Kuttz

Level 12
Verified
Should one use IPv4 or IPv6 DNS server address ? Since large majority of IPs are still on IPv4 does it make sense to use an IPv6 DNS resolver address ?
 

HarborFront

Level 46
Content Creator
Verified
Anyone tried KeweonDNS? Looks pretty impressive

What is keweon?

This word comes form the germany words "KEine WErbung ONline" which means translated to english "no advertising online".
In the meantime keweon is more than a stupid Adblock System:

  • - Advertising Blocking
  • - Privacy Protection
  • - App Protection
  • - Malware Protection
  • - Popup Blocker
  • - Privacy Protection
  • - Ransomware Protection
  • - Spyware Protection
  • - Tracing Protection
  • - Tracking Protection
  • - Virus Protection
  • - Faster Internet
  • - Lower Bandwith usage on Mobile Phones
  • - Fake Software Filter
  • - Fake Online Shop Filter
  • - Phishing Protection
  • - and a lot of other things
keweonDNS - now with DoH on INTRA

Its DNS-over-HTTPS is here

keweonDNS - now with DoH on INTRA - Post #1608

Note :- Found it in Blokada. For Windows read the above XDA-developer forum

@Evjl's Rain - Can you run a test on it, if possible? Thanks
 
Last edited:

Glashouse

Level 4
Verified
I am using Cisco Umbrella and CleanBrowsing (both paid) depending on the needs of my different systems. I have to say that Cisco Umbrella (paid OpenDNS Prosumer) has the best detection rates in my test, even better than CleanBrowsing.
You have to take into consideration that the free OpenDNS servers are not offering malware protection as Umbrella does.

So my vote goes to Cisco Umbrella & CleanBrowsing
 
  • Like
Reactions: Pat MacKnife

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
it's not easy to compare this DNS with adguard and others because I don't have enough links now but after some testing with a few malwares and many phishing links
- Adblocking: adguard = keweon, maybe adguard is slightly better. No clear indicator but they both worked
- Phishing: adguard is slightly better. Both are nowhere near neustar DNS -> still the best
- malware: adguard = keweon (I only had 6 links) => not a reliable test

I can't test CleanBrowsing now. It's not usable for me at the moment
 

Moonhorse

Level 26
Content Creator
Verified
Even comodo using neustars dns, its worse than neustar recursive. I wanted to use comodos one, but after its named neustar and being worse than actual neustar i rather swap to neustar recursive
 
5

509322

What is with the over-preoccupation with anti-phishing ? Anti-phishing, like other web content filtering, adds next to nothing to overall security.

The only place that I see people fret over web-content filtering is on the forums. So it must be a paranoia thing.
 
5

509322

Roughly 90% of all malware come via the browser (the rest via emails and links again), so avoiding landing on an infected webpage is the basics.
Not to mention, that recent phishing sites (IDN) can fool even skilled users showing the proper certificate, unless you check, who it was issued for.
People must be awfully high risk web surfers, otherwise web content filtering is an absolute waste of resources.

Web content filtering is the least effective protection - even worse than signatures.

The rationale for focusing upon web content filtering so much is erroneous.

People act like every other web page is malicious, and that just ain't true. It seems to me to be nothing but a whole bunch of needless paranoia.
 
5

509322

Combine safe DNS, add HOSTS filtering files and then add 5 browser filtering extensions. It's just ridiculous.

The likelihood of a person ever even needing the above, is probably about the same odds as that person winning money in the lottery.

The odds that such filtering will ever save a person from being infected is probably worse.
 

ticklemefeet

Level 22
Verified
My sister was clicking on recipes on Face book and other items like that and getting hit with the non-closable support site with voice. I told here to push the power button, wait a bit and start it back up again. I had an extra Malwarebytes Lic so I installed that. Now thing seem better.
 

Kuttz

Level 12
Verified
People must be awfully high risk web surfers, otherwise web content filtering is an absolute waste of resources.

Web content filtering is the least effective protection - even worse than signatures.

The rationale for focusing upon web content filtering so much is erroneous.

People act like every other web page is malicious, and that just ain't true. It seems to me to be nothing but a whole bunch of needless paranoia.
You advocating every other web page would be safe is a terrible advice. One need not be paranoia in anything but should be aware of what he/she does. Web content filtering helps to protect you from not only malware but phishing, scam sites etc which no "lock down" configurations can protect you :D
 
5

509322

You advocating every other web page would be safe is a terrible advice. One need not be paranoia in anything but should be aware of what he/she does. Web content filtering helps to protect you from not only malware but phishing, scam sites etc which no "lock down" configurations can protect you :D
I didn't advocate that every other webpage is safe.

I didn't say not to use filtering.

What I said was excessive web content filtering adds next to nothing to overall security.

There are bunches of people on the forums that emphasize excessive web content filtering, but they don't really know what it does, how it works, and most importantly the nature of malicious URLs and links.
 
Last edited by a moderator:

TairikuOkami

Level 22
Content Creator
Verified
What I said was excessive web content filtering adds next to nothing to overall security.
Just blocking porn blocks ~5% malware and if you block malware at DNS/system level, it even blocks some malware downloaders, like ransomware.
 
5

509322

Just blocking porn blocks ~5% malware and if you block malware at DNS/system level, it even blocks some malware downloaders, like ransomware.
That is just some number you came up with and it isn't accurate.

If you don't visit porn, then you don't have to filter for porn. A solution so simple that it is brilliant and orders of magnitude more effective than using multi-layered web content filtering.

I do a lot of really high risk surfing as part of my job, and I can tell you from firsthand experience that web content filtering adds next to nothing to overall protections.

Web content filtering is more important to the person's psychological state than to any really significant layer of protection.

People on the forums promote web content filtering but they don't know what they're talking about. That's what I am pointing out.

The worst are those that think somehow they will visit a website like Malwaretips, click on something, and then get re-directed to some webpage that looks like MT that unknowingly downloads and installs stuff in the background that will smash their system. There are so multiple layers of misunderstanding in such thinking.

Web content filtering is more likely to allow you to infect yourself than to save you. It's just not very effective. It is known for high false negatives. The disadvantages are numerous and high.
 
Last edited by a moderator:
  • Like
Reactions: Handsome Recluse