pfSense Deep Dive: Unbound Explained!
Ғылым және технология
Consumer grade routers are like leaky boats. But you can beef up your setup using things like the pfSense open source router and firewall software.
In previous videos we've looks specifically at DNS settings, and programs like "Unbound" within pfSense. While these grant you granular control over your home network, they can also be confusing.
This video dives deeper into "Unbound", the DNS resolver on pfSense, and explains what each of its many settings means so that you can get a better understanding of just what it's capable of.
00:00 Intro
01:09 DNS/pfSense Recap
02:22 Unbound Settings Explained
11:00 DNS Forwarder Explained
11:38 Conclusion
pfSense is a great tool that gives your router a power-up, enabling greater control, enhancing security, and the ability to set up more privacy for your internet activities.
Special Thanks to John Todd for guiding us through the tutorial process!
More information on Quad9:
quad9.net/
Brought to you by NBTV team members: Lee Rennie, Sam Ettaro, Cube Boy, Reuben Yap, Will Sandoval and Naomi Brockwell
To support NBTV, visit www.nbtv.media/support
(tax-deductible in the US)
NBTV's new eBook out now!
Beginner's Introduction To Privacy - amzn.to/3WDSfku
Beware of scammers, I will never give you a phone number or reach out to you with investment advice. I do not give investment advice.
Visit the NBTV website:
nbtv.media
Watch this video on LBRY!
open.lbry.com/@NaomiBrockwell...
________________________________________________________________________
Here are a bunch of products I like and use. Using these links helps support the channel and future videos!
Recommended Books:
Beginner's Introduction To Privacy - Naomi Brockwell
amzn.to/3WDSfku
Permanent Record - Edward Snowden
amzn.to/305negc
What has the government done to our money - Rothbard
amzn.to/2KMzmcu
Extreme Privacy - Michael Bazzel (The best privacy book I've ever read)
amzn.to/3BLZ1gq
No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State - Glenn Greenwald
amzn.to/2UQmJ4m
Naomi's Privacy Bag: some of my favorite products to help protect your privacy!
Use the Brave browser! brave.com/nao076
USB-C to ethernet adapter:
amzn.to/2lOVBoy
Faraday bag (signal stopping, to protect your fob, credit card, computer, and phone)
amzn.to/3DjIvCP
Data Blocker (if you're charging your phone in an unknown port, use this so that no data is transferred)
amzn.to/2SVh0J2
Computer privacy screen (use your computer in public? Keep your information safe! Choose the size right for your computer)
amzn.to/3F816Sn
Phone privacy screen (don't let people in public see your private data, choose the size for your phone)
Samsung note 10 - amzn.to/3wNtYwb
iPhone XR - amzn.to/3Q8Sq4S
Pixel 6a - amzn.to/3i9dnQz
Camera cover (for computers and phones, so no one can access your camera without you knowing)
amzn.to/3Z1N8Mz
Privacy Tip: Turn off your wifi and bluetooth when you're not using them!!!
Пікірлер: 101
Naomi never fails us with her knowledge and outfit.
@AinzOoalG0wn
7 ай бұрын
i'm always impressed by her tech know how even if some of it is overviews. clearly has done her homework on the subject and it shows. ty for that Naomi.
@Randy-tp5lm
6 ай бұрын
I wonder if she knows who Rob Braxman Tech is, who's available on KZread is. I don't know half of what Ms. / Miss Naomi Campbell had just said,such I'm not a techie. But I DO know a few things that are important to any computer software system program. Instead of spending countless days,weeks,months,or even years just to know if your home computer is currently doing all right. No. What's best for the goose,is bad for the gander. Well, there's a difference between a BSSID and a SSID on the back of every computer module and/or its monitor, there's a way to avoid being discovered whenever you're anywhere on the internet. What about the people who had been strongly advised not to use TOR network for doing banking online on their smartphones? Degoogled smartphones are one of the best ways to have a piece of mind. Whenever anyone does that online,and having sensitive information that's out there. Every time you post about anything on any social media platform, your data gets sent to some data broker company,gets collected, analysed,then gets sold to them. What can Naomi Campbell do about that? What's her advice on what to do,and what NOT to do. I guess we got to look on her NBTV channel and her useful other website and find out. Education is key.😀
@AlphaEligon
2 ай бұрын
Tech influential & stylistically💃💃💃awesome!!!
Naomi, your videos are awesome. Your laymen explanation completely removes the complexity, confusion and mystery. Thank goodness there are individuals like you to explain items that non-technical folks can understand. Keep up the good work. 🙂🔆
Naomi, it's very important that you cover the limitations of each video's approach. Even the obvious ones, since you have a lot of new viewers.
Videos like this that break down each option in pfsense helps make it understandable. Thank you for this and I really look forward to more videos like this on pfsense!
Excellent explainer. I would love to see companies put more effort into selling off the shelf products configured with privacy first settings, but at least we have some great resources to DYI here on KZread. Thank you!
This is awesome! Thank you for your tireless efforts to provide such needed and great information and for keeping us up to date on all the ways our privacy is under attack. You're the best! Thank you!!
Thanks for keeping us safe!
Just a healthy reminder that Naomi is the greatest.
Thank you so much for this video series on pfSense. I find this topic to be fairly complex but with each video, I’m learning more.
I've setup unbound in my opnsense thanks to Naomi. Good stuff.
She's so knowledgeable and smart. I absolutely love this channel.
thanks for the video Naomi! Hope you have a good day!
Thank you, your video's are so educational and i like many i hope, appreciate the time, effort and information that comes from them. Awesome work!
Another great video explaining what happens behind the ropes.... It’s crazy how much information is shared with a simple text , ie: “Ok” It has stuff like time, geolocation the model of your device the OS it’s running your digital identity and a lot more... Imagine talking to a friend and at the end of each sentence you would have to tell the time, where you’re located what phone you have , the phones model plus it’s serial number , the duration and in some cases what you talk about or share with friends....
Thank you so much for the wonderful information. I'll be able to set this up now. 😊
Naomi thank you very much for this great video. Can’t wait for the next one!!!😊
Man, Naomi is truly going very deep inside the pfSense realm 🔥🚀 Have a great weekend and keep it up the great job 💪🏽
So informative. Very useful info. Thanks.
Thanks very much. Plz do more pfsense videos.
Using pfSense as a vpn to my home is a very useful feature no matter where I am, thx
@Bond2025
10 ай бұрын
I used to do that with PiVPN, but the people behind it don't know how to make it work with AdGuardHome the way it can with PiHole, so it's a bit useless as it is not even maintained. I asked on the site and the developers of PiVPN could not answer any simple questions on how to make it work with AdGuard Home.
Thank you once again Naomi.
You basically described my exact setup over the course of this series. Good to know im on track lol
Great work. Thank You.
Thanks, Naomi!
I love you Naomi!
Amazingly useful videos... Thank you! Do a review of the Firewalla Gold 🤓
Thank you Naomi.
@NaomiBrockwellTV
10 ай бұрын
Thanks Ron!
Naomi!,ThanksMuch!
Well, in fact I use pfsense dns resolver along with a pihole, but the pihole points to my pfsense, and pfsense's dhcp point to pihole. It's a clever way to make both work with double privacy. Thanks a lot for the video!
@keylanoslokj1806
10 ай бұрын
How do you use both
Good Video
Good video.
Making the unknown known. Thanks!
Another great presentation. I look forward to every one of them. If I had learned about this years ago when I had the chance, I would've been much better off, but then I might not have ever found your presentations. You're definitely helping this Sigma find his way through the dark. It's rare for me to need so much assistance and I appreciate it more than you could ever know. Thanks again.
I have considered this setup first time I set up pfSense, by then I ended up using pihole as my DNS resolver.
Glad to be any help for you but ... I missed your rambling (sigh). Seriously though I appreciate your content and collaboration with other like minded professionals to overcome the sneaky opportunists (kind description). Again, Thank you.
@NaomiBrockwellTV
10 ай бұрын
haha glad someone likes the rambling ;) Thanks for watching till the end!!
Unrelated to this video, but it is your latest at the time and I wanted to reach out. Seems in Australia it is impossible to do the MySudo approach for "cell phone privacy". Can you make a video or blog post about solutions/alternatives? Or is there no way we can remain contactable yet anonymous over mobile data networks when away from Wi-Fi?
For some reason quad9 is using TLS 1.2 instead of the latest TLS 1.3. QUAD9 also doesn't have ODOH or ECH which are latest standards.. So quad9 while being dedicated is a little behind the competition like cloudflare. I sincerely hope they get up to speed & add more worldwide PoPs/datacenters, peer at more exchanges & do the necessary for regions that need quad9 the most.
@joshuatimothy2966
10 ай бұрын
You do realize that upgrading to the latest version has risks such as zero day and unpatched exploits right. Plus TLS 1.2 has far less valnerabilites than TLS 1.3 . Also the difference 256 bit encryption vs the 512 bit encryption is the load time, the actual ability to keep your traffic safe is next to none. Deuces
Disable override DNS, which allows your DNs servers to be overridden by your ISP via WAN
Naomi, I wish to know if this works also on a Swisscom router and with ProtonVPN working? Many thanks for your great and informative videos.
