9
My home network went from getting scanned every few hours to maybe once a week.
I set up a Raspberry Pi with Pi-hole about six months ago and pointed all my devices to it. The logs showed a ton of blocked attempts from known malicious domains. After a couple of months, the constant background noise of scans and probes just dropped off a cliff. Has anyone else seen a similar drop after running a network-level ad/malware blocker?
3 comments
Log in to join the discussion
Log In3 Comments
hayes.jake28d ago
Man, that's exactly what I was wondering about... grey6 and sean_johnson16 are onto something. I mean, did you actually see the IP reputation shift in any public blacklist databases after blocking those domains? Like, check if your IP shows up on something like Spamhaus or AlienVault before and after... I'm leaning towards thinking the drop is real because the script kiddies probably just moved on when they saw all their malware callbacks getting dropped. But still, it could be some other factor nobody's noticing yet.
6
sean_johnson161mo ago
Check the Pi-hole query log for the top blocked domains. Were they mostly from sketchy ad networks or actual malware command and control servers? I'm curious if just cutting off the ad data leaks made your IP less of a target.
5