Old Pi or other SBC laying around? Not audio but network-related use

To whomever flagged this as spam, all of the mentioned is free, open-source, community written software. CloudFlare is free to use as well. I have no connection only sharing because I find this valuable and thought others might too. Elk if you disagree with the posting simply delete it please.

‘Your post was flagged as spam : the community feels it is an advertisement, something that is overly promotional in nature instead of being useful or relevant to the topic as expected.’

Have an old Pi that needs a job? You know you’ve got the time to dig in and learn something new. This can easily block 40% of your clients, computers, IoT devices, DNS requests saving overhead/bandwidth and vastly improving safety and drastically reducing your value as a product to be marketed.

Very well done DNS blackhole software, fantastic responsive interface and extensive stats. Completely configurable but pretty much ready to do ‘out of the box’.

Install DietPi first, then install the package from the Software-Optimized menu pi-hole. Roon Extension Manager is there too and handy if you use Roon

Also, check out CloudFlare’s April 1st annoucement, two more DNS filtering choices. https://blog.cloudflare.com/introducing-1-1-1-1-for-families/

Malware and/or Malware and Adult

Thanks for sharing. I may repurpose a pi for this since my Chromecast audios seem to do a fine job over TOSLINK.

Happy to help if you get stuck

On its face, the post does look like spam and/or something malicious.

It may help to explain what a sinkhole server is and why one may want one for non-malicious purposes.

This language does not help either.

Fair enough. I’ve been managing large networks for so long I often forget that many don’t have the experience or vocabulary. Much like when Galen tries to explain his cable designs to lay people.

https://docs.pi-hole.net/

Network-wide ad blocking via your own Linux hardware

The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software.

• Easy-to-install : our versatile installer walks you through the process, and takes less than ten minutes
• Resolute : content is blocked in non-browser locations , such as ad-laden mobile apps and smart TVs
• Responsive : seamlessly speeds up the feel of everyday browsing by caching DNS queries
• Lightweight : runs smoothly with minimal hardware and software requirements
• Robust : a command-line interface that is quality assured for interoperability
• Insightful : a beautiful responsive Web Interface dashboard to view and control your Pi-hole
• Versatile : can optionally function as a DHCP server, ensuring all your devices are protected automatically
• Scalable : capable of handling hundreds of millions of queries when installed on server-grade hardware
• Modern : blocks ads over both IPv4 and IPv6
• Free : open-source software which helps ensure you are the sole person in control of your privacy

In the context of Cloudflare’s new free offering. Their DNS service is fast, really fast and now includes blocking of malware and/or malware and adult DNS names helping prevent malicious code/programs from spreading across the internet.

The goal of all of this is to make your home network and the devices connected faster and to reduce ad-tracking and malware infections.

For example, I have 4 Amazon Echo devices, 2 Roku and 2 Apple TV, numerous cameras, outlets and other sensors. 42 devices in total. The Amazon and Roku devices ‘phone home’ with usage data and other device status info. This data is serving NOT you the owner of the device. This data is NOT required for the device to do everything you want it to do.

My old Pi now blocks 40% of the DNS requests and thus stops the data from ever being sent. Data that is used/sold to advertisers to target me and those in my household. I want the utility of the devices but I don’t want to fund an ad campaign.

I don’t know how many people created DietPi OS but the Pi-hole team is a small group of very talented folks. They do this in their spare time and only take donations to help defray the hosting/download costs.

Numerous others contribute by maintaining txt formatted lists of domains to be blocked. The lists are categorized by ‘disruption’ potential. Meaning, some wanted DNS requests will be inadvertently blocked or the list curator wanted them blocked but you chose not to…one can easily ‘whitelist’ blocked domains.

My setup is blocking 2.5+ million domain names. Domains I don’t want any of my devices resolving. I only found a few that I needed to whitelist and once it’s done, it’s done.

Hope this helps further the understanding of these tools’ value.

Very cool!

Thanks

You looked through 2.5+ million domain names?

I haven’t, the Pi does. One loads a list of URLs that contain the lists that the individuals curate. Pi-hole loads these into memory and away it goes. The lists can be updated on a schedule and adhoc.

In the past I have used similar to block access to The Sun and The Mail (leading tabloid filth and lies mongers in the UK).

Stats:

Screen Shot 2020-04-09 at 5.45.52 PM2488×264 80.7 KB

Quite a good deal. Now I need to get a VPN set up too.

While a VPN can be useful there is a performance hit and unless you’ve got something to hide the blockers will give you all the privacy without the increased latency.

I find a VPN service fine for use where you need to ‘be’ in another locale. However, unless you host the VPN you can never be sure they’re not logging and making those logs available to LEO or the highest bidder.

You can always use TOR for free but with huge performance penally. It’s fine if your access is only command-line but that’s about it. Hop through 6-8 nodes and you’re tracks will never be found.

But we’re getting into the weeds now…

BTW, I’m a white hat for my employer, a $10B company, which is now 75%+ remote. We’re in an essential industry so only those required to be onsite are.

It makes zero difference where I do my job, been that way for decades! I’ve been practicing for quarantine for a while unwittingly.

I meant a local VPN, say running on my NAS or something. But, yes, the performance hit would be very real given the horrible upstream speed I get. There are times it would be nice to run Roon on a VPN, but given my current work situation, there really hasn’t been much need.

Ah, yes, gotcha. DietPi has several VPN ready to install. Nice scripts for setup. Fun project is nothing else. Test from cellular connection.

Note: Roon will work over some VPNs but it’s mostly a limited by the client software/host OS that won’t route the packets. It must all exist in a single VLAN as well.

Screen Shot 2020-04-09 at 7.03.09 PM1076×206 61.2 KB

Screen Shot 2020-04-16 at 7.10.15 PM962×624 139 KB

ssh to Pi running pi-hole, pihole -c

Just waiting on a new microSD card to arrive so I don’t have to format the old one if I change my mind.

Good idea. Good to have several, they are cheap and the newer ones are WAY faster than 5 years ago. Search for a SD card cloner. Useful to simply image the card before an upgrade that may or may not be ready for prime time.

One needs a quick way back or the network/wifi becomes useless