They can't hack your router if it's not accessible from the outside web. ISPs in Croatia by default close all ports (including 80) so no one can access router's internal page. Then you can safely use router with outdated firmware.Always wondered what that filter did, thanks for educating me
Your much more likely to get pwned by your crappy router with outdated and exploitable firmware than some weird edge case DNS attack. My 2 cents
Would the "isolate connected devices" option in the router help?
Hosting your dns locally has a price to be paid by performance.
I was not talking about hosting DNS locally. Yoga DNS just replaces the clients such as NextDNS and Controlid. Just put your DNS config in it and it enables the custom DNS systemwide using a protocol of your choosing.
I am currently trying RethinkDNS (Hagezi TIF + OISD big).
Does their client support using a custom DNS?
I'm using ControlD Setup Utility. Launched it once, set up the resolver, pressed connect and that's it. Can't be more simple than that.
The same goes to NextDNS client, but what if you keep change DNS providers? Yoga DNS can setup different profiles for different DNS providers and you can switch profiles in a click.
It is basically customized; the only downside, it does not support legacy dns for old routers.
Hagezi TIF is more than 500K; the largest Hagezi list is multi ultimate (aprox 250K); partial here mean "minor inclusion".
I'm not the kind of person that often changes things; I like to set them once for all and change only when something stops working. I tested ControlD for a month and it was reliable enough for me, so I just stick to it now.
Careful: Rethink DNS even though customizable, rarely updates their blocklists. This massively decreases effectiveness of said blocklists. From what I understand, they are usually updated once every week while some might be updated once a month.
I'll follow your advice, and shift to ControlD Hagezi TIF; no real need for ad and trackers lists as I use uBOL.
You absolutely should use ad blocking DNS along with uBOL in browser as DNS and ad blocking extensions complement each other. DNS can't block everything; can't hide ad placeholders, can't block ads that are served by first party and this is where your uBOL comes in. It uses cosmetic filtering to hide those annoying blank ad boxes and can even block ads served by the first party.
Actually browser extension can do the job much better than dns; I only use dns ad blocking for my phone; I use only Chrome on phone, which does not support extensions.
That is true, but remember: the ultimate goal is to block ads BEFORE they even have a chance to load and this is what DNS does. Ad blocking extensions block the request near the finish line, DNS blocks it at start.
I like ControlD so much; the problem, they do not provide an option to use both Hagezi TIF list with one of the ad and tracker blocking ones such as Hagezi Pro++ or OISD big; I have to choose between, or to use ControlD native list which is supposed to encompass both.
Most likely but it depends on the implementation.
You have two options:
