Raspberry Pi - Setup Pi Hole for DNS Security

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

please remember that the complete information for the class that you are about to view is at Eli the computer guy comm not only do we have our videos there but we have parts lists diagrams pictures and even complete code examples so if you are watching this video and you want more information please go to Eli the computer guy comm welcome back as you know I am Eli the computer guy and in today's class we're going to be creating a pie hole with our raspberry pie so what a pie hole is it is a security device that allows you to block DNS name resolution specifically for advertiser networks so whenever you go to a website whether it's Facebook calm or cnn.com or ARS technica calm when you go there and you see all of the banner ads all of those banner ads are presented to you by the website making calls to specific ad networks or domain names so ad network google.com or ad network you know evil evil advertising syndicate com so on and so forth and so basically what the pie hole allows you to do is you are able to use the pie hole as the DNS for your network so you can configure all or some of your computers to use the pie hole as the DNS and then when your computer tries to resolve names for domains that are in advertising networks essentially what the pie hole will do is it'll just sync those domain names so instead of actually resolving to the full fledge IP addresses like it's supposed to do or like DNS is supposed to do but the pie hole does is it says oh this is a restricted domain again it's an advertising domain so instead of actually resolving presenting an IP address so that the computer can then pull the banner ad or the pop-up ad or whatever else from the server what I'm going to do is I'm simply going to fail that resolution so therefore the advertising will not show up on the client computers so when you look at the pie hole basically what this is is this is a DNS security device and so what it does is when your computer tries to resolve a domain name so cnn.com or ad network google.com to an IP address basically what it does is it goes through and it says okay this this domain name is okay so I'll resolve the the IP address associated itself that IP address will will resolve but again ad network google.com oh that is in our black list that's in our restricted list so we are not actually going to resolve that so the computer will then not be able to pull the banner ads the pop-up ads all of that kind of stuff so today I'm going to show you how to build a pie hole it's a relatively simple process and it's something that you'll probably be very happy to have on your network so there are a few warning warnings for today there's one a technical warning warning there's one professional warning warning and then there's one don't be a dummy warning warning if you do the final one I'm gonna come I'm gonna find you and I'm gonna be very very snarky at you but anyways the first warning warning I would say from a technical standpoint is that if you are going to be using a Raspberry Pi for your piehole then you only use it for your piehole basically if you're gonna be using a Raspberry Pi to be your piehole that it should be a dedicated little device so a lot of times people really want to add multiple things onto like single device or a single server so you may want to use the Raspberry Pi as a pie hole and maybe a web server and maybe a file server and maybe a couple of other things one of the things that I'll tell you is you may run into conflicts you may run into problems if you try to have multiple services on your Raspberry Pi especially if you do not know enough to troubleshoot to those problems so I would argue with the Raspberry Pi in a pie hole goes by and an expensive Raspberry Pi install the pie hole onto it and then just leave it in a corner leave it in a corner updated every once in a while and otherwise don't mess with that the next thing that I want to talk about is from a professional standpoint or from like an infrastructure standpoint to be thinking about how do you actually really want to be used in the pie hole now how they suggest you use the pie hole it's not how I would recommend you using the pie hole at least in the beginning so it's important to understand that with the pie hole the pie hole can actually be a full-fledged DHCP server and it can act as the primary DNS for your local area network so what you can do is if you have a router you can turn the DHCP and the D and DNS off on your router and then all the piehole you can turn the DHCP on you can create your subnet masks you then make the DNS the piehole itself and then you make the default gateway whatever the router is and now your little piehole is then providing all the DHT DHCP services for your local area network and isn't presenting itself as the DNS for the local area network and again it's presenting the router as your default gateway I would be careful about doing this initially because if you do this and you're not really comfortable with what's going on here you're not really comfortable with networking you're making a primary device for your my network you're making your main a DHCP server for the network be this little pie hole and if you don't really understand how subnet masks working you don't really understand how a couple of other things work you literally could basically shut your entire your network off of the internet so I would be very careful with that one of the things that you can do is you can set up your piehole and basically it's a DNS server and then one of the things that you can do is you can simply then point individual clients to that piehole as being the primary DNS server so you can go into the manual configurations I'll show you that today and instead of using the the the pie hole as the full DHCP server you can simply set it up as DNS and then connect your clients your individual