You may or may not have heard of the Pi-hole. I first came across it listening to Paul Asadoorians’ Security Weekly podcast, number 507 back in April 2017 and thought this would be perfect for me!

So what exactly is a Pi-hole?

Well, a Pi-hole can be used for a number of solutions, but mainly it acts as advertisement (and potentially malware) blocking software by sinkholing DNS requests for domains against a regularly updated blacklist. As the name would suggest you can run it on a Raspberry Pi, or in my case (which I’ll outline below) on a cut down version of a Debian/Jessie distro called DietPi in a VirtualBox VM.

I’ll assume you already have VirtualBox setup and ready to go, so the first step is to head over to http://dietpi.com/download and grab yourself the latest .ova. Once downloaded import the appliance into VirtualBox – you can leave the default settings as they are.

When you start it up for the first time you’ll probably need to change the Network Adapter to your local requirements.

The first screen you see is the login (press enter to bring up the prompt), and it’s kind enough to show you the credentials.. so follow your nose Inspector Clouseau and log on as required. You can change the default password and the syntax is at the bottom of this post.

Once in, agree to the licence and let the initial updates complete…. and wait.. just a little more..

And we’re done! for now.. Hit Enter to Continue..

Once rebooted, login once again and agree to the terms and then you should be presented with the DietPi-Software menu.

Scroll down, select “Software Optimized” and hit Enter.. You’ll see some great options in the next menu which we can explore at a later date, but for now scroll down to the bottom where you’ll see an optional install for Pi-hole.

Space bar to select and then Tab to OK.

You’ll next be prompted to set up a static IP for your Pi-hole so select Yes and then continue. I don’t know your setup and it’ll be different for everyone.. but from here set up a static IP for your network and apply.. mine looks like the following:

Once configured and applied Exit back to the DietPi-Software menu, scroll down and select Install then OK to begin

Follow any standard prompts and when asked, select ‘dietpi’ as the user account.

If prompted select Ok to install the web admin interface and agree to log queries on the next window.

Reboot when done

Once up we should be ready to rock and roll! You can view all the pretty pictures and stats by logging into the Pi-hole admin panel – (your IP may be different)

Now all you have to do is configure any clients DNS settings on your network to point to your new Pi-hole and your job is done.

NOW – I had a few issues near the end, and this is what relates to my little world of pain..

Basically I did everything as documented above, but when it came time to test, I logged into the Pi-hole dashboard and it showed NOTHING.. there were two clues though. One was the data panels just showed an updating icon (but no data) and two there was a red icon showing FTL offline (Faster Than Light) which is a new development in Pi-hole.

Anyway, long painful story short, this fixed my particular issue – I logged into the Dietpi VM and ran the #pihole command to get a list of available options.

I ran the command to update Pi-hole subsystems

# pihole -up

And from here I was warned the FTL service was out of date – did I want to update it? For sure I did! After a successful update I restarted the Dietpi and logged back into the Pi-hole web console.. much better as shown in the following capture (I’ve removed the bottom part as it shows specific websites)

A couple of quick tests to the following sites to make sure it’s working and we’re good to go.


Useful information

DietPi Default Login
Username = root
Password = dietpi

Pi-hole Default password -Can be set/reset using the following command on the DietPi

# sudo pihole -a -p

Available commands can be shown just by typing the following at the console

# pihole

There’s a few other benefits you can gain from using Pi-hole has your DNS server and I'll put those into an additional post shortly

But for now, I’m going to have a cold beer and relax for the weekend