Ad-blocking with Pi-Hole

The days of needing browser plugins to block unwanted ad traffic on home networks are well and truly over and Pi-Hole just keeps delivering more and more stable innovation. There are numerous options when configuring the setup, Raspberry Pi, Docker image, virtual host or even an old physical device. Ultimately as long as you have a Linux flavour installed (see Prerequisites) it should function pretty nicely but for the sake of this guide, I will assume the Operating System (OS) has been cleanly installed on your platform of choice. Ensure you have a static IP assigned (easiest to assign this at build) and that ssh is configured to remote allow access to the host.

Log onto the host or ssh to get command line access, once complete type the below into the command line interface (CLI) and hit Enter. If it asks for your password you, it needs to be able to elevate privilege to install, once entered it will progress.

curl -sSL https://install.pi-hole.net | bash

If you prefer to see the code and subsequently run it then navigate to the folder you want to clone the repository to and run the following commands

git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
cd "Pi-hole/automated install/"
sudo bash basic-install.sh

#Optional further options can be found here https://github.com/pi-hole/pi-hole/#one-step-automated-install

Confirmation that the installation is progressing will present like Screen 1 below, followed by a sequence of information screens. Subsequently you’ll be asked to choose your preferred DNS provider (Screen 3), in my case I chose cloudflare. The next page asks for confirmation of the third party block lists, any of which can be removed if you so wish.

Screen 1
Screen 3

Next choose whether the Pi-Hole will be responding to IPv4 and/or IPv6 traffic. Now you’ll be asked to confirm the hosts IP address and gateway, which can be changed if necessary, once complete the Pi-Hole warns that statically assigned IP’s used in conjunction with DHCP can cause conflicts. Would you like the web admin interface to be installed (well you can’t see the analytics without it) and whether you want to install the web server to support the admin interface (if you have a web server installed you don’t need this one). Do you want to log the queries, well I’d hope so to be able to see the analytics. Finally you can choose the level of logging, whether domains should be hidden etc, I choose to see everything.

If an error message pops up claiming that the Pi-Hole is not able to resolve dns, it is probably trying to lookup against itself so use the following command

sudo nano /etc/resolv.conf

Find the entry for “nameserver” and change the IP to your chosen provider, in my case 1.1.1.1 or 1.0.0.1. Save the changes and progress to the next stage.

Once the command finishes running the script, Pi-Hole is pretty much installed, running the following command allows you to set the password for the admin console;

sudo pihole -a -p

Enter a sensibly complex password and store it in a password manager, then navigate to the web console by typing the IP into your browser. You’ll notice it’s not really doing anything so don’t forget to set your router DNS to point at your Pi-Hole’s IP address, or just a laptop, PC, phone in order to test how things are working, then you should be able to see the traffic flowing in over time like this.

Well that is it for the basic configuration, enjoy the analytics and ad blocking.

DNS security for all

Cloudflare have been pounding the security drum for years and I have always looked for financially viable solutions that help me stay safer than the next guy. After recently listening to the Security Now (https://twit.tv/shows/security-now) and Troy Hunt (https://www.troyhunt.com/my-weekly-updates-are-now-available-as-an-audio-podcast/) podcasts, I was intrigued about what Cloudflare could offer me on the go and there it was, 1.1.1.1 which has been a DNS offering to rival Google’s 8.8.8.8 for a short while now but Cloudflare have rolled it into an app that performs similarly to a VPN (I appreciate this is an over simplification). Using the offering on an iPhone gives me an on demand DNS directory over https or tls (depending on your preferences) which is faster than any other DNS provider. For further reading, see here for full details https://1.1.1.1/

OSSIM has limited or no connectivity: Make sure your network connection is active and try again

OSSIM has limited or no connectivity: Make sure your network connection is active and try again

In the event that you receive this message “Limited or no connectivity: Make sure your network connection is active and try again.” while trying to link OSSIM to the Open Threat Exchange (OTX) it may be that your DNS entries need adjusting. Simply SSH to the OSSIM environment and in the menu go to System Preferences, then Configure Network and Name Server (DNS) where you can change the entry to your required DNS settings.

Ensure you go back to the main menu and select Apply all Changes, this should then update the configuration file and solve the issue. You may however find that this does not help, in which case, go to  Jailbreak System and using the usual Linux navigation edit the file /etc/network/interfaces  check your details and if needed, change the DNS entry. Once complete, save and type exit, you will be returned to the main menu.

At this point you might wish to reboot the device.

” .\Global\vmx86″: The system cannot find the file specified.

Unable to open kernel device “.\Global\vmx86”:The system cannot find the file specified. Did you reboot after installing VMware Workstation?

This recently occurred on my system and although the cause is not yet know, the fix was pretty simple.

Open command prompt (Win+R) but ensure it is run as admin, try net start vmx86, it will probably fail but at least you’re not doing unnecessary steps. Now (still in cmd prompt) change directory into the Workstation install location and type vnetlib — uninstall vmx86 and reboot your physical host machine.

Open command prompt again and type vnetlib — install vmx86 then reboot again, this time the issue should be gone and you can run the VM’s as normal.

If you still have no luck then try reinstalling workstation.

The VMRC console has disconnected…attempting to reconnect

“The VMRC console has disconnected…attempting to reconnect” warning on my VMware esxi5.5 environment at work annoyed me no end for a few hours as I was baffling over what it meant.

VMRC error

There are two resolutions that I could find;

Restart the client machine, log back into the vsphere client and all should be well.

If like me however you try to avoid shutting down because it gets in the way of working then simply close vsphere client, open Task Manager and stop “vmware-vmrc.exe“, “vmware-remotemks.exe“, and “vpxclient.exe” by right clicking each event in processes and selecting “stop“. log back into vsphere client and the system should be up and running again.

What is the actual signal strength on my iPhone?

What is the actual signal strength on my iPhone? Well it probably has no useful link to the bars that you can see in the corner of your handset. Follow the below steps to change to a dB signal strength indicator.

  1. Dial *3001#12345#* on your iPhone then press Call.
  2. You’ll notice a signal strength indicator in the top left hand corner of your screen. You can toggle between signal strength bars and a number by simply taping on it. Press the home button to exit the app or if you would like the feature to be permanent, continue to the next step (you can reverse it later if you wish).
  3. Hold down on the Power button until you see the ‘slide to power off’ bar but don’t power off the device.
  4. Press down on the Home button until the app closes and you return to your home screen.

The closer your number is to zero, the stronger your signal is.

To undo this setting simply do the following.

  1. Dial *3001#12345#* on your iPhone then press Call.
  2. Press on your Home Button once

Accessing WiFi password history – Mac

In order to see the passwords used by your Mac, navigate to the applications folder and open other and then Keychain Access. Once open, select System inside the Keychain box and look for your network, double click the chosen network and tick the show password box. A dialogue box will then pop up and ask you to confirm you password and then may ask for an administrators details, complete each respectively and the password will then be shown.

%d bloggers like this: