Battle NextDns vs ControlD DNS

Compare list
NextDNS
ControlD
F

ForgottenSeer 97327

@TairikuOkami thanks for the response and image. I don't have the wheel option in the blocklist

1679399934796.png
 

Attachments

  • 1679399898234.png
    1679399898234.png
    29.8 KB · Views: 147

transformer69

Level 1
Mar 17, 2023
21
For just Ad Blocking, its a good option. But for blocking malicious traffic, no. At DNS level though, ControlD and NextDNS are better for Security as well as AD blocking.
Could you elaborate on why you think that? I have been using adguard's public DoH in my windows 11 settings + their browser extension for blocking youtube ads. I found it really good for what it advertises. I also put the DoT in my android phone, now there's no ads inside the apps.
I don't have much experience with controlD but I used nextdns for sometime and it didn't block as much ads as adguard, also it had higher latency. Not sure about malware filtering as I rarely encounter them because of my safe browsing habits.
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Could you elaborate on why you think that? I have been using adguard's public DoH in my windows 11 settings + their browser extension for blocking youtube ads. I found it really good for what it advertises. I also put the DoT in my android phone, now there's no ads inside the apps.
I don't have much experience with controlD but I used nextdns for sometime and it didn't block as much ads as adguard, also it had higher latency. Not sure about malware filtering as I rarely encounter them because of my safe browsing habits.
I do tests at times to see which ones are better actually. By trying to visit malicious domains to see if the security solution is blocking me. So adguard rarely blocks any of them. ControlD and Nextdns are however pretty good. And if you're using adguard public free dns then , they actually have their dns filter present in GitHub, which ControlD and Nextdns uses in addition to other filters for blocking ads and trackers. So logically speaking, ControlD and Nextdns provides better adblocking at dns level if you consider this scenario.The browser extension is however fine to use and in video ads are something dns filtering can't block but extensions can. Although adguard does have false positives,so you need to be open to turning it off from time to time or having an allowlist.
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Did anyone ever try asking ChatGPT which threat intelligence feeds do NextDNS and ControlD DNS use and how many? .....
I did , and got some very interesting answers!
Ofcourse I don't know how much of it is correct.
 
  • Like
Reactions: blackice

SohanRay

Level 5
Thread author
Mar 19, 2022
246
I’m curious what it told you?
NextDNS uses a large number of threat intelligence feeds to protect against malicious domains and IP addresses. While the exact number may vary, they use over 50 different feeds, including:

1. OpenPhish
2. PhishTank
3. Malware Domain List
4. Zeus Tracker
5. Abuse.ch
6. Spamhaus
7. Emerging Threats
8. Yoyo.org
9. SANS Internet Storm Center
10. CyberCrime
11. Ransomware Tracker
12. Quttera Threat Feed
13. Talos Intelligence
14. AlienVault Open Threat Exchange
15. Fortinet Threat Intelligence
16. IBM X-Force Exchange
17. RiskIQ
18. URLhaus
19. VirusTotal
20. And many more.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

ControlD DNS uses a variety of threat intelligence feeds to protect against malicious domains and IP addresses. While the exact number may vary, they use over 15 different feeds, including:

1. Spamhaus
2. SURBL
3. PhishTank
4. Malware Domain List
5. OpenPhish
6. ZeuS Tracker
7. Emerging Threats
8. DShield
9. DNS-BH – Malware Domain Blocklist
10. Malc0de DNS
11. DNS-BH – JustDomains
12. Binary Defense Systems Artillery Threat Intelligence Feed
13. Cybercrime Tracker
14. Feodo Tracker
15. URLhaus
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
NextDNS uses a large number of threat intelligence feeds to protect against malicious domains and IP addresses. While the exact number may vary, they use over 50 different feeds, including:

1. OpenPhish
2. PhishTank
3. Malware Domain List
4. Zeus Tracker
5. Abuse.ch
6. Spamhaus
7. Emerging Threats
8. Yoyo.org
9. SANS Internet Storm Center
10. CyberCrime
11. Ransomware Tracker
12. Quttera Threat Feed
13. Talos Intelligence
14. AlienVault Open Threat Exchange
15. Fortinet Threat Intelligence
16. IBM X-Force Exchange
17. RiskIQ
18. URLhaus
19. VirusTotal
20. And many more.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

ControlD DNS uses a variety of threat intelligence feeds to protect against malicious domains and IP addresses. While the exact number may vary, they use over 15 different feeds, including:

1. Spamhaus
2. SURBL
3. PhishTank
4. Malware Domain List
5. OpenPhish
6. ZeuS Tracker
7. Emerging Threats
8. DShield
9. DNS-BH – Malware Domain Blocklist
10. Malc0de DNS
11. DNS-BH – JustDomains
12. Binary Defense Systems Artillery Threat Intelligence Feed
13. Cybercrime Tracker
14. Feodo Tracker
15. URLhaus
So what do you all think? Is this info correct?
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
Does NextDNS use different blocklists/threat intelligence feeds in its free, pro and business plans?
 
