Advice Request NextDNS/ControlD vs Quad9, AV Web Protection

Please provide comments and solutions that are helpful to the author of this topic.

SohanRay

SohanRay

Level 5
Thread author
Mar 19, 2022
246
How well does small dns filtering services like NextDns,ControlD filter out malicious domains when compared to big players like Quad9 and AV web protections like Bitdefender Web protection, Sophos Web protection etc?
BIg players like Quad9 gathers threat intel from over 20 reputed partners. AVs like Bitdefender also gather data from millions of points of its presence, colaborates with law enforcement agencies and ISPs etc.
Considering that can services like NextDNS,ControlD even come close?
 
  • Like
Reactions: Jonny Quest, Nevi, shazi and 4 others
Templarware

Templarware

Level 9
Verified
Well-known
Mar 13, 2021
417
NextDNS blocks legit stuff, like Ubisoft games, it requires constant configuration so I stooped using it it went for Quad9.
 
  • Like
Reactions: shazi
Z

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
SohanRay said:
Considering that can services like NextDNS,ControlD even come close?
Click to expand...
You answered your own question. No, they can't come close at the moment (that will change if userbase increases). I don't browse shady domains so I can't give you my opinion on NextDns malicious blocking capability. But it's adblocking is good but they mainly only use 3rd party filters/lists, again how good their own adblocking filter/list is another matter. It does catch something, but the 3rd party filters (OISD, AdGuard, Notracking) catch a lot more/same level.
 
  • Like
Reactions: Nevi, shazi, cryogent and 2 others
SohanRay

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Templarware said:
NextDNS blocks legit stuff, like Ubisoft games, it requires constant configuration so I stooped using it it went for Quad9.
Click to expand...
Are you using blocklists in the Privacy section tab? Ads and trackers blocklists present there may be responsible for that. If you choose a bit wisely as to which ones to use, there aren't such issues usually..

Zero Knowledge said:
You answered your own question. No, they can't come close at the moment (that will change if userbase increases). I don't browse shady domains so I can't give you my opinion on NextDns malicious blocking capability. But it's adblocking is good but they mainly only use 3rd party filters/lists, again how good their own adblocking filter/list is another matter. It does catch something, but the 3rd party filters (OISD, AdGuard, Notracking) catch a lot more/same level.
Click to expand...
How would the scenario change if user base increases for those services? Are you saying they'll have more money to collaborate with reputed threat intel partners?
 
  • Like
Reactions: shazi, cryogent and Zero Knowledge
Digmor Crusher

Digmor Crusher

Level 23
Verified
Top Poster
Well-known
Jan 27, 2018
1,264
I use my ISP's DNS, running tests it seems to be the fastest, however not sure I can see the difference when we're talking miiliseconds. Google Safe Browing, Smartscreen, safe habits, UBO, and brain .exe ensures that I do not need a DNS service.
 
  • Like
  • Hundred Points
Reactions: Jonny Quest, Nevi, shazi and 5 others
Z

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
Digmor Crusher said:
Google Safe Browing, Smartscreen, safe habits, UBO, and brain .exe ensures that I do not need a DNS service.
Click to expand...
Exactly. I don't use NextDns for its malicious web protection. I use it for its adblocking/trackers and blocking unwanted TLD's on mobile and tablets.

brain.exe is best defence against malicious domains as digimor said. Malicious domains come and go so quick that any blacklist is obsolete in minutes.
 
  • Like
Reactions: Nevi, shazi, cryogent and 2 others
SohanRay

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Zero Knowledge said:
Exactly. I don't use NextDns for its malicious web protection. I use it for its adblocking/trackers and blocking unwanted TLD's on mobile and tablets.

brain.exe is best defence against malicious domains as digimor said. Malicious domains come and go so quick that any blacklist is obsolete in minutes.
Click to expand...
If you want DNS just for adblocking then you can use Control D free DNS , its free without limitations.
controld.com

Free DNS Resolvers

Control D has free DNS resolvers to block ads, malware and more. No account needed, secure protocols and no logging
controld.com controld.com
And if you are correct about 'Malicious domains come and go so quick that any blacklist is obsolete in minutes' then I guess the blocking new domains feature in NextDNS, ControlD is an execellent effective feature.
 
  • Like
Reactions: Nevi, cryogent, Shadowra and 1 other person
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,784
Digmor Crusher said:
I use my ISP's DNS, running tests it seems to be the fastest, however not sure I can see the difference when we're talking miiliseconds. Google Safe Browing, Smartscreen, safe habits, UBO, and brain .exe ensures that I do not need a DNS service.
Click to expand...
The other thing is that large ISPs tend to host CDNs for things like streaming services and large websites on their edge servers, or get optimal routing for your ISP’s network. You tend to have a better experience with those services if you just use your ISP DNS as you don’t get redirected to those servers with outside DNS services.
 
