Hacker News new | past | comments | ask | show | jobs | submit login

A Pi-Hole is good to have in every household. Takes minutes to set up and makes sure that queries to unwanted domains end up in the land of /dev/null



A pi-hole only works against adversaries that rely upon DNS, or haven't been coded to connect directly to "trusted" public DNS servers.

(I'm almost astonished that advertising networks haven't switched to using raw IP addresses everywhere.)


You could probably very easily make a list of the "evil" IP addresses if that happened


You can combine approaches of course. My main in-home DNS, per the DHCP settings on the wi-fi, is a Pi-Hole. Secondary DNS is the pfSense firewall, so nothing's dead in the water if the Raspberry Pi falls over for some reason.

The firewall has the same DNS block-lists as the Pi-Hole, but also has subscription lists of IPs to avoid. Most of those are spammers or malware, but can include whatever other category of malfeasance you desire.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: