All other devices on my network use the router as DNS, so all other requests that are not coming from my PC or Phone indicate “router” as the name.
What’s your use case look like?
Home based server running AdGuard forwarded through a caddy reverse_proxy to a domain. Using DoH/3 so even when remote I use my own DNS. Works great.