  • Like
Reactions: Nevi and Zero Knowledge
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,737
Malicious domains not necessarily come and go in minutes, I have many examples of malicious domains that have been around for quite some time.

Blocking newly registered domains is a great idea (I personally use it) but attackers and scammers in many cases can leave the domain to “marinate” for a while, before they launch a campaign. In any case, NextDNS with its AI-Driven Threat Protection blocks more than Control D but most likely falls short compared to Quad9 which gets threat intelligence feeds from better sources.
 
  • Like
Reactions: Nevi, cryogent and CyberDevil
F

ForgottenSeer 97327

QUAD9 uses only filter lists, while NextDNS also has an option to use AI. When you use public malware lists, it depends on the list you are using as a source (Next also uses public lists only different ones than Quad9).

Quad9 outperforms Next when blocking C&C servers (it was also intended as free DNS for SME and Soho). NEXT does better when blocking Phishing, they are more or less equal when it comes to Malware blocking. Because the refresh/update frequencies impact the malware blocking performance, you might get different results when testing at different moments of the day using the same sources.

When you like to play and fine tune your DNS, there is no better free DNS than NEXT (with great reporting insights and lots of security and privacy options).When you are a set and forget type of user with privacy concerns (regarding DNS logs) there is no better free DNS than Quad9. When you are set and forget and don't care about DNS logs, there is no better DNS than your ISP. Availability of servers nearby may impact your decision (more or less time to resolve the IP address belonging to the domain name you are requesting).

DNS security internals itself Next is a little better than Quad9, but that is on rarely misused features (Quad is better than most free DNS services and Next is also better and on a few points best).

I was testing URL filters some time ago, then by accident I met a guy on a party who was a free Lance security consultant. Above is the recap of the info he provided me.

The guy himself used: default DNS at home (his ISP better performance IP TV and no hassle on mobile phones when abroad) and Next on his own laptop and Quad9 on his kids laptop (telling me he would not be able to resist looking what his teen kids were visiting when they were on Next, because they deserve their own privacy he had setup their laptops with Quad9). This shows IMO we are talking about inches of differences not yards or miles in protection differences. Writing this recap I realize he did not mention were he put his wife's devices on.
 
Last edited by a moderator:
  • Like
  • Hundred Points
  • Thanks
Reactions: Nevi, [correlate], goodjohnjr and 5 others
SohanRay

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Max90 said:
QUAD9 uses only filter lists, while NextDNS also has an option to use AI. When you use public malware lists, it depends on the list you are using as a source (Next also uses public lists only different ones than Quad9).

Quad9 outperforms Next when blocking C&C servers (it was also intended as free DNS for SME and Soho). NEXT does better when blocking Phishing, they are more or less equal when it comes to Malware blocking. Because the refresh/update frequencies impact the malware blocking performance, you might get different results when testing at different moments of the day using the same sources.

When you like to play and fine tune your DNS, there is no better free DNS than NEXT (with great reporting insights and lots of security and privacy options).When you are a set and forget type of user with privacy concerns (regarding DNS logs) there is no better free DNS than Quad9. When you are set and forget and don't care about DNS logs, there is no better DNS than your ISP. Availability of servers nearby may impact your decision (more or less time to resolve the IP address belonging to the domain name you are requesting).

DNS security internals itself Next is a little better than Quad9, but that is on rarely misused features (Quad is better than most free DNS services and Next is also better and on a few points best).

I was testing URL filters some time ago, then by accident I met a guy on a party who was a free Lance security consultant. Above is the recap of the info he provided me.
Click to expand...
Great helpful Info . Thanks a million! 😊.
By the way, NextDNS does use AI but Quad9's almost every threat intel partner uses AI. So in the end its kind of the same in that respect I believe.
 
  • Like
Reactions: Nevi, [correlate] and goodjohnjr

Similar threads

H
    • +Reputation
Norton AntiVirus Plus - Ransomware protection
Replies
0
Views
803
Norton
HarborFront
H
Trident
    • Like
    • +Reputation
    • Hundred Points
Serious Discussion Harmony Endpoint by Check Point
Replies
677
Views
45,255
Other security for Windows, Mac, Linux
Sandbox Breaker
Sandbox Breaker
S
    • Like
AV-Comparatives Real-World Protection Test July-August 2022 – Factsheet
Replies
0
Views
1,105
Security Statistics and Reports
Scirious
S

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top