F

ForgottenSeer 97327

I'm not seeing any updates to NextDNS. Some features are still on beta since a long time now. Has NextDNS been discontinued?
New web standards are often a few years in beta When Tony and Mary are engaged for a while (beta phase relation) and have not announced their marriage (production phase), are they breaking up (discontinued)?
 
  • HaHa
Reactions: oldschool

Jan Willy

Level 12
Verified
Top Poster
Well-known
Jul 5, 2019
578
I'm not seeing any updates to NextDNS. Some features are still on beta since a long time now. Has NextDNS been discontinued?
For me is important that the filterlists (section Privacy) getting updates. Unfortunately there are some lists not updated for a long time, such as Disconnect (Ads), NSABlocklist, AdAway. The NextDNS editors should be so considerate to remove those lists.

Edit: Question, no outdated filterlists on ControlD?
 
Last edited:
F

ForgottenSeer 97327

When you have a lot of users and a lot of data entries and many data sets (blocklists), creating a blocklist per user is not an efficient approach. An alternative is to create a master (superset) with partition pointers for each blocklist that user has enabled. The data needed per user is simply a vector array containing pointers to the blocklist (partition) optimised for DNS filtering. Because this is all performance critical stuff it probably is not implemented using relational data bases, but low level displacement pointers.

When you disturb the chain of pointers, everything needs to be tested thoroughfully which is a lot of work for something that is only an optimization of disk space.Even when NextDNS did not want to change the mechanism of personal DNS blocklists, they could have simply removed them from the NextDNS my.nextdns.io management console (not removing in the blocklists from the block mechanism itself, but simply removing them as an option to choose). This simple UI-cleanup would not cost a lot of development manpower.

I agree it looks silly to offer blocklists which have not been updated for two years.
 
  • Like
Reactions: oldschool

TairikuOkami

Level 36
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,561
I'm not seeing any updates to NextDNS. ... Has NextDNS been discontinued?
The have added several parental categories lately, like Social Networks and websites like ChatGPT. If the service were discontinued, it would no longer work. Servers are not cheap.
capture_04232023_183027.jpg
People tend to complain about no support, but I am not sure, what support are they expecting? If the server is down, they are automatically re-routed to another one, besides it is not really in their control, since they use rental servers, just like adguard. To put simply, if you do not know, how to use NextDNS, it is not for you, that is another reason, they have created dns0.eu

The NextDNS editors should be so considerate to remove those lists.
Some still use them, not updated does not mean not working. Since IPv4s have ran out, domains do not change much. I am using NoGoogle/FB, last updated 3 years ago and they work.
 

Zorro

Level 9
Verified
Well-known
Jun 11, 2019
407
Some still use them, not updated does not mean not working. Since IPv4s have ran out, domains do not change much. I am using NoGoogle/FB, last updated 3 years ago and they work.
I agree that there are some lock lists that do not need frequent updating, and which can be updated every few years. This applies to the Facebook and Google blocking lists you provided. But there are lists whose effectiveness depends on how often the update occurs - these are ad and trackers blocking lists, for example, AdAway, Disconnect, Energizer Blocklist. If such filters are not updated for six months or more, then the question arises - how effectively do these filters cope with blocking? There is blocking from these filters, but how effective is it, given the lack of updates for a long time?
 

SohanRay

Level 5
Thread author
Mar 19, 2022
246
I'm not seeing any updates to NextDNS. Some features are still on beta since a long time now. Has NextDNS been discontinued?
NextDNS takes quite a bit of time to implement updates and do not bring many updates. But the ones they bring are good ones and stable, even if they are at beta . One of the founders replied me on Github that all the beta features are pretty much stable and the beta tag will be removed soon.
 
  • Like
Reactions: Jan Willy

SohanRay

Level 5
Thread author
Mar 19, 2022
246
The have added several parental categories lately, like Social Networks and websites like ChatGPT. If the service were discontinued, it would no longer work. Servers are not cheap.
View attachment 274813
People tend to complain about no support, but I am not sure, what support are they expecting? If the server is down, they are automatically re-routed to another one, besides it is not really in their control, since they use rental servers, just like adguard. To put simply, if you do not know, how to use NextDNS, it is not for you, that is another reason, they have created dns0.eu


Some still use them, not updated does not mean not working. Since IPv4s have ran out, domains do not change much. I am using NoGoogle/FB, last updated 3 years ago and they work.
Support in the sense, if there's some wrong domain blocked by their threat intelligence feeds and user reports it, they should respond. Any other issue that NextDNS needs to fix, when reported , should recieve a response and a resolution in time. But then again nextDNS does state that for individual users only community forum is available.
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,054
NextDNS's Analytics is great. It breaks down which blocklist gives the best blocking of trackers, domains blocked and domains resolved. From here it can tell which filters are real good without the need of additional filters

1683467056663.png


1683467148362.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top