block ads trackers and malware with raspberry pi and pi
play

Block ads, trackers and malware with Raspberry Pi and Pi-hole - PowerPoint PPT Presentation

Sep 23, 2023 •1.07k likes •1.58k views

Block ads, trackers and malware with Raspberry Pi and Pi-hole https://cryptoaustralia.org.au Nick Kavadias nick@cryptoaustralia.org.au Self promotion! CryptoAUSTRALIA is a not-for-profit started by security and privacy enthusiast.

  1. Block ads, trackers and malware with Raspberry Pi and Pi-hole https://cryptoaustralia.org.au Nick Kavadias nick@cryptoaustralia.org.au

  2. Self promotion! • CryptoAUSTRALIA is a not-for-profit started by security and privacy enthusiast. • Finding practical ways of dealing with the modern privacy and security challenge.

  3. We know how to internet.. @CryptoAustralia #cryptoaus http://chat.cryptoaustralia.org.au

  4. NOTICES 1. I will tolerate some interruptions. So call out questions. 2. The night is split into two parts 1. First preso ppt death (40 min?) 2. Then the workshop (the rest)

  5. What we will be covering… 1. Why block the internet? 2. What is a DNS blackhole/sinkhole; 3. Pi-hole hardware and software supported; 4. My home Pi-hole install; 5. Advanced topics on DNS, lists and VPNs 6. Workshop with RPi / VM

  6. Instructions (for later) • Have RPi (or like) device use: https://cryptoa.us/centaurus • VirtualBox or VMWare Fusion use: https://cryptoa.us/fornax Link to download VM in these instructions, we do have a local copies on usb

  7. Can’t you just leave the internet alone? Flash ads which hijack pages; No! Pop-up and pop-under ads; Ads which stalk me on all my devices; Ad networks which track and profile me; Ads that tell me I’ve won stuff; and, Malvertising…

  8. Tech support scams! how do they work? Check out Jim Browning’s YouTube channel

  10. Pi-hole, the solution to all your problems?

  11. No! No such thing as a silver bullet! But.. • Good job blocking ads and trackers out of the box • Not YouTube video ads, but you can do with some tinkering • It is easy to setup and configure; • network based; • It is not a traffic filter. • A ct as a second line of defence for malware/viruses • I still use browser extensions • … and antivirus

  12. How DNS works normally https://go.gliffy.com/go/publish/12358860

  13. How DNS works with Pi-hole https://go.gliffy.com/go/publish/12358867

  14. Pi-Hole, not just for blocking ads and tracking • Out of the ‘box’ ads/trackers & C&C blacklists ; • Many additional lists which are well maintained by security community; • Upstream DNS services (power user!)

  15. What a blocked page site looks like What about: • Images? • JavaScript? • Https? V3.2 now lets you customise block page

  16. Do I need Raspberry Pi Hardware? • NOT Raspberry Pi exclusive • Well tested on Raspberry Pi SBCs • ARM, or Intel x86/x64 • Will work with a Pi Zero and a ethernet dongle • Works on other SBCs, like Orange-Pi, see this write-up. • Works on crappy old Intel desktops too

  17. What OS will Pi-hole run on? • Will work on any modern Linux OS. Officially supported Linux distributions are:

  18. How did I set Pi- hole up at my place?

  19. Hardware I used: • Raspberry Pi 3 model B+ (overkill?) • 2 GB microSD card (smallest!) • microUSB cable for power into back of router • USB Y cables useful. • WARNING on underpowering: https://www.raspberrypi.org/help/faqs/#powerReqs

  20. Software I used • Software: • Windows 10 & Etcher.io for prepping card https://etcher.io/ • Raspbian Lite https://www.raspberrypi.org/downloads/raspbian/ • Pi-hole – installed by piping URL to bash!

