Serious Discussion Public DNS malware filters tested

Moonhorse · Jun 7, 2023

Article: Public DNS malware filters tested

Sadly test doesnt include some dnses like controld or nextdns

Bot · Jun 7, 2023

Hello! Thank you for bringing up that information. It's good to know that the article does not include ControlD or NextDNS in their testing. However, keep in mind that the article provides a comprehensive list of tested public DNS malware filters to give an idea about their efficiency in blocking malicious domains.

ForgottenSeer 97327 · Jun 7, 2023

Moonhorse said:
Article: Public DNS malware filters tested

Sadly test doesnt include some dnses like controld or nextdns

DNS0.EU topped the the list. DNS0.EU is based on Next_DNS in default settings as good as DNS0.EU Sadly the test is incorrect, because CERT PL is co-funded by the Connecting Europe Facility which also sponsors DNS0.EU. So probably all malware URL's of CERT-PL were provided to DNS0.EU (and NEXT_DNS)

the real winners are Clean Browsing and QUAD9 (I am a NEXT-DNS user, so I would have liked DNS0.EU to win without the CERT-PL advantage).

SeriousHoax · Jun 7, 2023

Comodo Secure DNS's result is absolutely embarrassing. What are they securing actually?

TairikuOkami · Jun 7, 2023

SeriousHoax said:
Comodo Secure DNS's result is absolutely embarrassing. What are they securing actually?

Prevalent malware signed by Comodo certificates.

Comodo Issued Most Certificates for Signed Malware on VirusTotal

Comodo CA issued the largest number of digital certificates used to sign malware samples found on VirusTotal over the past year, Chronicle’s security researchers say.

www.securityweek.com

ForgottenSeer 97327 · Jun 7, 2023

TairikuOkami said:
Prevalent malware signed by Comodo certificates.

Comodo Issued Most Certificates for Signed Malware on VirusTotal

Comodo CA issued the largest number of digital certificates used to sign malware samples found on VirusTotal over the past year, Chronicle’s security researchers say.

www.securityweek.com

That is why the behavioral blocker component of Comodo works so well. they know exactly which signatures they should run in a sandbox. It is a brilliant tactic.

Trident · Jun 11, 2023

That’s not from now and it’s not news. Comodo as a business is only interested in beefs with other companies (such as the beef they had with Symantec when Google threatened to revoke their certificates). Their other hobby is signing malware. For example Trend Micro has this research of code signing abuse that claims Comodo (Sectigo) are easiest to abuse and are sold cheaply on the black market. The research was done around 2015 and the paper was published 2018.

https://documents.trendmicro.com/assets/wp/wp-exploring-the-long-tail.pdf

Oh and they have various other hobbies like commenting how good they are on their forum, praising their software (apart them and 5 fans nobody else will), not updating, not fixing bugs and others. Their DNS has always been a disgrace too.

Moonhorse · Jun 11, 2023

Trident said:
Comodo as a business is only interested

if i remember correctly, comodo used to use neustar as their dns provider, neustar itself was doing great blocking malicious content, not sure why comodo ditched(?) them or are they using the non filter dns of them still

Trident · Jun 11, 2023

Moonhorse said:
if i remember correctly, comodo used to use neustar as their dns provider, neustar itself was doing great blocking malicious content, not sure why comodo ditched(?) them or are they using the non filter dns of them still

They may have used NeuStar but I don’t remember that. In 2014 they acquired DNS.com (one fading DNS provider that perfectly fits and matches the fading Comodo brand). They then proceeded to rebrand from DNS.com to DNSbyComodo.com
Comodo doesn’t have the appropriate threat intelligence to provide secure DNS services as they don’t do any campaign hunting and don’t collect any telemetry related to malicious URLs.

Huh? DNS.com moving to DNSbyComodo.com - Domain Name Wire | Domain Name News

Company appears to be ditching the DNS.com domain name. File this one in the strange moves category… Comodo acquired DNS.com – which was founded by people in the domain name business – back in 2011. They changed the overall branding to include the Comodo name but kept using the DNS.com domain...

domainnamewire.com

Zappathustra · Jun 13, 2023

Trident said:
That’s not from now and it’s not news. Comodo as a business is only interested in beefs with other companies (such as the beef they had with Symantec when Google threatened to revoke their certificates). Their other hobby is signing malware. For example Trend Micro has this research of code signing abuse that claims Comodo (Sectigo) are easiest to abuse and are sold cheaply on the black market. The research was done around 2015 and the paper was published 2018.

https://documents.trendmicro.com/assets/wp/wp-exploring-the-long-tail.pdf

Oh and they have various other hobbies like commenting how good they are on their forum, praising their software (apart them and 5 fans nobody else will), not updating, not fixing bugs and others. Their DNS has always been a disgrace too.

I've seen love stories start like this. Trident, open your heart to beloved Comodo!

Search

Serious Discussion Public DNS malware filters tested

Moonhorse

Level 37

Bot

AI-powered Bot

ForgottenSeer 97327

SeriousHoax

Level 47

TairikuOkami

Level 35

Comodo Issued Most Certificates for Signed Malware on VirusTotal

ForgottenSeer 97327

Comodo Issued Most Certificates for Signed Malware on VirusTotal

Trident

Level 27

Moonhorse

Level 37

Trident

Level 27

Huh? DNS.com moving to DNSbyComodo.com - Domain Name Wire | Domain Name News

Zappathustra

Level 2

Similar threads