@NaomiBrockwellTV
3 ай бұрын
When you have a vpn, the VPN actually is in charge of your DNS, but you can tweak things. I have changed the dns settings on my router for all of the devices on my network that I can't install a VPN on, and my VPN takes care of dns for my phone and computers
I wonder if this can be done with pihole unbound to encrypt the queries to quad 9.
Helps
Am I able to do pretty much the same with my Xfinity gateway (as long as I don't have it in "auto-switching mode")? And sans the software? Would be great if you would cover these gateways, or make a short "how-to" or tutorial video about making Xfinity gateways more secure beyond the regular, "Change the password, stupid:" videos common on KZread. This is a great tutorial BTW. Thanks for publishing! 👍🏻
Do I see a Frazetta on the bottom right of your wall? Can't tell from my phone screen.
I have subscribed to you
@NaomiBrockwellTV
10 ай бұрын
Thank you!
i would love to see a video about super apps cuz it seems that everyone want to make one
Checking DNS query forwarding will set unbound in forwarding mode not resolver mode. Sending all queries to quad9 instead of the root servers directly. Tought one... The default is resolver mode - unchecked.
@Naomi Wondering if you have come across Qortal? Private Decentralised Internet etc.
How do i check if the configuration is working?
I like pfsense, but I prefere AdGuard inside docker, it's simpler to manage
Hi Naomi, what’s the difference between this and a good VPN? I don’t completely understand 🙁
@NaomiBrockwellTV
10 ай бұрын
This gives you more granular control. A good VPN is a more simple way to have someone else handle your DNS
@SilentReflection86
10 ай бұрын
@@NaomiBrockwellTV But that's not as fun!
@Bond2025
10 ай бұрын
@@NaomiBrockwellTV It also breaks a lot of sites and a lot of the internet! People put massive block lists together than ruin most sites.
I'm surprised you choose pfSense over OPNsense, but great video regardless.
What about OPNsense, a fork of pfSense? Heard that OPNsense was forked because of lack of updates/improvements to pfSense over the years.
im using portmaster
ok, ummm... how do i get pfsense? went looking says i need netgate installer, zero charge wont continue after filling out page checking agree thingy at bottom ... now what?
👍🏻
A number of DNS providers support Encrypted DNS - more than "a few" in-fact.
10:25 I see what you did there :D
Hi, I need your help. I have Ubuntu 18.04 on my laptop and it has a VPN settings configured on it. I think its managed through pfsense I use this VPN to connect to my work environment Now my query is that when I connect to this VPN I connect to my work network & am able to work inside it, but this disconnects the internet connectivity that is working on my base machine. I want the internet to be working on my base system as well & also should be able to connect to my work network as a lot of websites are blocked inside the work network. Split Tunneling is enabled on the VPN server but it seems my system is missing some configuration which is causing it to not work Can you please tell me what settings I need to do on my laptop VPN to make this work. Kindly help. Thanks & regards,
I feel like such a nerd since I memorized all four of quad9's DNS servers.
how do we download torrents in private thanks
0:54 I swear I heard you saying "beafing up your ass up"
To simplify it a DNS service is the equivalent on old landline phone being able to show you who’s calling or who you’re calling. So you don’t have to know the IP adresse (phone number) to the site you just use it’s name...lol How many of us are not using phone numbers anymore, but imagine if we had to remember the IP adresses of all the sites you visit... So it’s easy for a DNS service to route you to a bad site, since they decide what number you’re dialling...
Can you please show how to install protonvpn and how to make your phone use the pfsense as a vpn please please and thank you for all your content
Just resolve it with the owning NSs. You aren't hiding as much as you think you are until ECH is everywhere since ESNI is dead.
But what is pfsense?
How does quad9 make money?
This video is outdated. The "DHCP Registration" section no longer exists and I can't find that setting anywhere in the current version of pfsense. Excellent video otherwise!
🙏💗🔐💯Best privacy channel on KZread ! And nicest host KZreadr as well. Have a "private" crush 😍 for Naomie and her cause💗
@NaomiBrockwellTV
10 ай бұрын
I have a crush on privacy
Sure wish this was OpnSense instead of pfSense seeing how pfSense does not have a very good business model and history.
1st! 😁
@NaomiBrockwellTV
10 ай бұрын
hi!
OPNsense is better
my dns has been hijacked so badly that i can't even run this video
Grandma is back again 😂😂😂😂 xD
USELESS unless you ALSO force DNS redirection so NO COMPUTER can use/contact OTHER DNS! Another EXAGGERATION to get clicks/fans, BUT, at the end of the day, SOMEBODY WILL KNOW your DNS queries and your ISP may not “see” your DNS queries but the ISP is the one that will ROUTE YOUR CONNECTION, right?