User Tools

Site Tools


internet:security:pihole

This is an old revision of the document!


Pi-Hole DNS Sinkhole and Ad Blocker

Update

pihole -up

Install

curl -sSL https://install.pi-hole.net | bash

Password

Change the pihole user password used to log in to the web interface:

pihole -a -p

Firewall

Pi-Hole seems to work fine with only port 53 (TCP and UDP) exposed publicly.

Port 80 needs to be open for the web administration.

We use CSF firewall for bastion hosts.

Attack

cat /var/log/pihole.log |grep query |grep ELDERJUSTICE | cut -d" " -f9 |sort | uniq > evildoers.txt
cat /var/log/pihole.log.1 |grep query |grep ELDERJUSTICE | cut -d" " -f9 |sort | uniq >> evildoers.txt

RegEx to find ELDERJUSTICE.GOV:

^\S+\s+\d+\s+\S+ \S+ query\[[A-Z]+\] ELDERJUSTICE.GOV from (\d+\.\d+\.\d+\.\d+)
internet/security/pihole.1564964188.txt.gz · Last modified: 2019/08/04 18:16 by gcooper