We all hate Internet ads. From those really intrusive ones that auto-play movies or sounds when you visit to the compromised ad networks used to drop malware and potentially unwanted programs right on to your device without knowing it.
There are lots of solutions to dealing with such annoyances including popular browser ad-blockers like uBlock Origin, AdBlocker Plus and so forth. The downside is that all these solutions have to be installed and managed individually on devices and generally only protect the browser.
What about advertisements that are served up outside the browser environment? A good example are those mobile apps that seemingly show an ad everytime you press a button or complete a game round – yes, I’m looking at you Candy Crush!
The solution is to block ads at the network level which can be done with a neat program called Pi-hole. This allows all devices on your network to benefit without the management overheads mentioned above.
As the name implies, Pi-hole is designed to run on a Raspberry Pi (but also works many other supported platforms) and provides DNS resolution functionality.
At high level, it works when you simply configure your device to use Pi-hole as its DNS resolver. When the client device submits a DNS request, for example – “tell me where to find http://www.google.com”, Pi-hole will check to see if the requested site is present on its list of sites associated with advertising. If the site is present on one of these lists, Pi-hole will return an invalid response for the address resulting in it being blocked. If the site is good, resolution and connection to site occurs as normal.
Pi-hole, with DNSCrypt or Cloudflared, can also be used as the basis to running encrypted DNS to ensure resolution lookups between you and the upstream DNS resolver can’t be snooped on and remain private.
The next few articles will cover setting up Pi-hole on a Raspberry Pi device, its configuration and then enabling DNS encryption.