clients to that DNS server having them be a primary the primary DNS for that particular computer and so that way you can play around with this you can make sure it works some home computers can be using it for DNS other computers can not be using it for DNS and basically that way especially when you're in the the troubleshooting playing around phase you don't have to worry about shutting your entire network down again especially I know a lot of my viewers are young maybe your your setting this up on the your home network say the network that your mother your father your sisters your brothers all these people are using let me just say if you set up the pot hole as a DHCP server and you're really not sure what you're doing your family's not gonna be happy with you so in the beginning at least do not set it up as a DHCP server simply set it up as a standard DNS server I'll show you how to do that and then manually configure your computers to use it for DNS and then go from there and then once you feel completely comfortable then you can deal with the larger network the final thing the final warning that I'll give you is the don't be a dummy dummy warning is that a lot of people when they look at security they're always looking for that one security device right I want to plug this one device into my network and I want my network to be secure that's not how security works in the real world not how security works right security is a multi-tiered multi-layered affair you have multiple devices you have multiple pieces of software you have multiple configurations all of these things create a secure environment so one of the things you need to be thinking about when you're using something like the pie hole is remember it's doing the DNS resolution and basically is doing DNS security so if you try to resolve ad network google.com to an IP address it'll sync that so instead of actually resolving to the IP address it should it will just fail it out but we remember remember that's DNS resolution if for some reason the ad network that's being presented is simply present being presented with a IP address so you're already getting the IP address you don't actually need the DNS resolution then any as being presented by simply an IP address that will say along through because remember what the piehole is doing is it's dealing with the DNS security and so DNS is resolving domain names to IP addresses if the server if the website that you're going to is already presenting you with an IP address then you're going to skip that DNS resolution process because you don't actually need it to work and therefore things like banner ads and that kind of stuff will pop up so this is one of those things that you have to be thinking about in the real security world again with all security devices and software and all that kind of thing they try to solve specific problems and they try to solve like the biggest problems but there are ways to slip past these types of things and so you just have to be careful about that so if you're sitting there and you set up the pie hole and you have all the black lists up there and everything's you know everything seems like it should be configured and then for some reason when people go to particular websites they're still getting banner ads or still getting pop-ups you know like why is this happening why that might be happening is basically they're getting pointed directly to IP addresses instead of having DNS resolution and therefore the piehole is basically just just gone around and it's not worried about so these are some things to be thinking about again with all these types of devices be very careful when you set it up on your network again especially if this is your home network or if you have roommates or anything else this is the type of device that can take over services for the entire network and if it's set up properly that can be a good thing but if you screw something you screw something up it can be very very bad again if you just simply fat-finger when the default gateway is you know instead of 192 dot 168 1.1 it's what the default gateway makes am I supposed to be you know if you do 192 dot one six dot one dot one now all of a sudden every computer on the network they go out to dhcp address from your piehole is now going to have the wrong default gateway which means none of the computers that have grabbed an IP address will be able to get out to get out onto the Internet so be very very very careful with that so with that let's go over to the demo computer I'll just show you the website which has the information for the piehole then watch they go over the Raspberry Pi itself and we'll set up the pie hole and show you how all of this works so here we are on my demo computer and I'm just simply gone to PI - hold on net and this brings you to the PI a whole website you can scroll through here it has a bit of information for you one of the things to realize is that you do not have to simply install this onto a Raspberry Pi since it's called a pie hole a lot of people assume it will only work on a Raspberry Pi but basically this is essentially Linux software and so it will work on the Raspberry Pi OS it'll work on a bun to work on debian and we'll work on fedora and it will work on cent OS the reason that you would probably want to use it on a Raspberry Pi is if you're having us be on 24 hours a day using a normal desktop computer and basically burning all of the electricity that a normal desktop computer needs in order to simply provide some very low-level DNS services is going to cost you a lot of electricity at the end of the day in the end of the year so again you think about a normal desktop computer you have that on four hours 24 hours a day seven days a week and all that's providing is low-level DNS services that's gonna end up costing a little bit of electricity so by putting onto a raspberry pi raspberry pi is a low energy type device so it will cost a lot less than electricity