  21. And you can too, with my easy 5 Step Plan..

  22. Step 1: Put image on SD Card • Format SD • Etcher.io • touch /boot/ssh Windows will try reformat unknown card because ext4. IGNORE IT

  23. Step 2: Plug into network • Patch into home router • Power with microUSB • if you don’t have a USB slot close by, an old 1 amp USB charger will do.

  24. Step 3: Figure out IP address of RPi? This is the hardest part of the whole process! There are a few methods to try….

  25. Step 3: Method 0 - PING If you’re feeling lucky, try PING ping raspberrypi

  26. Step 3: Method 1 - DHCP table on router?

  27. Step 3: Method 2 - Network Scanning • Good ol’ IP scanning. Pick one: • Nmap sudo apt install nmap • Angry IP Scanner http://angryip.org/download/ • Masscan https://github.com/robertdavidgraham/mass can • Arp-scan https://github.com/royhills/arp- scan • Scan before, and after. See what’s new!

  28. AngryIP Scanner

  29. Step 3: Method 3 • Plug RPi into a monitor and boot!

  30. Step 4: Run installer • ssh pi@raspberry • curl -sSL https://install.pi- hole.net | bash Bad idea? Read why

  31. Pi-hole is up and running.. But not a for all devices… yet • Connect to web admin using http://pi.hole/admin • Pi-hole over-take DHCP, (disable on your your router) I’ve done this on my setup because: • network printer • Get actual hostnames in your Pi-hole log

  33. (Optional) Test it out? • Reconfigure a test computer to use the IP address of Pi-Hole for its DNS.

  34. Step 5: Re-configure router DNS settings • Log into your router. • No idea how? Find your default gateway IP and try connecting with browser, e.g. http://192.168.1.1 • ipconfig or ifconfig • To get all devices on your network to use Pi-hole for DNS, you have to make a choice…

  35. You have two choices for router config Change Disable IP for DHCP & DNS have Pi- Server hole do it Questions????

  36. Changing IP for DNS on my home router

  37. Or...Disable DHCP on router

  38. …and turn on DHCP Server on Pi-hole

  40. Blocklists • Default blocklists in /etc/pihole/adlists.list • Blocklist collection here: https://wally3k.github.io/ • Your Pi-hole has a cronjob which runs pihole updateGravity once a week . • Refer to our blog post CryptoAUSTRALIA's Favourite Block Lists

  41. Blocklists using the web admin interface You can: - whitelist hosts - temporarily disable all blocks with a timer/ manually You cannot: - Make exceptions for local devices

  42. Setting up Pi-hole away from home • If you roll your own VPN on a VPS, you can setup Pi-hole on it. Then you can run it anywhere! • https://github.com/pi-hole/pi-hole/wiki/Pi-hole---OpenVPN-server

  43. Are you a Pi-hole Power User? • Self-hosted DNS • Advanced Upstream DNS • Response Policy Zone (RPZ) • We have blog posts covering these topics! Note: You don’t need to necessarily use these with Pi- Hole

  44. 1. Your Own DNS Server • No DNS requests go to third-parties • Run your DNS server in the cloud • Pi-hole <--- DNSCRYPT ---> DNS server • More details in a blog post Build a Privacy-Respecting and Threat- Blocking DNS Server

  45. 2. Advanced Upstream DNS • Third-party DNS servers • Complements Pi-Hole • Blocks malware and phishing • Admin panel • Block categories (adult, drugs, gambling, social media …) • DNS query logging and reporting • Manual blocking / whitelisting • Integration with real-time Threat Intelligence feeds ($$$ feature)

  46. 2. Advanced Upstream DNS • Strongarm https://strongarm.io • Comodo Dome Shield https://cdome.comodo.com/shield • OpenDNS https://signup.opendns.com/homefree • Quad 9 https://www.quad9.net

  47. Which is the best threat blocking DNS provider? More info? https://blog.cryptoaustralia.org.au/2017/12/23/ best-threat-blocking-dns-providers/

  48. Response Policy Zone (RPZ) • The previous two combined: • Use your own DNS server • Download RPZ-based block list • Register Strongarm business account (free) • Download BIND9.10+ config from https://app.strongarm.io/settings/rpz/

