Advice Request Phishing Protection — Comparing DNS Security Filters

Please provide comments and solutions that are helpful to the author of this topic.

Kuttz

Level 13
Verified
Top Poster
Well-known
May 9, 2015
625
Should one use IPv4 or IPv6 DNS server address ? Since large majority of IPs are still on IPv4 does it make sense to use an IPv6 DNS resolver address ?
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Anyone tried KeweonDNS? Looks pretty impressive

What is keweon?

This word comes form the germany words "KEine WErbung ONline" which means translated to english "no advertising online".
In the meantime keweon is more than a stupid Adblock System:

  • - Advertising Blocking
  • - Privacy Protection
  • - App Protection
  • - Malware Protection
  • - Popup Blocker
  • - Privacy Protection
  • - Ransomware Protection
  • - Spyware Protection
  • - Tracing Protection
  • - Tracking Protection
  • - Virus Protection
  • - Faster Internet
  • - Lower Bandwith usage on Mobile Phones
  • - Fake Software Filter
  • - Fake Online Shop Filter
  • - Phishing Protection
  • - and a lot of other things
keweonDNS - now with DoH on INTRA

Its DNS-over-HTTPS is here

keweonDNS - now with DoH on INTRA - Post #1608

Note :- Found it in Blokada. For Windows read the above XDA-developer forum

@Evjl's Rain - Can you run a test on it, if possible? Thanks
 
Last edited:

Glashouse

Level 4
Verified
Well-known
Jun 4, 2017
174
I am using Cisco Umbrella and CleanBrowsing (both paid) depending on the needs of my different systems. I have to say that Cisco Umbrella (paid OpenDNS Prosumer) has the best detection rates in my test, even better than CleanBrowsing.
You have to take into consideration that the free OpenDNS servers are not offering malware protection as Umbrella does.

So my vote goes to Cisco Umbrella & CleanBrowsing
 
  • Like
Reactions: Pat MacKnife

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
it's not easy to compare this DNS with adguard and others because I don't have enough links now but after some testing with a few malwares and many phishing links
- Adblocking: adguard = keweon, maybe adguard is slightly better. No clear indicator but they both worked
- Phishing: adguard is slightly better. Both are nowhere near neustar DNS -> still the best
- malware: adguard = keweon (I only had 6 links) => not a reliable test

I can't test CleanBrowsing now. It's not usable for me at the moment
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Anyone tried KeweonDNS? Looks pretty impressive
@Evjl's Rain - Can you run a test on it, if possible? Thanks

Based off the list and if the list comes into a solid performance on testing I may think about using this DNS service.

Would like to know myself how this does. Didn't even knew this existed, thank you @HarborFront for showing this in the thread.

~LDogg
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Even comodo using neustars dns, its worse than neustar recursive. I wanted to use comodos one, but after its named neustar and being worse than actual neustar i rather swap to neustar recursive
 
5

509322

What is with the over-preoccupation with anti-phishing ? Anti-phishing, like other web content filtering, adds next to nothing to overall security.

The only place that I see people fret over web-content filtering is on the forums. So it must be a paranoia thing.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Roughly 90% of all malware come via the browser (the rest via emails and links again), so avoiding landing on an infected webpage is the basics.
Not to mention, that recent phishing sites (IDN) can fool even skilled users showing the proper certificate, unless you check, who it was issued for.
 
5

509322

Roughly 90% of all malware come via the browser (the rest via emails and links again), so avoiding landing on an infected webpage is the basics.
Not to mention, that recent phishing sites (IDN) can fool even skilled users showing the proper certificate, unless you check, who it was issued for.

People must be awfully high risk web surfers, otherwise web content filtering is an absolute waste of resources.

Web content filtering is the least effective protection - even worse than signatures.

The rationale for focusing upon web content filtering so much is erroneous.

People act like every other web page is malicious, and that just ain't true. It seems to me to be nothing but a whole bunch of needless paranoia.
 
5

509322

Combine safe DNS, add HOSTS filtering files and then add 5 browser filtering extensions. It's just ridiculous.

The likelihood of a person ever even needing the above, is probably about the same odds as that person winning money in the lottery.

The odds that such filtering will ever save a person from being infected is probably worse.
 
F

ForgottenSeer 69673

My sister was clicking on recipes on Face book and other items like that and getting hit with the non-closable support site with voice. I told here to push the power button, wait a bit and start it back up again. I had an extra Malwarebytes Lic so I installed that. Now thing seem better.
 

Kuttz

Level 13
Verified
Top Poster
Well-known
May 9, 2015
625
People must be awfully high risk web surfers, otherwise web content filtering is an absolute waste of resources.

Web content filtering is the least effective protection - even worse than signatures.

The rationale for focusing upon web content filtering so much is erroneous.

People act like every other web page is malicious, and that just ain't true. It seems to me to be nothing but a whole bunch of needless paranoia.

You advocating every other web page would be safe is a terrible advice. One need not be paranoia in anything but should be aware of what he/she does. Web content filtering helps to protect you from not only malware but phishing, scam sites etc which no "lock down" configurations can protect you :D
 
5

509322

You advocating every other web page would be safe is a terrible advice. One need not be paranoia in anything but should be aware of what he/she does. Web content filtering helps to protect you from not only malware but phishing, scam sites etc which no "lock down" configurations can protect you :D

I didn't advocate that every other webpage is safe.

I didn't say not to use filtering.

What I said was excessive web content filtering adds next to nothing to overall security.

There are bunches of people on the forums that emphasize excessive web content filtering, but they don't really know what it does, how it works, and most importantly the nature of malicious URLs and links.
 
Last edited by a moderator:

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
What I said was excessive web content filtering adds next to nothing to overall security.
Just blocking porn blocks ~5% malware and if you block malware at DNS/system level, it even blocks some malware downloaders, like ransomware.
 
5

509322

Just blocking porn blocks ~5% malware and if you block malware at DNS/system level, it even blocks some malware downloaders, like ransomware.

That is just some number you came up with and it isn't accurate.

If you don't visit porn, then you don't have to filter for porn. A solution so simple that it is brilliant and orders of magnitude more effective than using multi-layered web content filtering.

I do a lot of really high risk surfing as part of my job, and I can tell you from firsthand experience that web content filtering adds next to nothing to overall protections.

Web content filtering is more important to the person's psychological state than to any really significant layer of protection.

People on the forums promote web content filtering but they don't know what they're talking about. That's what I am pointing out.

The worst are those that think somehow they will visit a website like MalwareTips, click on something, and then get re-directed to some webpage that looks like MT that unknowingly downloads and installs stuff in the background that will smash their system. There are so multiple layers of misunderstanding in such thinking.

Web content filtering is more likely to allow you to infect yourself than to save you. It's just not very effective. It is known for high false negatives. The disadvantages are numerous and high.
 
Last edited by a moderator:
  • Like
Reactions: Handsome Recluse

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top