Very recent i felt one of my virtual machine is infected by a malware and i was thinking about restoring it to a clean snapshot but then i thought lets find other ways to identify and block these type of attacks. There were few more issue i wanted to resolve on my network which includes blocking of advertisements on the pages i visit, blocking all malicious IOC over network etc, one of the game BattleField 4 which i play on PS4 wasn’t able to connect to online gaming due to blocking of DNS at ISP etc.
Started doing my research where i found discovered “Pi-Hole”, Basically Pi Hole is a network wide Advertisement blocking solution (DNS Server) which can be installed on virtual machine or on your own hardware e.g RaspberryPI 3 in my case.
Pi-Hole blocks over 100k Advertisements which are served on different domains which can reduce bandwidth utilization and network can be monitored for all the DNS queries. At the moment i have been using Pi-Hole since last 3 weeks and its turning beneficial for me the following ways.
1, It blocks almost all advertisements on any device conncted to my home network.
2, I have added a custom list to block all *.no-ip.com etc DDNS list as i believe most of them are used for malicious purpose.
3, Pi-Hole lets you choose from 4-5 different vendors to choose DNS from however i have gone one level up and choose to install DNS Crypt to go with my setup, the helped me playing Battlefield 4 online easily.
You can read about pi-hole from their website : https://pi-hole.net