so that's kind of one of those things just to kind of keep in mind you're like oh I don't want to use a Raspberry Pi I'm gonna I want to put this in my you know three three power supply raid configure to whatever server say well that's that's a good way to waste a lot of electricity so just something to keep in mind so you can set this up again you can also do things like set the Raspberry Pi up in a VPS and in a virtual server so on let's say digitalocean Orla node or something like that so if you actually wanted to have the the the piehole up on the cloud and be able to access it that way that is also something that you can do so that so we're going to put this on a PI the standard place to put this is on the PI but you don't have to put it on the PI that makes any sense so anyway so I go through and we can go down here and see some of the different information and then we can go to install the PI whole so we're gonna go and click on install the PI hole and it will give you some different ways to install the PI hole the way that we are actually going to be installing today is simply the manual way for installing method a to the manual way W get space - OH basic install blah blah blah so basically we're going to plug this into the terminal this will install the PI hole for us and a way we can go so with that let's go over to the Raspberry Pi itself and actually install another pipe hole onto it okay okay so here we are my Raspberry Pi we're simply going to go up here I'm going to click on the terminal to open up the terminal and then we are going to type in the commands very simple so W get space - uppercase o so to be clear to be clear it is not 0 it is not lowercase o an uppercase o so they you know that's one of those nice arguments they put in there and you're like crap what the is that a 0 or is it an O it is an uppercase o just so you know or then you just want to type in basic - installed H then why new space HTTP colon forward slash forward slash install ty - o net and hopefully that will go through van if that finger anything so it went through and basically extracted itself all of that stuff is good and so now what we're going to do is we're simply going to do sudo bash basic - install s eight and this will now actually install the Raspberry Pi we hit the little Raspberry Pi symbol here and it'll take a second so it's not locked up but hasn't frozen it's just you know stuck in the disk space updated local cache checking for app yeah so on and so forth this installer will transform your device into a network on wide ad blocker okay pie hole is free blah blah okay pie hole is a server so Annie's a static IP address okay then it says basically what a net connection you want to use so at zero is your wired connection a connection wlan0 is your wireless connection I would I would say I could stick with the hard wired connection then it says your upstream DNS provider so so these are the DNS providers like up on the internet so you can use Google News level 3 komodo CloudFlare or custom so basically we're just going to use Google to make our lives easier so I think this is 8.8.8.8 and 8.8.8.8 8 4.4 so these are basically Google's DNS servers click OK and then basically in order to block the ads to be able to sync do the DNS resolution figure out what DNS is good and what what domain names are bad it uses third party lists so it says do you want to use these particular lists or not we're just going to tab down and say ok so we want to use all these lists select the protocols that you want to block so ipv4 and ipv6 is fine we're just using ipv4 really but in whatever and then it's going to say what your current network settings are so and say here that my IP address this is what I actually grabbed from my DHCP server as 192.168.1.2 three with a Class C subnets so I slash 24 as a Class C subnet 255.255.255.0 and the Gateway is 192.168.1.1 so what we're going to do here is I'm just going to basically manually change this and I'm going to say five so what I want to do is I want to have the IP address for the piehole it's gonna be 192.168.1.5 and I'm going to leave it as a slash 24 so don't don't screw the slash don't screw the 24 and just just modify just modify that number right there then I'm gonna click OK ok enter your desire to default gateway so we're gonna keep it at 192 dot 168 don't 1.1 gotta click ok so is this correct yes do you wish to install the web admin interface so yes what a nice little web admin interface do you wish to install the web server so again now this is a clean installation of a raspberry pi OS so I don't have a packing on here I do not have any other web servers on here so we might as well have the light httpd server installed so we're simply going to install this this is a web server for us do you want your log queries yes we won't actually log things select a privacy mode so do you want to show everything you want to hi domains hi domains a client blah blah blah I want to show everything but to be clear this is something that you should be thinking about with the security policies for your organization so if you were setting this up for an organization so if you're setting up for yourself you guys log everything like everything you're setting it up from your home Hey log everything so you see what your brother's looking at but to be clear if you were setting us up for an organization you do need to know what the privacy policies are for the organization to determine what you should actually log you don't want to get yourself into legal trouble because you're logging everything and then people think that spine stuff goes to help so anyways you decide how much you want to basic basically be a blog then we're gonna click okay it's gonna go through here it's going to figure finish configuring everything and you know this just takes a couple of seconds so the nice thing with the piehole is if you're not explaining to somebody if you're just going through and actually