AVLab.pl Recommended DNS servers – which ones are the fastest and best protect the user?

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Adrian Ścibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
171

Attachments

  • AVLab polecane serwery DNS art.png
    AVLab polecane serwery DNS art.png
    302.1 KB · Views: 104
F

ForgottenSeer 97327

Dear All,

We have published a new DNS server comparison. We have tested response times using the top 1000 list of the Cloudflare Radar. In addition, we have checked the protection against phishing and malware.

Link to the publication: Recommended DNS Servers: Speed And Protection Test » AVLab

The analysis is by the author Michal Giza.
Adrian,

For NextDNS free you need to create an account and eneable all protections to get a better impression on its capabilities. Did you use the general IP addresses of Next-DNS or personal with protections enabled? Looking at the huge difference with DNS0.eu, you only used the general/generic free version (DNS0.eu runs on NextDNS software). see video below for explanation.


Normally NextDNS should score the same as DNS0.eu (which is the overall winner now)

Cloudflare
Quad9
Comodo Secure DNS
CleanBrowsing
Alternate DNS
AdGuard DNS
NextDNS
dns0.eu
Phishing
3​
2​
1​
Day 1​
75​
45​
29​
55​
28​
40​
30​
89​
Day 2​
66​
74​
28​
96​
29​
66​
28​
78​
Day 3​
47​
61​
32​
93​
12​
18​
12​
61​
Malware
Day 1​
87​
92​
25​
90​
17​
16​
25​
100​
Day 2​
86​
92​
31​
86​
20​
19​
32​
100​
Day 3​
87​
89​
50​
86​
16​
18​
28​
100​
74.67%​
75.50%​
32.50%​
84.33%​
20.33%​
29.50%​
25.83%​
88.00%​
 
Last edited by a moderator:

Adrian Ścibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
171
Adrian,

For NextDNS free you need to create an account and eneable all protections to get a better impression on its capabilities. Did you use the general IP addresses of Next-DNS or personal with protections enabled? Looking at the huge difference with DNS0.eu, you only used the general/generic free version (DNS0.eu runs on NextDNS software). see video below for explanation.


Normally NextDNS should score the same as DNS0.eu (which is the overall winner now)

Cloudflare
Quad9
Comodo Secure DNS
CleanBrowsing
Alternate DNS
AdGuard DNS
NextDNS
dns0.eu
Phishing
3​
2​
1​
Day 1​
75​
45​
29​
55​
28​
40​
30​
89​
Day 2​
66​
74​
28​
96​
29​
66​
28​
78​
Day 3​
47​
61​
32​
93​
12​
18​
12​
61​
Malware
Day 1​
87​
92​
25​
90​
17​
16​
25​
100​
Day 2​
86​
92​
31​
86​
20​
19​
32​
100​
Day 3​
87​
89​
50​
86​
16​
18​
28​
100​
74.67%​
75.50%​
32.50%​
84.33%​
20.33%​
29.50%​
25.83%​
88.00%​


No, as I know, he didn't use any external configuration for NextDNS. Just simply IP address from vendor's webpage.

Maybe next time, when we go through with refreshing test edition in 2024. Until that time, any feedback from the community would be helpful.
 
F

ForgottenSeer 97327

No, as I know, he didn't use any external configuration for NextDNS. Just simply IP address from vendor's webpage.

Maybe next time, when we go through with refreshing test edition in 2024. Until that time, any feedback from the community would be helpful.
Thanks that explains it. The video of the youtube tester clearly shows that differs a lot (general IP is NO malware protection)
 

TommyHillis

Level 1
Sep 11, 2023
27
Guys user zero trust cloudflare, and setup an automated pihole on github and its superior to every single paid DNS, and its 100% free.
Using these other ones is not a real long term solution and a waste of money. Cloudflare is the leading dns and with cloudflare zero trust you can literally filter ads, urls, and configure url lists and even a automatic pihole on it.

Vanilla Cloudflare is kids play.
 
