Question AdGuard vs. Pi-hole?

Currently reading
Question AdGuard vs. Pi-hole?

2,279
956
NAS
DS220+ : DS1019+ : DS920+ : DS118 : APC Back UPS ES 700 — Mac/iOS user
Hi,

I’ve managed to run AdGuard. Thanks to @Telos mentioned video :)
Prior to that, I’ve tried Pi-hole set up to use the host on Docker (not the optimum way).

So I played with them both. I was amazed by how much they blocked and how “chatty” our devices are.

For those who tried both, why are you using one over the other? To me, it looked like Pi-hole caught much more than AdGuard but I’m not sure. Searched the internets but nothing definitive. Is it just a matter of preference?

I understand (I think) that AdGuard has better parental controls and malware detection. Is that it?
 
Personally I used both. Atm I'm on ADG and it works just fine. There is nothing that I can notice that would make me look for another solution.

Truth be told, I don't browse sites that much so not sure that I am relevant in this case, considering most of my Internet consumption is done via RSS. But, all in all, when I run it against some know AD heavy sites, I see nothing but what I wanna/should see.
 
I started with DNS filtering many years ago with DD-WRT in the router using ad lists etc. But would only enable it for devices that did a lot of browsing and this was before IoT. Once IoT started to show up and these devices were making a lot of calls to "questionable" services I found Pi-hole and haven't looked back.

Initially I did the standalone RaspberryPi but then moved to docker images for ease of update. In addition I have also forced all DNS connections though DoH (DNS over HTTPS) to prevent collection of data from the ISP and prevent external DNS man in the middle attacks. I now have two Pi-hole images on docker running to have redundancy on my network. One is still on a dedicated Pi3+ and the other is on the Synolgoy.

With the new Pi-hole update you can even get more granular and create excluded devices and groups which allows me to add Roku's to the bypass ad block list since many of their services don't run with ad block turned on.

I found that you must have a multilayer approach to security. My ingress/egress router runs Untagle for whole network firewalling various filtering rules for intrusion and other applications. Very powerful.

The DNS is filtered and masked though DoH and Pi-Hole

And then there is endpoint protection Windows Defender and others.

Pick the solutions that work for you. The all have their benefits and quirks.
 
I understand (I think) that AdGuard has better parental controls and malware detection. Is that it?
Here's an "unbiased" comparison...
PmvW2JP.png
 
In addition I have also forced all DNS connections though DoH (DNS over HTTPS) to prevent collection of data
This is something I’d like to figure out on AdGuard.

I found that you must have a multilayer approach to security. My ingress/egress router runs Untagle for whole network firewalling various filtering rules for intrusion and other applications. Very powerful.
You’re at very advanced stage compared to me starting up with all of this. What’s the router you’re using? Is that a DD-WRT? I’ve used it a long time ago on a Buffalo router. Configured two of them and one was (and still) bricked 😀
 
DNS Settings... See examples on that tab. Try a few and test them against DNS test sites. My preference was to go TLS, FWIW
Wow! That was easy. I was thinking that I might need some other arcane settings (in addition to this) to enable encrypted DNS queries. That’s why I didn’t touch it. It’s working. Thanks.
 
This is something I’d like to figure out on AdGuard.


You’re at very advanced stage compared to me starting up with all of this. What’s the router you’re using? Is that a DD-WRT? I’ve used it a long time ago on a Buffalo router. Configured two of them and one was (and still) bricked 😀
Nope I purchased a router appliance multiport from Protectili:


And went with firewall endpoint software from Untangle which is subscription based but you can also run pfSsense or OPNsense. Untangle originally came from one of the WRT projects and was available to flash on some of the advanced routers before the product became too large for firmware flashing.

I moved all the parental blocks to the router layer and the lists are well categorized and maintained by Untangle. You just have to create a "rule" in their configuration say for "pornography" and access can be blocked. It does take some work since this platform was designed for offices etc.
 
Nope I purchased a router appliance multiport from Protectili:


And went with firewall endpoint software from Untangle which is subscription based but you can also run pfSsense or OPNsense. Untangle originally came from one of the WRT projects and was available to flash on some of the advanced routers before the product became too large for firmware flashing.

I moved all the parental blocks to the router layer and the lists are well categorized and maintained by Untangle. You just have to create a "rule" in their configuration say for "pornography" and access can be blocked. It does take some work since this platform was designed for offices etc.

I have a similar mini PC that runs Sophos XG for almost 3 years now
(there is a free almost full featured edition with RAM and CPU restrictions).

I tried Untangle also, but found Sophos having a lot more features and many categories for blocking out of the box.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Question Adguard Home
Discovered one little weird something with AdGuard. Clients from another subnet (another site, connected...
Replies
39
Views
20,379

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top