Browsed by
Category: dns

Block Malvertising and Advertising with pfBlockerNG
Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL)

Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL)

Comments 185 comments

This walkthrough uses the DNSBL portion of pfBlockerNG to remove ads/advertising and more importantly, malvertising. It essentially creates a functionality similar to the pi-Hole project except it doesn’t require a separate piece of hardware. Instead, you just use your pfSense + pfBlockerNG! If you’re interested in a write-up on installing/configuring the pi-hole on Ubuntu, I have one here. Please note this walkthrough is for the devel version of pfBlockerNG. The pfBlockerNG-devel package is in the standard list of available packages…

Read More Read More

pi hole and ubuntu to blackhole dns
Installing pi-hole on Ubuntu 18.04 LTS

Installing pi-hole on Ubuntu 18.04 LTS

Comments 41 comments

In this guide, I will walkthrough how to install and test the pi-hole on Ubuntu and more specifically, Ubuntu Server. These same instructions may work on Ubuntu Desktop, but I strongly suggest Server. Why Ubuntu instead of a Raspberry Pi? I love Raspberry Pis and I probably own at least 10 of them. But sometimes I want to perform DNS blocking/blackholing and I either a) don’t have a Raspberry Pi in an environment or b) I have a virtual environment…

Read More Read More

Quad9 and pfSense
Configuring Quad9 on pfSense

Configuring Quad9 on pfSense

Comments 41 comments

Quad9 is a DNS platform that adds several layers of security. It does this via standard DNS queries/responses.Basically, if a machine on your network queries a known bad hostname, the Quad9 DNS server responds by stating that domain does not exist (NX DOMAIN or non-existent domain). Quad9 also allows you to use DNS over TLS. If you would like a bit more info on Quad9 including some speed benchmarks against other DNS services, I would suggest an earlier article, Quad9 – First…

Read More Read More

Bypass DNS controls with Cloudflare
Bypass DNS Controls with DNS over HTTPS (no bootstrap required)

Bypass DNS Controls with DNS over HTTPS (no bootstrap required)

Comments 0 Comment

I have a love/hate relationship with DNS over HTTPS (DoH). While I see it’s usefulness for those who live in less than savory political conditions, I also see it causing huge headaches for sysadmins — shadow IT, pen testers and hackers bypassing controls, etc. Nonetheless, this is a walkthrough for those interested in bypassing in-place DNS controls with DoH and *not* using a bootstrap address. Changelog18Feb2019 – Originally posted Many articles discuss how to configure a browser (specifically Firefox) for…

Read More Read More

Malware Browser Popup - No Ad blocking
Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL) – Old

Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL) – Old

Comments 50 comments

This walkthrough uses the DNSBL portion of pfBlockerNG to remove ads/advertising and more importantly, malvertising. It essentially creates a functionality similar to the pi-Hole project except it doesn’t require a separate piece of hardware. Instead, you just use your pfSense (pfBlockerNG)! If you’re interested in a write-up on installing/configuring the pi-hole on Ubuntu, I have one here. I love pfSense and if I could only install one package to enhance its capabilities, it would undoubtedly be pfBlockerNG. pfBlockerNG is a pfSense…

Read More Read More

Quad 9 DNS
Quad9 – First Thoughts & Benchmarks

Quad9 – First Thoughts & Benchmarks

Comments 12 comments

Quad9 is the collaboration of IBM X-Force, PCH, and Global Cyber Alliance. It provides a DNS platform that combines high performance with security by blocking known malicious domains. At the time of this writing, Quad9 was using 19 threat feeds. I’m not going to get into the marketing speak because quite frankly, enough folks cover that well enough. Quad9 <- Main Site New “Quad9” DNS service blocks malicious domains for everyone <- Ars Technica Instead, I’ll provide the bare essentials…

Read More Read More

SPF, DKIM, and DMARC testing
Testing SPF, DKIM, and DMARC

Testing SPF, DKIM, and DMARC

Comments 2 comments

If you are interested in a step-by-step implementation of SPF, DKIM, and DMARC, there’s a post for that! It’s on this site as well and it will walk you through the entire process. https://linuxincluded.com/implementing-spf-dkim-and-dmarc/ Changelog 17Nov2017 – Originally posted 25Mar2018 – Added more SPF tests specifically for lookups 19Nov2018 – Clarified some test steps and added a site Before you jump into testing SPF, DKIM, or DMARC, you need to verify where your authoritative DNS nameservers are. The easiest way…

Read More Read More

No SPF, DKIM, or DMARC = Bad Time
Implementing SPF, DKIM, and DMARC

Implementing SPF, DKIM, and DMARC

Comments 0 Comment

If you made it here, you might not be interested in the why’s of implementing the holy trinity – SPF, DKIM, and DMARC – of anti-email spoofing. However, if you’re still uncertain whether you should or shouldn’t, just do it! With the guide below, you’ll see it isn’t all that difficult and when used together, they provide great benefits like brand protection, reducing a phishing attack vector, less chance of your legitimate marketing emails ending up in spam, etc. It also…

Read More Read More

Dynamic DNS… With Google Domains?

Dynamic DNS… With Google Domains?

Comments 2 comments

I recently switched all of my domains over to Google Domains. While I didn’t have an issue with my previous domain registrar, I wanted to try something new. The primary allure of moving to Google Domains was the fact that private info domain registrations cost nothing additional over public registrations. I’ve never experienced issues as a direct result of public registrations… most likely because I always created email aliases instead of using actual email addresses. Regardless, I haven’t felt completely at…

Read More Read More