setting it up you can literally have the piehole like completely set up in just a few minutes it really doesn't take that long oh so this is going through it's doing a little cleanup Korean if you configure file here so you can again you can see it's using PHP so just something to think about it's going through Korean configs and now we're finished so basically we can see here our IP addresses 192.168.1.5 we can come down in order to connect to the admin interface we will go to http 192.168.1.5 so basically if you go to one of the client computers on your network you're able to access the interface for the pie hole there and then this right here is the password so make sure you don't lose this so we're just gonna sit do this copy I'm gonna go over here go to accessories go to text editor I will then a paste and then I'll do file save as and you know how security I guess I am I would just save it as the password so again that is one of those important stupid things if you know a lot of times when you go through when you're installing installing something you just do ok ok ok ok ok ok ok before you hit the ok make sure you actually grab this password here or you're gonna be locked out of the system you're gonna have to go through the installation process again so past that we're just going to simply do ok and we can see installation is complete and now I can close out of the terminal if I want to go and I want to actually access the web admin panel from the Raspberry Pi I can simply go up here open up the the web browser close that and basically oops well I'm sorry I open up the web browser don't close everything and close all the tabs and then from here what I can do is I can do 1 points I can do one twenty seven point zero point zero point one so this is called the loopback address then I can do admin and this will get me to the dashboard for the pie hole itself so I'm on the pie hole and simply by going to one point seven dot zero dot zero dot one forward slash and man I can see I can see the dashboard from here I can do login so if I click on login I can then come down to this password and then I will simply paste the password I have from this text file here and then I will log in once you've done that we'll do never and we can just go and can a little bit of a look around so the total queries so how many queries have been done to the pie hole we see that none have been done so far we don't have a configured queries blocked percent block domains on block list there's 84,000 domains on the black block list you can go to fewer here there's query there's logs there's long term data so let me show you a graphics that type of thing you can create a whitelist so for some reason a domain name is being blocked when you don't want it to be blogged so maybe you do want some kind of ad network to show up or for some reason it's in a block list you can actually whitelist domains here one of the interesting things is they also have a blacklist and so on this blacklist you can add other domains so again if this is for your organization if this is for your business you may not want your your users going to youtube.com right so again this is a DNS security device so by default it syncs DNS queries that try to pull in stuff from ad networks but you can also block any other domain name resolution so you could put in YouTube you could put in facebook you could put in LinkedIn right so you could actually plug in domains here and then block them and basically any computer that is using this pie hole for the DNS it will then sync and won't actually be able to get to that domain name when we do the wild card here or the wild card does is it also blocks the sub domain so if you had like mobile youtube.com so if somebody went to youtube.com and the wild card wasn't selected then that would be blocked but if somebody might might have gone to mobile youtube.com if you don't use this wild card they might actually be able to get through so you have the blacklist here and that's a that's an interesting thing they have group management so you can actually create groups you know clients and be able to set up different configurations there show you some different tools shows you the network shows you the the different computers that it can see on the network so we can see one eye view dot 168 on 101 14 & dot 12.7 so on and so forth and so this gives you some interesting things to take a look at and play around with now if we go down here to settings this is where you can actually set up that DHCP service if you want so here we can see the basic network information some 192.168.1.5 with a slash 24 we can see what the host name is so for some reason you forgot what the hell the host name is for the read for the the pie hole or if you're running into problems so again if you're using a Raspberry Pi and you just leave the host name as the default you might do some weird name resolutions on your network and if you have multiple computers name the exact same thing you might run into issues so this will just show you what your host name is you might need to go in and modify that shows you when the pie hole was started it shows you some other information here shows us some block list we can deal with DNS so basically this is the upstream DNS servers so if you're trying to get to cnn.com or basically you know google.com or anything like that what upstream DNS servers will you use so we're using Google's upstream DNS servers this is the DHCP server so we can enable the DHCP server now it's very important very important if you enable the DHCP server on your piehole you need to turn off the DHCP server on your router so whatever is currently acting as a DHCP server you need to turn it off and then you turn on the DHCP server on the piehole if you have two DHCP servers running at the exact same time that is that is fun than all the wrong ways you're going to have a lot of fun troubleshooting all of the issues so remember only one DHCP server