[chbot] [OT}Pi-hole

[Peter Ellens]

I was talking network security with some people tonight and found they 
hadn't heard of a pi-hole.

So I thought I would mention it here as I find it really useful.

What is it? Its a Raspberry Pi based DNS server with filtering. It is 
designed to help stop adverts on your entire network, but can be used to 
block any domain names.

It also provides a nice web based GUI and stats showing which devices 
are attempting to look up advert and tracking domain names the most.

It has advanced features for the 'paranoid'

As you may know DNS requests are world readable, anyone in a position to 
monitor your network traffic can see what sites your going to from your 
DNS requests. To address this issue some cleaver people developed DNS 
over HTTPS, its secure and can't be monitored by third parties. You can 
setup Pi-hole to use this service.

To activate your Pi-hole you need to update your DHCP server/router to 
give out your Pi-Hole IP address as your DNS server.

 From running this for several months now on average 30% of my DNS 
requests are now blocked.

See https://pi-hole.net/ for more info.