Block ALL ads in your home network with AdGuard. In this video, NetworkChuck will show you how to block all the ads in your home network using a technique called a dns sinkhole. NetworkChuck will walk you through installing adguard on Mac and Linux, specifically a Raspberry Pi and a VPS (cloud server).
Set a Static IP Address: https://www.makeuseof.com/raspberry-pi-set-static-ip/
Change DNS Server on Your Router: https://www.avast.com/c-how-to-change-router-dns-settings
Install AdGuard Using Docker: https://codeopolis.com/posts/how-to-install-adguard-home-using-docker/
0:00 ⏩ Intro
0:34 ⏩ Captain Adguard
0:42 ⏩ What we’re going to do!!
1:26 ⏩ How ads work with DNS
2:09 ⏩ How Adguard will block ads
2:45 ⏩ The DNS Sinkhole
3:42 ⏩ You can’t block this Ad
4:08 ⏩ With Adguard you have the CONTROL!!
4:35 ⏩ Installing Adguard with a raspberry pi
6:35 ⏩ Tell all of your devices to use Adguard
7:54 ⏩ 2 ways to make sure the Adguard server never changes
9:08 ⏩ Settings to make your house Kid-friendly
9:24 ⏩ The Real power
11:14 ⏩ Using The different settings Adguard has
Add, add, add, add, add. Okay. This has to stop. I’m gonna show you how to get rid of all the ads and we’re gonna do more than just a simple browser extension. We’re gonna block it at the source and protect your entire network, your entire house, your entire family from these ads. This is agar. No, that’s a spider. No, I’m gonna murder you and your entire family. Nope, I didn’t get him. He’s gone. Ah, he’s coming towards me. He’s like got my sock and got my mouth. But you can’t block all the ads like this one here. Go ahead. Try block it. You can’t because it pro tv, it’s, it’s too awesome.
I’m Captain Agar it Pro TV too. Awesome. I want to get my
Ccna. So while they dual that out, let’s talk about what we’re doing. We’re going to install a guard in your home network and it’ll block all the ads. I’ll show you how to install on a raspberry pie. Which, wait do I have? I may have to borrow one. Hold on. Yep. I’m gonna have to borrow it from the cluster. Sorry. Cluster drop to pie. This thing’s falling apart. Okay. Raspberry pie. And I’ll show you on a cloud machine a vs. So you can share it with your friends and family and protect everybody. It’s kind of cool. I’ll also show you how to do it on Docker and because Docker can go anywhere, you can install this on pretty much anything. Anywhere. You can install anywhere. I thought that would roll off the tongue better. I need to wear coffee so you can put this thing anywhere.
Raspberry pie clown, whatever you have no excuses. Get your coffee ready. Let’s kick some ads <laugh>. Now before we can block the ads, we had to learn how they work, how they tick. So watch this and it’s pretty crazy. I’m gonna fire up wire shark. I’ll start a trace and I’ll filter off of DNS when I go to cnet.com. You can see here in Wire Shark that I ask my DNS server, Hey, where does CNET live? What does IP address? There’s my request and then the response from my DNS server. But hold up, what’s all this other stuff? Are you seeing this? We got Match do ad server.org. That’s an ad. In fact, I think a lot of these are ads and these are all DNS requests. So not only are we asking, hey, what’s cnet.com, but we’re also asking, Hey, what’s ads server.com and give me ads.
I love ads.com. And just like any webpage, our DNS server responds with the IP address. So those ad servers and our ads pop up. Now what if we did this? What if we had a DNS server that would give us cnet.com? Yeah, we wanna see that network check.com, whatever it is. But when we asked for an ad or when our browser asked for an ad, it didn’t respond. It didn’t tell us where it was. It didn’t tell us the IP address, it just threw it into a hole and said don’t come back. That’s what Agar does. When our browser asks for ad server.com or give us ads, I love ads.com. Agar our new DNS server. We’ll respond with nonsense. Nothing. And because we can’t reach out to the ad server and pull down the ad, it doesn’t load. We don’t see it. Watch this. I wanna use Agar right now.
This is straight up magic. Now watch what happens when I go to cnet.com. Like look at all this, all these add URLs, my computer’s asking for them. Hey, give them to me. He’s an addict. A it <laugh> like that. But then look what Agar responds with. Zero do zero do zero, do zero nonsense. Nothing a sinkhole. In fact, this technique is called a DNS sinkhole and all the ads get sucked in and they die. <laugh>, they do and we don’t see them anymore. And that’s the power of agar. Well that’s just half the story of why you might want to use Agar. Yes, ads suck, but the other reason you wanna do this is security and privacy. So right now, if you’re not using your own DNS server, buddy, you don’t have it. Now I’m warning you right now, if you haven’t changed your DNS settings, this is you.
Cuz by default, everything in your home network is using the DNS server provided by your is your internet service provider, which is okay, right? Because they’re totally trustworthy, not and they’re all up in your business. Every website you visit, they see, not that you have anything to hide, right? Do you too late? They already know. They already know that you went out to it pro tv.com and you won’t stop watching it cuz it’s so entertaining and it’s gonna change your life cuz you’re getting new IT skills. They know all that. We don’t want them to know that you’re gonna get your CCNA or your A plus or your Linux Plus or any of the latest and greatest IT skills. It’ll help you change your life and get a better job. We don’t want them to know that even though it pro TV is crazy entertaining.
And if you check my link below, you’ll get 30% off forever. So let’s stop them from knowing that. So by using our own DNS server, we get our privacy back, but we also get control. Get outta here. Evil isp, leave me alone. With Agar, you can actually control what people access on your network. They’re probably some things you don’t want your kids seeing. You can block that actually for your kids. Just block everything but it pro TV and network Chuck. Like that’s what you gotta do. And with Agar you can do that. You’re welcome. So now that you’re already sold, let’s take a quick sip of coffee and let’s set agar up. It’ll take about five minutes. Not even kidding. We’ll start with Mac and Linux first, which of course does include our raspberry pie. I’s holding that weird. Now if you’re working with a fresh raspberry pie and you’re actually able to get your hands on one, how did you do that?
Then you’ll wanna do a headless install, which means you won’t need a monitor or keyboard to make this thing work. Just the pie itself. An SD card, which I have right here, and a power cable. And then ethernet cable if you want a hard wire. And setting up raspberry pies nowadays are pretty stink and easy. Just take your SD card, find yourself an SD card reader, which I don’t know where mine is. I’ll be right back about it. Oh, we’ll plug that sucker in, plug it into our computer, download and run the raspberry pie imager, which is amazing. I’ll have all this in a link below by the way, we’ll choose Raspberry pi os light is our OS 32 bit. Choose our storage, choose wisely. And before you click on right calm down, click on the little gear icon there and we’ll do some raspberry pie headless of action here.
Enable SSH, set a password and even configure wireless. If you’re gonna do that, I’m gonna hard wire mine. Click save and right and yeah, quick coffee break. When it’s done, take it out, put it back into your pie or put it into your pie for the first time. I don’t know where you’re at. And then power that sucker up and wait for it to boot. And while you’re waiting for it to boot, go ahead and check your router to see what IP address it gets because your router is the one who gives it its IP address and its DNS server and I just found mine. Once you find yours, go ahead and launch CMD in Windows or Terminal Mac and Linux and citation to that bad boy. Now if you wanna do it in the cloud, just choose your cloud provider of choice. I like LE Node this fire up one of their smaller boys here.
And once it’s done cooking, go ahead and SSH into that box and we’ll keep going. Now the commands will be the same across the board. Mac or Lenox, doesn’t matter. We’ll first start out with a pseudo a P T update. Like always you have to do an update, copy break. Oh it’s a little cold. Once your list is up to date, go ahead and copy and paste this command. It’s really scary, very long, but it’s automatic and you don’t have to worry about it. So go ahead and hit enter and let the magic happen. Now what it’s doing here is actually done <laugh>. That was quick. Agar home is now installed and running. And that’s exactly what we installed. I was about to explain that before it rudely interrupt me. Agar has a lot of different products, but we installed a guard home. It is completely free and completely awesome.
Now also notice here in the output it tells us we can go to this address at Port 3000 to access the gooey. Let’s go ahead and do that right now. I’m gonna grab that, launch my web browser and go through the get started menu. What in doubt, don’t change a thing. Click on next, set up a username and password. Don’t use admin. I’m just doing this for example. And then here’s probably the most important part. Cause like right now you do have ad guards set up and it’s beautiful. It’s an amazing, it’s ready to be used, but it’s not being used yet because nothing knows about it. You gotta tell your computers, your phones, your watches, and all the stuff in your house, your TVs and your Xboxes. You gotta tell it to use this DNS server. But how well Agar is here to tell you right here, <laugh> tells you how to do it.
If you’re a glutton for punishment, you could go out to each individual device, Windows, Mac, Android, iOS and change it on each device. Change the DNS server. That’s not fun. Don’t do that. Please don’t do that. What you wanna do is what it’s telling you right here. Change the DNS server on your router. Now I would love to walk you through that, but every router is different. But where you’ll wanna be is you wanna change your DHP settings because whenever your device, your phone, whenever it connects to your network, it’ll reach out to your router, which is normally the dhgp server and it’ll say, Hey, give me an IP address. I wanna surf the web. And it’ll give it an IP address, but also it’ll give it a default gateway and a DNS server, what we wanna do is make sure it’s getting the DNS server of our ad guard little box here we set up.
Mine is 10 point 72, do 60, whatever yours is, put it there. Now, on that same note, you wanna make sure that the ad guard server, your server you just set up, we wanna make sure it’s IP address doesn’t ever change. There are two ways you can do that. One’s easy. One is hard, easy is to set a DHCP reservation on your router. Again, I can’t walk you through that. Every router is different. That’s what it’s called. And it allows you to always have the same IP address given to that device no matter what. The second option is to hard code an IP address on that server. I’m not gonna cover that here, but I do have links below where you can find out a fun fact. Follow your nerds out there. Agar can also be a DHCP server. Now it won’t replace your router, don’t do that.
But it can serve the function as DNS and dhcp. Now once you’ve changed the DNS server that your router hands out via dhcp, you’re pretty much golden. It’ll happen, but not immediately. By default, your device’s IP address reservation is about 24 hours. So might take that long, give or take. Now for a lot of you, that’s all you care about right now your ads are being put into a hole, goodbye ads. But if you’re a nerd like me and you have some extra coffee in your cup, there are some more advanced things you might wanna learn about, know about and mess with right now. Let’s look at it real quick. Coffee break. Go ahead and click continue. Continue to finish up your setup. And once you have, you’re here. Now I’m gonna switch to my cloud based server. Cause I already set that up earlier and it’s already got some queries, already got some stuff is messed with, but it’s still the default setup.
Now I’ll speed around just a couple of things. First, I go to settings up at the top here and go to general settings. General settings, you got some things if you wanna make your house a bit more kid friendly, like parental control service and safe search, which are very cool. You can also make sure that statistics are kept longer than 24 hours. Let’s go 90 days, why not? And then going back up to settings. Let’s go to DNS settings. Kind of the reason we’re here right here is where the real power of being secure and protected with your DNS stuff, <laugh> comes in. So Agar itself does not resolve IP addresses to domain names. It relies on other DNS servers, upstream DNS servers by default. It includes one from Quad nine, which is actually totally great, but you can add more. But I want to talk about this real quick.
Notice it’s a kind of a url, HTPs S, and it’s a domain name. First I want you to know that you are using secure dns. It’s actually called D O H or DNS over https. And your DNS queries are encrypted from agar to the upstream server. So not only can your ISP not see what’s going on no one can <laugh>, you’re good. And if you wanna add more as I might expect you to do, you can click on the list of known DNS providers right here. And there are a ton <laugh>, a lot to go through. But I’ll show you the ones I like first. Quad nine, the default one’s, okay, but it doesn’t include a security block list or DNS sec, which DNS SEC is amazing. It actually verifies every DNS response you get, making sure it’s legit because DNS can be poisoned, you can receive fake responses and that’s a very popular hacking attack.
I believe I have a video on it somewhere. If I don’t, I should make one. But DNS sec saves a day. So I like to use this one right here because it gives you protection against phishing, spyware and everything else I mentioned already. So I’ll just grab that address and copy it and paste it in there instead of that guy. And then two others I like, I’ll just paste right here are Google and CloudFlare. All three of these do DOH and DNS sec, which means they check my boxes and I’ll go ahead and low balance it across all of these. Now scrolling down, you do have the option of adding your own private reverse DNS servers. So if you have another DNS server in your house at your business, you can add that here. And then down here under DNS server configuration, you do want to enable DNS sec.
Keeping in mind a DNS SEC enabled resolver is required, but we just covered that, we’re good to go. And then I’ll go ahead and click on save. That’s all I care about here. Now I’m not gonna cover every setting because there are a million, but a few more things I have to tell you cause it’s so cool. Let’s go to the top. Go to settings. We’re not gonna look at encryption settings, but you should try it. It’s pretty cool. But if you click on client settings, here’s where you can control what individual devices have access to on your network. You can apply separate policies and all kinds of crazy things. These are called persistent clients. So cool. And then I’m gonna skip on over to filters up at the top here. Here is where it gets pretty cool here. I’ll click on DNS block lists.
And you can actually add more things that can block more things <laugh>. So by default, the A guard DNS filter is blocking or has 48,000 rules blocking a ton of ads. You can add more, Add more. In fact, just by clicking ad block list, you can add a bunch more from their list. Dan Pollock, wherever that guy is, game console ad block, this guy look save. And suddenly you’re blocking more and more stuff just like that. I love it. Going back up to filters, you can allow certain domains that might be blocked by one of your lists, might be kind of cool, might be what you need. You can also do DNS rewrites. And this feature I love because all the other ad blockers out there don’t really do this. I’m looking at you pie hole. Yeah, you don’t do this. Now we’re not talking about, well, you can add your own DNS entries here.
So for example, I might wanna access agar here, Agar for me local. That’s what I’ll access. I’ll just call it that. And I’ll have it go to this IP address. Bam. So now when I go to Agar for me dot local, bam, it’s there. And you can do this for anything in your house, your own DNS entries, which is powerful and fun. Now, just a few more things. Block services. This is something you may wanna do, especially if you have kids or maybe you’re trying to stay productive. So block all of these Disney plus Facebook, Instagram, and just keep it pro TV open because that’s all you should be watching right now. Anyway, I mean my YouTube channel and then also IT pro tv. And then one last thing, I wanna show you our query log where you can see all the queries, everything coming through. And that’s all I’m gonna show you. Again, there’s a lot more to add guard, but this should be enough to get you excited and get started. And honestly, it’s gonna make your experience surfing the web a lot better. It could even make your internet a bit faster, but for sure, 100% safer. And add free. Don’t forget about that. That’s it. Video over.