Addition: My idea would be that (and this doesn’t seem likely to ever happen) every computer on the planet would be equiped with Wireshark on Earth Day. It would be forcibly installed if possible and set to a small section of the screen, always visible, for the first half hour of networl activity. My idea here is to make it clear to every computer user world-wide, what exactly their computers are doing.
I think it would also be useful to then generate a capture file that displays 53, 80, 443 connections to make it more readable. Then it would resolve and list out all the websites thst those connections represent in a massive list.
Just imagine how much people would begin to appreciate their internet connection and what is really going pn after such a scenario. Of course this idea is just basically impossible, but I think it would be a great learning tool for everyone.
There is just way too much shit loading on anyone’s computer, at any given second of the day. It’s maddening. Knowing how much crap is going on, before you ever start a program manually. Pi-hole does get a SMALL LARGE amount of it (my network is PRISTINE at boot at least on my system), but even with that, you open up wireshark and do a few “whois” commands on these IPs and see what’s it’s missing, and wow is it eye opening. I don’t think it quite gets it all.
EDIT: I turned off wireshark’s promiscuous mode, and pi-hole does seem to block absolutely E V E R Y T H I N G on my side of the network.
So if I REALLY wanted to, I would go to every single one of thees IP addresses (and yes wireshark has ip resolution, but I don’t know much about it) and figure out exactly what my tablet is doing. Pi-Hole misses so much, I’m a bit disappointed.
Also, I have TWO virtual machines running now. Maybe user error, the first one is for pi-hole on top of Windows. I then made a second one, because I have no Earthly idea on how the hell to use iptables, that’s another language for robots, not humans. So I have a VM of IPFire, just to redirect 8.8.8.8 and 8.8.4.4 but I don’t think it’s working, – but I know it was earlier today, I saw it turn black and red on those.
But then I see all these other IP addresses, what are they, where do they go? Many of them are Amazon, and NONE OF THEM are listed in pi-hole. This is just ridiculous, and every human on this Planet should have easy, understandable tools, to immediately, and permanently block any and ALL unwanted connection for any reason under the sun.
So with this setup, my tablet will now receive no internet at all, and wireshark just shows some name related to the company that sells it. But it’s not going anywhere at all. I don’t have any firewall running on the tablet at the moment, so I know this is currently user-error.
I want to also make a thread of how to bypass an additional DNS server that it adds (8.8.8.8) against the user’s settings, and the only way to bypass is DNS-over-HTTP cloud services, as for some reason, local DNS in my firewall program, on the device itself, just fails. Stuff like this leads to electronic waste when it cannot be repurposed easily when a company no longer supports a product and couldn’t care less what a user does with it, but still won’t release any patch or update to allow user modification. This is greedy, lazy, and a waste of valuable tools to share information, and I hope things improve soon.