is a time range of IP addresses to hand out so basically this is the scope so you can see here this is handy now from 192.168.1.2 oh one up 2.25 one so if that's what you want to do what the default gateway is 192.168.1.1 the whole domain name some of this other stuff basically the least time here and there's some other information here so basically this is what you would set up if you want the pie hole to them be your DHCP server and this would then provide the IP addresses the DNS name and the default gateway number two all the clients that are connecting on your network then you've got some other stuff here some Web API things if you want to play around with that you got the privacy again dns resolver privacy level so what we have is now is show everything and record everything gives maximum amount of statistics but then you have these different levels and so what you do here is based off of your particular organization if your organization as particular privacy policies then you make sure that this goes with those particular privacy policies and then we have teleporter over here basically all this is is this is an import/export utility for the pie hole so if you want to switch to another device let's say and so you want to export your pie hole settings you can export the settings here or if you want to then import the pie the pie hole settings into another device you can then choose the file and import doing that I want I do wonder how much you would actually use this type of thing but the teleporter does exist so this is basically the overview of what the pie hole looks like so let's go back over to my demonstration computer and I can show you how to configure at the DNS so that we start using a pie hole for the DNS and I can show you what it looks like once you've started using a pie hole for the DNS so here we are back at my demonstration computer so again this is a MacBook Pro running Mac OS I'm using the Safari browser but to be clear DNS and web browsers at least when when dealing with the pie hole are essentially the same so if you're using Windows with edge your Firefox or whatever else using the pie hole will still block that DNS resolution to the ad networks are the same as if you're using a MacBook Pro so let's go up here and currently my DNS is being resolved by the router on my network so 192.168.1.1 that's my default gateway and my R and my DNS so if I go to cnn.com currently using Safari we can see that a whole bunch of ads will show up so we can see that we got a nice little banner ad up here with Don Lemon if we come down here we in purl cozy shoes we got some mask and advertisement all that kind of thing so not only our ads showing up but tracking is happening all kinds of things are occurring when these types of banner ads show up on a website and so we want to block those ads from happening so that we don't have to see them so we're going to do here is we're going to quit Safari and then we're going to simply go up we're going to go to open and Network preferences and then we are going to modify the DNS server the primary DNS for this particular computer so again if you're in the windows world or the Linux world will be slightly different but hopefully if you're watching this class you know how to change your primary DNS server we're simply going to go to advanced we're gonna simply click on DNS and then for me and one two 192.168.1.5 so that is the DNS server that's the the pie hole the DNS server the pie hole that we created gonna hit plus so that's there then I'm going to do okay then I'm going to do apply and then I'm going to close out of the system preferences and so now 192.168.1.5 is the DNS server for this particular computer so when it goes to cnn.com or any other website basically those and most of those ads should not show up now the one of the things I'm going to do next you can't really see this but maybe you can hear it I'm going to unplug my network cable just so things get flushed out and then re plug my network cable so if you heard that click I was very plugging in the network cable one of the issues you can run into is do remember your computer caches certain types of information such as DNS resolution and so if you don't restart your computer or reset the network card or possibly unplug the network card that network cable and plug it back in when you go back to use your web browser it may have DNS resolution information already cached and so it may appear that your Pikul isn't working and it's not the other group eyehole isn't working is that your web browser has cached certain information so disable re-enable your card basically disable re-enable Wi-Fi unplug the network cable do something to make sure and try to clear out that cache so from here we can simply go to Safari we'd see this pops up again looks normal now but if we go to let's say CNN we can now see that cnn.com is going to look different for us so we can see that there is no big banner ad at the top if we scroll down this is this is the space where the ads were before so this is where banner ads are showing up this is where tracking things were occurring and so on and so forth and basically you know as you as you go through you can see that there's a lot of blank spots here and those are the spots where there would be advertising and that is now simply being blocked because of the of the the pie hole but one of the things I will show you is again the pie hole is not a perfect solution for things like advertising so you can see this Lending Tree ad right here so this is getting through the pie hole system so to be clear using the pie hole will get rid of a a lot of issues it won't get rid of all of the issues though so with that let's go back to the pie hole and actually take a look at what the charts look like what the stats look like and now that we're actually using the pie hole okay so you get an idea of that so here we are back at our pie hole our little raspberry pie and we can start