What Really Happens On Your Network? Redux
We spent a long time collecting a list of posts about users who had discovered shocking, interesting, or confusing things happening on their network, which became apparent when using Pi-hole to view the traffic happening on their network on a daily basis.
This post is another collection of these sorts of things and also to showcase that Pi-hole can do more than just block advertisements. Read on to see all the things people discovered on their networks…
- Part one: What Really Happens On Your Network?
- Part two: What Really Happens On Your Network?
- Part three: What Really Happens On Your Network?
- Part four: What Really Happens On Your Network?
- Part five: What Really Happens On Your Network?
- Part six: What Really Happens On Your Network?
- Part seven: What Really Happens On Your Network?
- Part eight: What Really Happens On Your Network?
- Discovered a rogue device on a private network
- Learned that a guest’s device had been infected with malware
- A DNS amplification attack
- Requests every minute for mailhub
- Samsung Smart TVs sending lots of DNS queries and lots more…
- Lots of queries to search domains from a single device
- A flood of requests for nlsk.neulion.com
- Some weird connections to ???.lan on a network
- Realizing a device had been compromised by viewing Pi-hole logs
- Excessive DNS requests from an ASUS router
- Synology Cloud Sync with HubiC was hammering out 30-50 DNS queries per second
- Being spammed by localhost queries
- Excessive ISATAP queries in Windows
- 80,000 queries within 30 minutes
- Thousands of lookups for a.root-servers.net
- Strange requests to .mil addresses
- Excessive DNS queries to download.qnap.com
- New Relic trying to gather analytics on a user
- Unusually high time sync requests
- An Amazon Echo queries example.com to test for connectivity?
- Strange requests to Comcast domains
- Thousands of mail queries from an Ubuntu box
- A Roku making strange queries (malware)?
- A compromised Pi with 2,900 queries for a Chinese domain (and again)
- A Yamaha receiver queries Spotify like crazy
- A family member fell asleep watching sports and was discovered via the query log
- More routers phoning home
- Brute force SSH attacks on a Raspberry Pi
- Queries to puppet
- 16,000 queries in one hour
- 10,000 requests to google.com in 12 hours
- 900 requests for some weird Microsoft domains
- 20,000 queries from an IoT device
- iOS Devices Querying {GUID}.local?
- August door lock sending queries
