Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » internet » security » pihole
Trace: public_dns hosts_file pihole
internet:security:pihole

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
internet:security:pihole [2021/02/06 14:23]
gcooper 		internet:security:pihole [2023/02/03 11:00] (current)
gcooper
Line 1: Line 1:
 ====== Pi-Hole DNS Sinkhole and Ad Blocker ====== ====== Pi-Hole DNS Sinkhole and Ad Blocker ======
 +
 +<note tip>It may just be easier to use free AdGuard DNS servers...
 +
 +https://adguard-dns.io/en/public-dns.html
 +</note>
  
 https://pi-hole.net/ https://pi-hole.net/
Line 20: Line 25:
  
 <file> <file>
-pihole restartdns+pihole restartdns reload-lists
 </file> </file>
  
Line 53: Line 58:
 <file> <file>
 CC_ALLOW_PORTS = US CC_ALLOW_PORTS = US
-CC_ALLOW_PORTS_TCP = 53,22222+CC_ALLOW_PORTS_TCP = 53,22
 CC_ALLOW_PORTS_UDP = 53 CC_ALLOW_PORTS_UDP = 53
 </file> </file>
Line 59: Line 64:
 ==== Botnet Attack ==== ==== Botnet Attack ====
  
-We use CSF firewall for bastion hosts.+=== IP Address List ===
  
-:!: ''LF_SELECT = 0'' means that the rule will block all ports.+:!: You can use this with Mikrotik routers and other devices.
  
-Create an IP list from the last two days:+Create an IP list from the last two days using ''ELDERJUSTICE'' as the search term:
  
 <file> <file>
Line 69: Line 74:
 cat /var/log/pihole.log.1 |grep query |grep -v 127.0.0.1 |grep ELDERJUSTICE | cut -d" " -f9 |sort | uniq >> evildoers.txt cat /var/log/pihole.log.1 |grep query |grep -v 127.0.0.1 |grep ELDERJUSTICE | cut -d" " -f9 |sort | uniq >> evildoers.txt
 </file> </file>
 +
 +=== CSF ===
 +
 +We use CSF firewall for bastion hosts.
 +
 +:!: ''LF_SELECT = 0'' means that the rule will block all ports.
  
 RegEx to find IP of attacker of ELDERJUSTICE.GOV: RegEx to find IP of attacker of ELDERJUSTICE.GOV:
Line 114: Line 125:
  
 The All Around DNS Solution adds **recursion**.   This is important in certain circumstances where queries are limited by IP address, such as free DNSBLs. The All Around DNS Solution adds **recursion**.   This is important in certain circumstances where queries are limited by IP address, such as free DNSBLs.
 +
 +===== Exclude Some Clients =====
 +
 +:!: Use the **firewall** to block abusive external (recursive) clients.
 +
 +https://www.vikash.nl/exclude-client-devices-with-pi-hole-5/
  
 ===== Troubleshooting ===== ===== Troubleshooting =====
  
-If the admin web interface gets wonky:+If the admin web interface gets wonky, try this as a temporary fix:
  
 <file> <file>
 pihole -f pihole -f
 +</file>
 +
 +Also try giving PHP more RAM.  The default is 128M, but you can give a lot more depending on your server's physical resources:
 +
 +<file>
 +vim /etc/php/7.2/cgi/php.ini
 +
 +memory_limit = 1024M
 </file> </file>
internet/security/pihole.1612646591.txt.gz · Last modified: 2021/02/06 14:23 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki