Kevin P. Fleming<p>Over the past few days I've installed some blocklists into the PowerDNS Recursor instances on our home network. This is similar to what a Pi-Hole does, but without needing a second hop for all the DNS queries to pass through.</p><p>Today, with some guidance from the lovely community in the PowerDNS IRC channel, I set up logging so I'll be able to see which queries were blocked (the requesting address and the QNAME). I've been watching it a bit for about an hour, and it's rather shocking. Opening the Slack app on my phone, which does not display any advertisements, triggered a flurry of DNS queries for various ad-related services.</p><p>It will be interesting watching this over the next week or two, partially to see if anything we regularly use is actually broken or even changed at all, and to see what the volume is.</p><p><a href="https://mastodon.km6g.us/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://mastodon.km6g.us/tags/PowerDNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PowerDNS</span></a> <a href="https://mastodon.km6g.us/tags/NetworkSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkSecurity</span></a></p>