  49. Done! Let Workshop it! • If you’ve brought along a RPi, use these instructions: https://cryptoa.us/centaurus • If you’ve going to play along on the virtual machine, use these instructions: https://cryptoa.us/fornax • Join us on #Slack https://chat.cryptoaustralia.org.au/

  50. Where to get help after workshop CryptoAUSTRALIA Slack channel #pi-hole-workshop-help https://chat.cryptoaustralia.org.au/ Pi-Hole website https://pi-hole.net/ Has links to Discourse(!) , sub- Reddit, YouTube channel https://blog.cryptoaustralia.org.au

Recommend

Pi Hole Ad Blocker for Raspberry Pi found info at:

Pi Hole Ad Blocker for Raspberry Pi found info at:

Pi Hole Ad Blocker for Raspberry Pi found info at: http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/ or search for block millions of ads I greatly appreciate Jacob and his teams work on this. It has made my

319 views • 9 slides
Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry Pi? What is a Raspberry Pi? Small computer Runs Linux OS Raspberian CanaKit Raspberry Pi 3 B+ Startup Startup Open

502 views • 11 slides
Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized

Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized

Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized single-board computers developed by the Raspberry Pi Foundation to promote the teaching of basic computer science . Raspberry Pi Advantages Access

579 views • 5 slides
Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall

Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall

Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall Education Developer Advocate at Raspberry Pi Foundation Software &amp; project development Learning resources &amp; teacher training

718 views • 44 slides
Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM

Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM

Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM I - Now leading Raspberry Pi Users Group,A Japanese Raspberry Pi Community here in Japan. - Volunteer for Raspberry Pi Foundation - one of the

1.32k views • 44 slides
SecurityPi Secure your Raspberry Pi @rabimba | Mozilla Tech Speaker | RICE University OpenIoT

SecurityPi Secure your Raspberry Pi @rabimba | Mozilla Tech Speaker | RICE University OpenIoT

SecurityPi Secure your Raspberry Pi @rabimba | Mozilla Tech Speaker | RICE University OpenIoT Summit 2017 Why How Protect the Legacy Wait. Do we need protection? New IoT malware families by year. The number IoT threats jumped in 2015 and

875 views • 48 slides
Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry

Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry

Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry Pi Clusters Colin Sauz &lt;cos@aber.ac.uk&gt; Research Software Engineer Super Computing Wales Project Aberystwyth University Overview

193 views • 18 slides
Making Open Source Hardware IoT with Raspberry Pi Leon Anavi Konsulko Group

Making Open Source Hardware IoT with Raspberry Pi Leon Anavi Konsulko Group

Making Open Source Hardware IoT with Raspberry Pi Leon Anavi Konsulko Group leon.anavi@konsulko.com OpenIoT Summit 21-23 February, Portland, Oregon Agenda Raspberry Pi add-on boards for IoT Raspberry Pi HAT Raspberry Pi pHAT

484 views • 32 slides
Internet of Things (IoT) Raspberry Pi Summer Camp Tech Talk Raspberry Pi Camp IoT 1

Internet of Things (IoT) Raspberry Pi Summer Camp Tech Talk Raspberry Pi Camp IoT 1

Internet of Things (IoT) Raspberry Pi Summer Camp Tech Talk Raspberry Pi Camp IoT 1 Introduction to IoT Raspberry Pi Camp IoT 2 IoT Source: IEEE ComSoc Raspberry Pi Camp IoT 3 What is Internet of Things (IoT) - 1 According to

168 views • 15 slides
RASPBERRY PI IN AMATEUR RADIO Matthew Miller KK4NDE http://kk4nde.com WHAT IS RASPBERRY PI

RASPBERRY PI IN AMATEUR RADIO Matthew Miller KK4NDE http://kk4nde.com WHAT IS RASPBERRY PI