F

ForgottenSeer 97327

@TommyHillis

How could a public feeds sourced pihole out perform (protection wise) the data feeds of security specialists?
When you look at the partners of Quad9 for instance, that is an impressive list of security companies joining forces.
How could Github based malware feeds of amateurs and hobbyists be superior to that?
 
Last edited by a moderator:

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,600
Guys user zero trust cloudflare, and setup an automated pihole on github and its superior to every single paid DNS, and its 100% free.
Using these other ones is not a real long term solution and a waste of money. Cloudflare is the leading dns and with cloudflare zero trust you can literally filter ads, urls, and configure url lists and even a automatic pihole on it.

Vanilla Cloudflare is kids play.
You require credit card details to use zero trust, so basically its not free otherwise its great service
 

jetman

Level 10
Verified
Well-known
Jun 6, 2017
464
@TommyHillis

How could a public feeds sourced pihole out perform (protection wise) the data feeds of security specialists?
When you look at the partners of Quad9 for instance, that is an impressive list of security companies joining forces.
How could Github based malware feeds of amateurs and hobbyists be superior to that?

This is a good point.

Its also not clear where NextDNS and dns0 get their thereat intelligence from. Does anyone here know?
 

jetman

Level 10
Verified
Well-known
Jun 6, 2017
464
It is not on DNS0 website, but on their social media somewhere. I once posed a picture of the logo's of their partners. Quad9 has more feeds

I found it on their website, although personally have never heard of these partners. Does anyone know much about these companies? Based on the test results DNS0 are doing something right.

Quad9 also has partners I have never heard of, although they also list F-Secure and IBM.


1697662194774.jpeg
 
Last edited:
F

ForgottenSeer 97327

Two founders of NextDNS are also the founders of DNS0.eu Romain Cointepas (also CEO DNS0.eu) and Olivier Poitrey (also Director of Engineering at Netflix). Because DNS0.eu is probably sponsored by the European Union, my guess is that the software and infrastructure partners of NextDNS and DNS0.eu are the same. The EU probably pays an annual lump-sum to NextDNS and the infrastructure partners to use the platform (GandiNet for hosting, Annexia for server network). The other DNS0 partners are probably paid by sharing data and specific services or projects (e.e. CERT.PL maintaining the threat data exchange hub).

There are some differences between NextDNS and DNS0.eu. Before AI helped to develop the AI-detection module of NextDNS, but AI is not part of DNS0.eu (yet) while Before AI also is a partner for DNS0.eu. There is also a cross link with Quad9. Cert.PL build N6 (also founded by the EU) an open source security threats exchange hub, which was also used by No-more-ransomware and GlobalCyberAlliance of which some founding parters (of those two inititaives) are also part of Quad9. That said, I can imagine there is a Chinese wall between the two (because IBM and F-secure take part in Quad9 and they might not agree their data being used by other entities).
 
Last edited by a moderator:

jetman

Level 10
Verified
Well-known
Jun 6, 2017
464
There are some differences between NextDNS and DNS0.eu. Before AI helped to develop the AI-detection module of NextDNS, but AI is not part of DNS0.eu (yet)

There seems to be two options for dns0 one is the 'default' option, but there is also a 'zero' option.
Does this take advantage of AI? Was this version which showed 100% malware blocking in the tests?

ZERO — Hardened security for highly sensitive environments.

The EU probably pays an annual lump-sum to NextDNS

I can't find any references to this on the dns0 website.
 
Last edited:
F

ForgottenSeer 97327

There seems to be two options for dns0 one is the 'default' option, but there is also a 'zero' option.
Does this take advantage of AI? Was this version which showed 100% malware blocking in the tests?

ZERO — Hardened security for highly sensitive environments.



I can't find any references to this on the dns0 website.
I can't find any references of AI (yet). Also when a government supported DNS would use AI, some might speculate that the AI is not used for malware protection alone.

That was speculation from my side. The company's providing the platform for DNS0.eu probably won't do that for free.
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,600
No, it doesnt. Its completely free, i have dozens of customer accounts with no payment method.
If they did change the TOS, just toss a paypal on the account.
paypal requires credit card aswell to pass the buying

Nothing is free, you give them your credit card details as payment
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top