NextDns vs ControlD DNS
- Thread starter SohanRay
- Start date
transformer69
Level 1
- Mar 17, 2023
- 23
Could you elaborate on why you think that? I have been using adguard's public DoH in my windows 11 settings + their browser extension for blocking youtube ads. I found it really good for what it advertises. I also put the DoT in my android phone, now there's no ads inside the apps.
I don't have much experience with controlD but I used nextdns for sometime and it didn't block as much ads as adguard, also it had higher latency. Not sure about malware filtering as I rarely encounter them because of my safe browsing habits.
- Mar 19, 2022
- 246
I do tests at times to see which ones are better actually. By trying to visit malicious domains to see if the security solution is blocking me. So adguard rarely blocks any of them. ControlD and Nextdns are however pretty good. And if you're using adguard public free dns then , they actually have their dns filter present in GitHub, which ControlD and Nextdns uses in addition to other filters for blocking ads and trackers. So logically speaking, ControlD and Nextdns provides better adblocking at dns level if you consider this scenario.The browser extension is however fine to use and in video ads are something dns filtering can't block but extensions can. Although adguard does have false positives,so you need to be open to turning it off from time to time or having an allowlist.
- Apr 1, 2019
- 2,868
- Mar 19, 2022
- 246
NextDNS uses a large number of threat intelligence feeds to protect against malicious domains and IP addresses. While the exact number may vary, they use over 50 different feeds, including:
1. OpenPhish
2. PhishTank
3. Malware Domain List
4. Zeus Tracker
5. Abuse.ch
6. Spamhaus
7. Emerging Threats
8. Yoyo.org
9. SANS Internet Storm Center
10. CyberCrime
11. Ransomware Tracker
12. Quttera Threat Feed
13. Talos Intelligence
14. AlienVault Open Threat Exchange
15. Fortinet Threat Intelligence
16. IBM X-Force Exchange
17. RiskIQ
18. URLhaus
19. VirusTotal
20. And many more.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ControlD DNS uses a variety of threat intelligence feeds to protect against malicious domains and IP addresses. While the exact number may vary, they use over 15 different feeds, including:
1. Spamhaus
2. SURBL
3. PhishTank
4. Malware Domain List
5. OpenPhish
6. ZeuS Tracker
7. Emerging Threats
8. DShield
9. DNS-BH – Malware Domain Blocklist
10. Malc0de DNS
11. DNS-BH – JustDomains
12. Binary Defense Systems Artillery Threat Intelligence Feed
13. Cybercrime Tracker
14. Feodo Tracker
15. URLhaus
- Mar 19, 2022
- 246
- Jun 11, 2019
- 408
I'm using NextDNS, but I've noticed that some of the block lists haven't been updated for a long time.
nishaddesilva
Level 3
- Aug 26, 2012
- 262
New web standards are often a few years in beta When Tony and Mary are engaged for a while (beta phase relation) and have not announced their marriage (production phase), are they breaking up (discontinued)?
- Jul 5, 2019
- 607
For me is important that the filterlists (section Privacy) getting updates. Unfortunately there are some lists not updated for a long time, such as Disconnect (Ads), NSABlocklist, AdAway. The NextDNS editors should be so considerate to remove those lists.
Edit: Question, no outdated filterlists on ControlD?
Last edited:
When you have a lot of users and a lot of data entries and many data sets (blocklists), creating a blocklist per user is not an efficient approach. An alternative is to create a master (superset) with partition pointers for each blocklist that user has enabled. The data needed per user is simply a vector array containing pointers to the blocklist (partition) optimised for DNS filtering. Because this is all performance critical stuff it probably is not implemented using relational data bases, but low level displacement pointers.
When you disturb the chain of pointers, everything needs to be tested thoroughfully which is a lot of work for something that is only an optimization of disk space.Even when NextDNS did not want to change the mechanism of personal DNS blocklists, they could have simply removed them from the NextDNS my.nextdns.io management console (not removing in the blocklists from the block mechanism itself, but simply removing them as an option to choose). This simple UI-cleanup would not cost a lot of development manpower.
I agree it looks silly to offer blocklists which have not been updated for two years.
When you disturb the chain of pointers, everything needs to be tested thoroughfully which is a lot of work for something that is only an optimization of disk space.Even when NextDNS did not want to change the mechanism of personal DNS blocklists, they could have simply removed them from the NextDNS my.nextdns.io management console (not removing in the blocklists from the block mechanism itself, but simply removing them as an option to choose). This simple UI-cleanup would not cost a lot of development manpower.
I agree it looks silly to offer blocklists which have not been updated for two years.
- May 13, 2017
- 2,684
The have added several parental categories lately, like Social Networks and websites like ChatGPT. If the service were discontinued, it would no longer work. Servers are not cheap.
People tend to complain about no support, but I am not sure, what support are they expecting? If the server is down, they are automatically re-routed to another one, besides it is not really in their control, since they use rental servers, just like adguard. To put simply, if you do not know, how to use NextDNS, it is not for you, that is another reason, they have created dns0.eu
Some still use them, not updated does not mean not working. Since IPv4s have ran out, domains do not change much. I am using NoGoogle/FB, last updated 3 years ago and they work.
- Jun 11, 2019
- 408
I agree that there are some lock lists that do not need frequent updating, and which can be updated every few years. This applies to the Facebook and Google blocking lists you provided. But there are lists whose effectiveness depends on how often the update occurs - these are ad and trackers blocking lists, for example, AdAway, Disconnect, Energizer Blocklist. If such filters are not updated for six months or more, then the question arises - how effectively do these filters cope with blocking? There is blocking from these filters, but how effective is it, given the lack of updates for a long time?
- Mar 19, 2022
- 246
NextDNS takes quite a bit of time to implement updates and do not bring many updates. But the ones they bring are good ones and stable, even if they are at beta . One of the founders replied me on Github that all the beta features are pretty much stable and the beta tag will be removed soon.
- Mar 19, 2022
- 246
Support in the sense, if there's some wrong domain blocked by their threat intelligence feeds and user reports it, they should respond. Any other issue that NextDNS needs to fix, when reported , should recieve a response and a resolution in time. But then again nextDNS does state that for individual users only community forum is available.
NextDNS's Analytics is great. It breaks down which blocklist gives the best blocking of trackers, domains blocked and domains resolved. From here it can tell which filters are real good without the need of additional filters
Similar threads