RASPBERRY PI IN AMATEUR RADIO Matthew Miller KK4NDE http://kk4nde.com WHAT IS RASPBERRY PI Raspberry Pi Conventional PC Runs Linux operating system Runs Linux, Windows, MacOS, etc ARM Processor Intel x86 or x86-64 Processor

679 views • 20 slides
TOS for the Raspberry Pi Yeqing Yan Abhijit Parate Anoja Rajalakshmi Arno Puder Overview:

TOS for the Raspberry Pi Yeqing Yan Abhijit Parate Anoja Rajalakshmi Arno Puder Overview:

TOS for the Raspberry Pi Yeqing Yan Abhijit Parate Anoja Rajalakshmi Arno Puder Overview: Hardware Architecture of the Raspberry Pi ARM Assembly Boot Sequence Context Switch Exception Handling Framebuffer 1 Raspberry

950 views • 79 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

540 views • 42 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

570 views • 22 slides
Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
Everything I know about Kubernetes I learned from a cluster of Raspberry Pis Jeff Geerling

Everything I know about Kubernetes I learned from a cluster of Raspberry Pis Jeff Geerling

Everything I know about Kubernetes I learned from a cluster of Raspberry Pis Jeff Geerling (geerlingguy) Builder Track - www.pidramble.com http://www.shockinglydelicious.com/dorothys-fresh-raspberry-pie-recipe/ The Big Question What can I do with

821 views • 25 slides
Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012

Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012

Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012 www.ics.com Agenda What is the Raspberry Pi? Raspberry Pi Foundation Hardware Software QtonPi Distribution QtonPi Device

716 views • 38 slides
The Raspberry Pi Initiative A Context For Authentic and Collaborative Discovery The Raspberry Pi

The Raspberry Pi Initiative A Context For Authentic and Collaborative Discovery The Raspberry Pi

The Raspberry Pi Initiative @stevenpfloyd @katrina_massey1 The Raspberry Pi Initiative A Context For Authentic and Collaborative Discovery The Raspberry Pi Initiative @stevenpfloyd @katrina_massey1 Become Familiar With The RPi Complete Some

333 views • 29 slides
Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal paul@gtisc.gatech.edu Agenda Modern Malware Obfuscations, Server-side Polymorphism, Collection Volume Malware Analysis Detection

504 views • 27 slides
Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that does something that causes harm to a user, computer or network, including viruses, trojan horses, worms, rootkits, scareware and spyware. Malware

119 views • 9 slides
GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS AGENDA Something about malware Malware internals Current analysis

398 views • 27 slides
RaspberryPi Outline Introduction to Raspberry Pi Python Electronics Linux What is

RaspberryPi Outline Introduction to Raspberry Pi Python Electronics Linux What is

RaspberryPi Outline Introduction to Raspberry Pi Python Electronics Linux What is a Raspberry Pi? University of Cambridges Computer Laboratory Decline in skill level Designed for education A credit card sized PC

613 views • 46 slides
Malware Analysis Using Visualized Image Matrices Tzu-Ming Huang CISC850 Cyber Analy@cs CISC850

Malware Analysis Using Visualized Image Matrices Tzu-Ming Huang CISC850 Cyber Analy@cs CISC850

Malware Analysis Using Visualized Image Matrices Tzu-Ming Huang CISC850 Cyber Analy@cs CISC850 Cyber Analy@cs Overview malware visual analysis method convert binary files into images Reduce computa@on major block

805 views • 22 slides
A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND

A CUCKOOS EGG IN THE MALWARE NEST ON-THE-FLY SIGNATURE-LESS MALWARE ANALYSIS, DETECTION AND CONTAINMENT FOR LARGE NETWORKS CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS MALWARE WARS In the last

313 views • 14 slides
Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer

Overview Malware Halting 1. Malware 2. Software diversity Part I: Method Development 3. Computer immunization Kjell Jrgen Hole Simula@UiB 4. Epidemiological model 5. Malware halting analysis 6. Malware halting method Last updated

672 views • 29 slides

More recommend