to see that it's doing its work so total queries we can see we have two clients we can see the number of queries blocked 199 percentage of blocked 57 point 3 so on and so forth and you can come through here and you can start to get an idea of what's being blocked and basically what domains your computers are trying to access so top permitted domains we can see we have Apple calm here we can have the the API to Apple cloud kit here so we can see this going on google.com and cnn.com so again this might be useful for you if your employees your employees don't seem to be as productive as they should be if you come here and you see that YouTube has thousands and thousands and thousands of hits maybe you might want to think about blacklist you know again top blocked domains so we can take a look here I mean see data cnn.com is blocked we can see ad service google.com is blocked Amazon AD system is blocked so we can see like literally literally I only set this up and went to cnn.com that's it we can already see how many domains are actually being a block from this you can click on the domain you can see some different information here so things like the client so if you look at a domain and maybe it looks like a porn domain or something you can click on it and then you can see what clients are going to it if everybody's going to it then you probably know it's just a general thing and that's out there if only one of your client computers are trying to access that domain then it may be a problem so you can come here you can take a look at it if you want to click on the white list so you can actually whitelist that if you know if there's like a domain that you realize Oh somebody actually needs to be able to access it they can you can click on the whitelist there past that we can go up here to the query log and so with the query log this will show us and more or less real time what's going on with a DNS so domain time - Mac OS Apple comm 192.168.1.1 we can see the status is okay so it actually went through if for some reason I wanted to blacklist this so again maybe it's YouTube or Facebook or something specific I could actually click on the blacklist here then data cnn.com again we can see what IP address is going is accessing that we can see that this is blocked if I wanted to whitelist this so again let's say for some reason I wanted people to go to that domain name I could actually whitelist that there and basically you can just simply scroll through here you can see all there's numerous different pages we can click on the sir so let's say CNN so if we wanted to see just stuff that has to do with CNN we can see that type of thing here and basically you can get a little bit better idea of what's going on with the DNS you can come down here to the long term data so again this can store data for a long time we can click the the range so this has only been set up for today so I can click on today and then I can start to get a graphical idea of what's happening here right so permitted DNS queries 35 blog DNS queries 50 and go to the query log same type of thing I'll click on today since I only have information for today and then again I'm saying the same type of information down here I can blacklist I can whitelist if I want I can say you know what I want to see what was forwarded was cashed you know blacklist that type of thing and then we can come down here to the top list and we get a better idea again the top domains that people are accessing and that are being blocked right so top domains we can see you know Apple comm is a big one Google comm cnn.com Twitter again at ECU that's kind of curious cuz I definitely do not try to go there and then the top block domains we see this over here and then we can see the top clients so we can see basically who is most active using the DNS and as we can see here it's 192.168 don't want it to one which is my client computer so this basically gives you a bit of an overview of what the pie hole will do for you again it can be a very valuable tool as a part of your security infrastructure it's not the only thing you need for your security infrastructure and do remember if websites are using IP addresses instead of domain names it can go right past the the pie hole because again there is no dns resolution if there's already an IP address so do realize that there are holes and the quote unquote security that this provides but this may be very useful for your network and get her all for security and getting rid of advertisements and that type of thing so there you go now you know how to create a pie hole and you can try to protect your entire network from all of those nasty little advertisements and banner ads that show up the nice part about this is this is not a browser extension that you have to install on all your computers this isn't again some kind of software whatever you have to install on all of your computers basically this is DNS level blocking so if you if you set it up so your client computers are using your piehole as the DNS server essentially all that happens is one of when when IP addresses for those ad networks are requested the pie hole will simply sync those requests and then the banner ads and all that stuff will not show up if not it's it's not a panacea it does not fix all problems with tracking and ads and all that kind of stuff but especially if you have a network of 10 or more computers and you just want a nice simple baseline DNS type security apparatus I think this is a very valuable and a very useful thing to have now again in the real world you do need to decide whether or not you really want to set up your piehole as your primary DHCP server for your network so you can set up the pie holes a DHCP server you can set up your DHCP scope you can it obviously will provide itself as the DNS the primary DNS and then you can plug in the default gateway why why I would be cautious about this is because do you remember in the real world when you have