PiHole Notes

| 3 minutes

sysadmin

I installed pihole again. I had removed it from the network several years ago, but it plays very well with my new firewall, pfsense.

I see alot of blocked traffic, particularly from amazon.

Here are some notes on that: https://discourse.pi-hole.net/t/device-metrics-us-amazon-com-requests-like-crazy/5731/25

Highlights from this link:

As we’ve accrued more devices that are constantly sending information about us, the ads and targeted marketing, along with robo calls have just gotten damned creepy and overwhelming. So, I decided to install pi-hole. Very impressed. Nearly 30% of all requests, and a high margin of traffic is just our devices tracking our kids and us. It’s been very interested to watch. We can see the data flow when we turn on devices, turn them off pick them up, tap, turn, set down, lights on, lights off, walk out of range, walk in range, stand up, sit down, login, logout. It’s been fun just testing things and seeing how insanely tracked we are. Anyhow to point. iPads with Amazon Prime Video immediately started discharging, and I could see in the pi-hole query logs the culprit. device-metrics-us.amazon.com 45 requests every few seconds.

So, here’s what I did.

  1. Setup a certificate authority. I’m a developer so I already had this.
  2. Generate a valid certificate for device-metrics-us.amazon.com 45
  3. Setup RESTful service to handle requests to POST /metricsBatch
  4. Study the posts. (You’ll need a root trusted cert and a proxy for you devices setup) There is a lot of data being sent each time you interact with Amazon Prime Video. Including, your top level LAN info (eg. 192.0.0.1), device model, customer id, ram available, disk available, app version, device id, wifi identifier of some sort, region, platform, etc.
  5. Study the response. It’s empty. Just a status 200. 6.Revise /etc/hosts on your pi-hole machine to point to your secure RESTful service that eats and logs all the requests, respond with status 200
  6. Whitelist device-metrics-us.amazon.com 45, and observe that your service is intercepting responses. The requests should not be happening every few seconds now. Instead, they happen each time you interact with prime, and approximately 1 time per minute.
  7. Delete Amazon Video from your device and cancel Amazon. Observe that battery life is better than before and bank account has more money each month.
  8. I’m honestly surprised that with all media that Apple is putting out about protecting users’ privacy, that they are permitting apps to send so much with absolutely no controls for the user to stop it or even be aware. If anything, pi-hole has made it very clear, which services and devices I want to use. I’m in the process of identifying invasive apps and services now. What I can’t control directly or via pi-hole and similar technology, I’m just purging.

I upgraded to pro ubuntu - free for 5 machines…

comments on it: https://askubuntu.com/questions/1452299/im-getting-the-message-the-following-security-updates-require-ubuntu-pro-with