Securing the Pi-hole with fail2ban to prevent DNS Amplification attacks
Securing the Pi-hole with fail2ban to prevent DNS Amplification attacks 1. Install fail2ban sudo apt-get update ; sudo apt-get install fail2ban 2. create jail file vi /etc/fail2ban/jail.d/pihole-dns.conf [pihole-dns] enabled = true port = 53 action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp] %(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp] logpath = /var/log/pihole.log findtime = 60 maxretry = 5 bantime = 3600 3. create filter file vi /etc/fail2ban/filter.d/pihole-dns.conf # Fail2Ban configuration file # # script from www.marek.tokyo # [INCLUDES] # Read common prefixes. If any customizations available -- read them from # common.local before = common.conf [Definition] _daemon = dnsmasq # log example from /var/log/pihole.
To rid yourself of the annoying little black rectangle do the following, its only a work around but it does work.
Create a script, mine starts my kiosk as well so is called /home/pi/screen.sh
this script should look like:
#!/bin/bash
startx –help
while true; do chromium –kiosk –incognito –enable-plugins http://your web addresshere.html;sleep 180s;done
The 2nd line is my kiosk – you probably wont need it but I put it there anyway.
Then add the following line
@/home/pi/screen.sh
to the file:
/etc/xdg/lxsession/LXDE-pi/autostart
Reboot and watch the splash screen followed by a brief black flash and then your screenly, kiosk, or whatever your running without the black rectangle.