Battle dns0 vs NextDns

Compare list
NextDNS
dns0

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
965
This is the first time I'm hearing for DNS0. When I visited their website, I really thought it was a DNS resolver made by the EU. LOL
Tested it right now and it's rather slow for me; ping is around 25-30ms with the nearest servers in Klagenfurt. For some weird reason, two DNS IPs resolve to different countries; first one takes me to France, the other one to Austria.

Anyway, staying on CloudFlare because it has servers in Croatia, so ping is 1-3ms max for me.
 
  • Like
Reactions: Nevi and Moonhorse

cartaphilus

Level 5
Mar 17, 2023
202
For me personally the ad blocking is the only reason I use these DNS services. They block ads in many mobile apps without compromising device performance. I am using Control D at the moment. There are minor quirks but in general the experience is OK.
Funny since I don't feel any ad blocking in either my PC and especially my android. I do feel it in my TV. Or at least it blocks the stupid LG ads and LG AI based BS which is worth the price of admission in my book.

The only thing that blocks ads on my phone is AdGuard and even that is beginning to fail as more and more apps are starting to serve double encapsulated encrypted ads in their apps.
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
I believe they both use the same servers and partners, NextDNS just does not brag about it.
But in the end, it all comes down to this: some logging vs no logging (theoretically):
I more interested in security than a "fake" privacy, otherwise I would switch to DNS0 in a heartbeat.
Verified today that NextDNS definitely doesn't use the same threat intel as Dns0.eu . I came across malicious links that were recognized as such by Dns0 but not by NextDNS(all security features on).
 
F

ForgottenSeer 97327

This website webhotpics.com is blocked by DNS0 but not blocked by NextDNS.
1692375210890.png
 
F

ForgottenSeer 97327

When you look at the documentation, DNS0 does a few extra's heuristic lookups over NextDNS:

Newly Observed Domains (NOD)
Newly Observed Hostnames (NOH)
Newly Active Hostnames (NAH)
Newly Issued Certificates (NIC)

DNS0.eu has more protections and more data feeds than NextDNS, but everytime a DNS0.eu user asks for a domain to be resolved which is flagged as malicious/phishing, this IP' is shared with all other DNS0 partners. So NextDNS receives a bit of this data back. On the other hand I have not found that DNS0.eu has AI detection like NextDNS and probably does not use Google safe search (considering the fines the EU has imposed on Google in the past ) :)

NextDNS is a company of 5 people, DNS0.eu of 2 (also the founding fathers of NextDNS).
It looks DNS0 is virtual network organization where the EU only provides the funding.
@SohanRay and @sanxh you are correct DNS0 has more feeds, but when someone triggers a blocked domain at DNS0, their partners get this domain as feed to block also,
That is why NextDNS is blocking it now also, so when you do test it might seem they have the protection, but DNS0 definitely has more feeds
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Could you share some examples via dm?
if you search for revanced youtube on google for android, you'll 1 or 2 links that dns0 will block , but nextDns won't. But do note that you should be using just the NextDNS security features to see that, and not add any other blocklist from privacy tab. There are other links as well, but I found it on Alienvault OTX, and haven't saved them. e.g
revanced.io - blocked by nextDNS threat intelligence but not blocked by Dns0.
 
Last edited:
  • Like
Reactions: cryogent

SohanRay

Level 5
Thread author
Mar 19, 2022
246
This website webhotpics.com is blocked by DNS0 but not blocked by NextDNS.
The website doesn't seem malicious. ControlD, Quad9 didn't block it. Bitdefender, trendMicro also didn't block it , eventhough they also scan websites in realtime for malicious code. So most probably its a false positive.
 
  • Like
Reactions: cryogent

SohanRay

Level 5
Thread author
Mar 19, 2022
246
@SohanRay and @sanxh you are correct DNS0 has more feeds, but when someone triggers a blocked domain at DNS0, their partners get this domain as feed to block also,
That is why NextDNS is blocking it now also, so when you do test it might seem they have the protection, but DNS0 definitely has more feeds
Do you think all the false negatives that Dns0 automatically records for each partner are also ingested by NextDNS system (AI maybe)?
 
F

ForgottenSeer 97327

Do you think all the false negatives that Dns0 automatically records for each partner are also ingested by NextDNS system (AI maybe)?
Well you got a point there. Looking back the obvious block reason should have been "threat intelligence feeds" and not "artificial intelligence". The sharing of a blocked domain triggered by one partner to all other partners, is explicitly mentioned in the documentation of DNS0. Maybe my post was a wrong example and the AI engine decided to block it after initially allowing it. Long story short: I don't know the answer of your question.
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
I have developed a bit of a confusion regarding the dns0 versions (i.e dns0.eu , zero.dns0.eu , kids.dns0.eu) . dns0.eu , the default version uses the threat intelligence provided by the partners right? So does it also use any threat intel from elsewhere ?
Now regarding the zero.dns0.eu, does it use all the threat intel as dns0.eu in addition to the heuristics that it has ?
And regarding the kids.dns0.eu , does it use all the threat intel as dns0.eu and also the heuristics as the ZERO version in addition to the extras like porn that it blocks ?
 

l0rdraiden

Level 3
Verified
Jul 28, 2017
108
Another important difference is that NextDNS supports DNSCrypt and dns0 does not
Sorry this is not entirely correct, NextDNS supports DNSCrypt format for DOH addresses but does not support DNSCrypt protocol.
I mean they give you a DNSCrypt format dns but it is actually DOH. So they do not support DNSCrypt, due to this I'm using quad9 with Adguard Home
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Sorry this is not entirely correct, NextDNS supports DNSCrypt format for DOH addresses but does not support DNSCrypt protocol.
I mean they give you a DNSCrypt format dns but it is actually DOH. So they do not support DNSCrypt, due to this I'm using quad9 with Adguard Home
I have tried using Adguard on Android, always come across issues. So finally have given it up for good this time. Rely on dns level ad blocking only.
 

l0rdraiden

Level 3
Verified
Jul 28, 2017
108
I mean Adguard Home, not Adguard for android

 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
I mean Adguard Home, not Adguard for android

yeah I know, Adguard Android is product of Adguard only, so I mentioned. Even in windows it was very flawed.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Just to inform, I am using "dns0" since a few months, here for my location it's always fast speed (servers are in Germany for me in Frankfurt).
We can get almost same compared to NextDNS if you are fine without ad-blocking on DNS level and some other features...

Does this block all Ads, or ones that may not be suitable for Kids?
  • No porn or other adult websites
  • No explicit search results
  • No mature videos on YouTube
  • No dating websites or apps
  • No mixed-content websites
  • No piracy
  • No ads
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top