Advice Request Cloudflare gateway/secure DNS vs Quad9 DNS

Please provide comments and solutions that are helpful to the author of this topic.
Cloudflare will win in speed. Don't have an answer to this one. Why not test for yourself and let us know? I know Quad9 is pretty great with blocking malware domains. Unsure about Cloudflare.
 
being your own recursive dns sever that supports DNSsec is pennies,.. if you run a pi or a pihole unbound - Pi-hole documentation
imho dont rely on a 3rd party when you can take control, be your own dns!

but back to topic betwwen 1.1.1.1 or 9.9.9.9 it doesnt matter... put one to a primary and the other to a secondary, in which order doesn't matter
, your internet will work & resolve...
its then down to which company you trust the most with every detail they gather........ #unbound
 
  • Like
Reactions: Nevi
gigi adi said:
forums.lawrencesystems.com

DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS / Cisco Umbrella

Domains list was from here: https://isc.sans.edu/suspicious_domains.html Pastebin CSV results file here Bash Script Used #!/bin/bash # Bulk DNS Lookup # Generates a CSV of DNS lookups from a list of domains. # # File name/path of domain list: domain_list='domains.txt' # One FQDN per line in...
forums.lawrencesystems.com forums.lawrencesystems.com
forums.lawrencesystems.com

DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS / Cisco Umbrella

Hi there, I’m a security researcher at DNSFilter, and I was very interested to see this test. I’ve spent a while looking into it because I was surprised by the results, and had a few comments. I had planned to reply yesterday, but my Saturday went a bit askew so I haven’t had a chance until...
forums.lawrencesystems.com forums.lawrencesystems.com
forums.lawrencesystems.com

DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS / Cisco Umbrella

Hello from Greece. Been following Tom on YouTube but this video gave me a reason to signup on the forum. I recently switched to Quad9 (57ms latency) from Cloudflare (17ms latency) since the latter was giving me some blank replies on some DNSSEC-enabled zones. I also found that Quad9 is more...
forums.lawrencesystems.com forums.lawrencesystems.com

I do not know what to believe🤪
Click to expand...
so test yourself! try each and works best for you
 
  • Like
  • +Reputation
Reactions: Nevi, gigi adi and Trooper
Trooper said:
Cloudflare will win in speed. Don't have an answer to this one. Why not test for yourself and let us know? I know Quad9 is pretty great with blocking malware domains. Unsure about Cloudflare.
Click to expand...
I have seen few people testing out in YouTube and forums. They say the secure public dns comes close. So basically if the domains from public accessible places are used then that would be the result most probably. But if tested in real life usage ,then I don't know. Plus the Gateway dns is more comprehensive with lots of blocking categories and most importantly being able to block new and newly seen domains.
 
  • Like
Reactions: Nevi and Trooper
kC77 said:
being your own recursive dns sever that supports DNSsec is pennies,.. if you run a pi or a pihole unbound - Pi-hole documentation
imho dont rely on a 3rd party when you can take control, be your own dns!

but back to topic betwwen 1.1.1.1 or 9.9.9.9 it doesnt matter... put one to a primary and the other to a secondary, in which order doesn't matter
, your internet will work & resolve...
its then down to which company you trust the most with every detail they gather........ #unbound
Click to expand...
The thing about pi hole is....can it be used on the go and configured on Android, windows devices so that I am able to use it on the go or when I am using public wifi outside my home?
 
gigi adi said:
forums.lawrencesystems.com

DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS / Cisco Umbrella

Domains list was from here: https://isc.sans.edu/suspicious_domains.html Pastebin CSV results file here Bash Script Used #!/bin/bash # Bulk DNS Lookup # Generates a CSV of DNS lookups from a list of domains. # # File name/path of domain list: domain_list='domains.txt' # One FQDN per line in...
forums.lawrencesystems.com forums.lawrencesystems.com
forums.lawrencesystems.com

DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS / Cisco Umbrella

Hi there, I’m a security researcher at DNSFilter, and I was very interested to see this test. I’ve spent a while looking into it because I was surprised by the results, and had a few comments. I had planned to reply yesterday, but my Saturday went a bit askew so I haven’t had a chance until...
forums.lawrencesystems.com forums.lawrencesystems.com
forums.lawrencesystems.com

DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS / Cisco Umbrella

Hello from Greece. Been following Tom on YouTube but this video gave me a reason to signup on the forum. I recently switched to Quad9 (57ms latency) from Cloudflare (17ms latency) since the latter was giving me some blank replies on some DNSSEC-enabled zones. I also found that Quad9 is more...
forums.lawrencesystems.com forums.lawrencesystems.com

I do not know what to believe🤪
Click to expand...
Yeah actually I thing the guy used old domains many of which were probably dead. So that test isn't much of a help.
 
Local Host said:
Ping also depends on your distance, another useless argument.
Click to expand...
Yes and if you are being routed to farther CDNs for the sites you are visiting and media you are consuming then you will have a suboptimal experience. This is why it is not always ideal performance wise to switch from an ISP DNS. Though that varies by the competency of the ISP. But a lot of the big
ones host content of the big players (YouTube, Netflix) on their edge servers much closer than where Cloudflare or Quad9 is going to route you. And those will have lower pings (as a function of distance).
 
  • Like
Reactions: Nevi and Trooper
SohanRay said:
Which blocks malicious domains better?
Click to expand...
You won't get an answer to this. malicious domains are not static, its dynamic and changes/introduces thousands of new ones every second or so. Its impossible to keep track of all of them by anyone. Apart from that phishing/malicious domains usually doesn't last more than a week or so, it goes dead or gets found after that. So what you need is something that can block newly created domains till it passes a month or so.
 
  • Like
Reactions: Nevi, gigi adi, blackice and 2 others
SohanRay said:
What do you mean still use 3rd party dns? Do you use your ISP dns?
Click to expand...
no, unbound is the dns server, in recursive mode, there is no need for forwarders, used more for privacy.. for convenience though just stick to cloudflare/quad9 both are very popular.
pihole can be used mobile if you vpn back to your network... (check out brave browser in android, adblocking already baked in, even for youtube no need for extensions/other apps)
 
  • Like
Reactions: SohanRay

You may also like...