a lot of people using a lot of different computers right the domain that to you may seem horrible and evil and nasty and frustrating to somebody else might be very necessary so again you know the frustrating thing about the real world can we talk about the real world for a second you know you may have a secretary again things that happen in the real world you may have a secretary that has a lot of downtime right so that that person is hired to sit there and pick up the phone and talk with people when they come in the door but the reality is the business might not be that busy so a lot of the time they're kind of sitting there and they're kind of fiddling on the computer and doing other things simply because there's no other work to do well those type of employees many times will get online and they'll play a lot of stupid online games you know like little you know the tetris is of the world and the solitaire I don't know the candy crush's whatever the popular game is currently well a lot of those popular games they're they're essentially tracking apps you know what I'm saying is basically you go there and they show you banner ads and they track what you do and so you get to play the free the free game and they get to try to gobble up information about you well Wow well you implement a pie hole onto a network where you have a couple of secretaries they spend most of their day doing something comparable playing candy crush and all of a sudden there longer able to play candy crush you're gonna have a lot of pissed-off employees so that's where I would say be very careful with how you actually implement a piehole a lot of new people are like this is great and then they'll implement it for the entire network and they'll have they'll have no idea why everybody is so angry with what I protected your privacy so what I would suggest unless you really know you want to do that with your environment is really simply really think about simply setting this up as a DNS server then point your client computers to that DNS server or manually right so the CEOs computer will be pointed that DNS server and your computer will be point to that DNS server and everybody all the non secretary the warehouse workers will be pointed to that DNS server but then the secretaries or anybody else that may have a problem using the piehole they can be pointed just to the standard DNS server and go from there so that's some the kind of things that you have to think about also if you have Active Directory on your network right if you have Active Directory there's an Active Directory DNS services be very careful with using a piehole on a network with Active Directory this is one of those things where this can start getting very very confusing and very complicated and very quirky very quickly when you start doing DNS so just just kind of keep that in mind don't just throw this into your network and assume everything will work perfectly you could run into some surprising problems again like no joke with that candy crush thing I have the tow I have killed CEOs computers I have wiped out CEOs computers and they have been less pissed off than what I have removed the ability for certain secretaries to essentially play candy crush you want to see somebody lose their mind see a secretary lose their ability to play candy crush they will serve your head to you on a platter so again what seems good from a security standpoint may not work so well in the real world so be very very very careful with how you implement this and then the final thing too as I would say with the Raspberry Pi and the pie hole is simply basically use this as a dedicated network device don't install piehole and run a web server and run file services and run other things off with your eyes berry pie your ass berry pie as a $45 computer yes yes give it one function just just allow it to do one function if you start having to having the PI hold to perform other services for the network again you made Yuen Li run into issues and if that's your DNS server and that starts having issues that can then cause issues for the entire network so this is one of those things set set up put put the pie hole on a clean installation of raspberry pi OS or whatever OS you want to use configure it set it up and then just you know is that updated every month go back check in logs every once in a while update it every month and otherwise just let it let it do its work just let it do its work so as always I enjoy doing this class look forward to seeing the next one if you like the content that I create please think about going to Eli the computer guy comm and becoming a member or donating please understand that all the educational videos are in front of the paywall that includes the videos that includes the notes the diagrams and the code example all of that is freely available and in front of the paywall but if you want to watch opinion videos or if you want to be able to comment you do need to become a member membership is $5 a month or $60 a year and gives you access to those opinion videos and the ability to comment if you don't want to become a member you just want to give a one-time donation there is also a donate button where you can do that please understand in order to provide the education that I am it does cost money the servers cost money equipment cost money travel cost money all of these things cost a reasonable amount of money and the fact of the matter is is YouTube's advertising program no longer supports creators the way that it used to so if you want to these classes to continue to stick around and you find them to be valuable please think about either becoming a monthly member or donating a few dollars for this

Info

Channel: Eli the Computer Guy

Views: 49,125

Rating: undefined out of 5

Keywords: Eli, the, Computer, Guy, Repair, Networking, Tech, IT, Startup, Arduino, iot

Id: KiJ8JFR_y1w

Channel Id: undefined

Length: 42min 14sec (2534 seconds)

Published: Mon Jun 29 2020