CryptoAUSTRALIA Pi-hole Workshop
Instructions using a physical Raspberry Pi (or compatible SBC). This guide was written for the CryptoAUSTRALIA Pi-hole workshop.
This is the version of the workshop if you're using a Raspberry Pi. If you want the VM version of these instructions, look here.
Author: Nick Kavadias (CryptoAUSTRALIA)
Get the Raspbian Lite image onto an SD Card
- Download the latest version of Raspbian Lite We will also have copies available during workshop. You can verify that the image hashes match too.
- Download and install Etcher
- Insert sd card compatible with your RPi and start Etcher. Select the Raspbian Lite zip image and click Flash! If you get errors, double check that your SD Card/reader hasn't been set to 'lock'
Optional: Edit the boot directory on the image (do this if you do not know your MAC address and want an easy way to find your device in the workshop)
- Make sure you are dealing with the first partition on sd card (this should be readable on a Windows/Mac computer)
- Create an empty file called ssh to turn on ssd at boot.
- add the following to the end of cmdline.txt to change the mac address of the device, make it unique. Hex values only, i.e. 0-9,A-F
Plug your device, find IP and ssh to it
this is the hardest part of the workshop!
Plug your device into the network with ethernet and power it. Should see a red flashy light.
Try to following steps in order, depending on the specific setup for workshop there may be varying levels of success with each, find out what works.
Make sure your laptop is plugged into the same network, and try to ping the default hostname .
Scan the network, then check arp cache on your laptop and look for your mac address. On Windows this is
All else fails, plug it into a monitor and see if its booting. You should see a message with the IP address come up
ssh into your Raspberry Pi device
should have got the ip address from previous step. ssh into your device
ssh pi@<ipaddress>. The default username is pi, default password is raspberry
Change your hostname with
sudo nano /etc/hostname. If you don't like nano as a text editor, you can install vim with
sudo apt install vim
Change the password of your device with
Ready to run the Pi-hole installer, run the following command, as per the Pi-hole website:
# curl -sSL https://install.pi-hole.net | bash
This command should kick off the automated installer.
Once installer starts, you can use arrow keys to navigate and space or enter to accept
Ok all the prompts. Pick an upstream DNS provider. This is the upstream provider your Pi-hole will use, from here, you can basically accept all the defaults.
Accept changes the network settings to a static IP;
accept installing the web admin interface; and
accept logging queries.
- (Optional) Change the webadmin password:
# pihole -a -p
note: password currently set to raspberry, we have included it in instructions as its good practice and cannot be done in webadmin gui.
- If you are curious what other console commands pihole has, try
$ pihole -h. Also,
-clooks like an interesting switch!
Change DNS of your laptop to point to your Pi-hole
- Serveral ways of doing this depending on your operating system.
- On Windows, you can use a utility called Simple IP Config
- On a Linux type system you can try
echo "namserver <ipaddress> >/etc/resolv.conf
Logging into webadmin
Open up a browser on your laptop and navigate to
http://<ipaddress>/adminwhere is the actual ip address found in previous step.
If the stats are looking sad, click open another browsing window on your computer and try some websites with lots of ads.
Go back and check the Pi-hole admin dasboard, it should be populated with statistics now. If it is not, make sure you have set the DNS server on your computer to use your Pi-hole device.
Adding additional blocklists
Add some new lists:
There are some great additional block lists you can add over the default. The default blocklists are stored in
You can use the admin portal to add more lists. On the left hand side of web admin portal menu, go to Settings, then click on the + Pi-hole's block lists.
Consider adding CryptoAUSTRALIA's favourite block lists
https://hosts-file.net/exp.txt- Websites hosting exploits
https://hosts-file.net/emd.txt- Websites hosting malware
https://hosts-file.net/psh.txt- Phishing websites
https://www.malwaredomainlist.com/hostslist/hosts.txt- Does what it says on the tin, a list of malware domains
https://v.firebog.net/hosts/Airelle-hrsk.txt- Airelle's phishing domains
https://v.firebog.net/hosts/Shalla-mal.txt- Shalla's Blacklists
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt- Ransomware Tracker - Ransomware block list (general list)
https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt- Ransomware Tracker - Ransomware block list (+ Locky)
https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt- Ransomware Tracker - Ransomware block list (+ CryptoWall)
https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt- Ransomware Tracker - Ransomware block list (+ TeslaCrypt)
https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt- Ransomware Tracker - Ransomware block list (+ TorrentLocker)
http://www.networksec.org/grabbho/block.txt- ThreatExpert.com malware and adware block list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts- Unified list for blocking adware and malware
https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt- DShield.org suspicious domains (Medium)
http://someonewhocares.org/hosts/hosts- Dan Pollock's list blocking ads and spyware
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt- Block Windows 10 telemetry domains
https://v.firebog.net/hosts/static/SamsungSmart.txt- Block Samsung SmartTV trackers
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt- Disconnect.me anti-malvertising
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt- Disconnect.me ad-blocker
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt- Disconnect.me anti-tracking
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/SpotifyAds/hosts- Block Spotify Free Ads
https://gist.githubusercontent.com/anudeepND/adac7982307fec6ee23605e281a57f1a/raw/5b8582b906a9497624c3f3187a49ebc23a9cf2fb/Test.txt- Block YouTube ads
https://v.firebog.net/hosts/Easylist.txt- EasyList (same feed as in uBlock/Adblock browser plugins)
http://www.joewein.net/dl/bl/dom-bl.txt- jwSpamSpy - Domains from Spam emails
Paste the URL into the admin page textbox and wait
Finding out what's been blocked
Sometimes you'll find a website is behaving strange. If you think Pi-hole is to blame, you can click Disable -> 5 minutes You can then try reloading the page.
You can also look at the query log and then click status & sort by what's been blocked. You can try whitelisting the site by clicking whitelist button and see if that fixes it. If it doesn't, you can then remove the site you just whitelisted by going to Whitelist and removing it.
Blocking YouTube Ads
- Add the following sites to your blacklist. Make sure googlevideo.com domains are added as wildcards.
- This won't work if you're using Chrome. Refer to this discussion.
Open up terminal and try:
$ nslookup googleads.g.doubleclick.net
Compare previous result to resolving directly against Google's DNS servers:
$ nslookup googleads.g.doubleclick.net 188.8.131.52
Try visiting http://googleads.g.doubleclick.net in a web browser, the web page should be blocked
(new for v3.2) Try setting up a custom block page creating
(new for v3.2) Setup a contact email on the block page,
pihole -a email BOFH@example.com
If you want to use your Pi-hole setup at home
If want to take your Pi-hole config back home to use without setting it back up from scratch, be aware your RPi has now been confiured with a static IP address with the details on the workshop network.
To avoid having to plug your RPi into a monitor/keyboard/mouse when you get back home, do the following:
Edit the /etc/dhcpcd.conf file and remove the static ip settings:
- Delete the following last 3 lines in the file which set a static IP:
You will need to re-run the Pi-Hole installer when you get home to reconfigure the services with your home IP. i.e. the ssh into your Raspberry Pi device step