- Mar 19, 2022
- 246
VPN vs DNS: which is better for protection against malicious domains and attackers?
- Thread starter SohanRay
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Apr 1, 2019
- 2,798
Router based IP/URL filtering, IDS, or browser extensions and/or AV filtering. These tend to be much more effective than any DNS service.
I wouldn’t rely solely on a DNS filtering service. It’s a nice additional layer.
- Mar 19, 2022
- 246
Ok
Ohk. I just got a phishing link through text message. In windows only Bitdefender blocked it,but in Android Bitdefender didn't, Sophos didn't, Nextdns didn't, Quad9 didn't, Cloudflare gateway didn't, ControlD paid version didn't block it!
- Apr 1, 2019
- 2,798
Nothing blocks everything. I get phishing texts regularly, I just delete them. The best defense against phishing is education. I know for less tech savvy people that can be a challenge, so some layer of protection helps. But there is no 100% protection against true 0-day of anything.
simbatippe1234
Level 3
- Oct 14, 2021
- 112
Hi, I only use my NordVPN when I am on shady websites or doing other questionable stuff, I am not that technical so I don't know which solution is the safest, but I will put my money on DNS Firewall.
- Jul 23, 2017
- 46
the summary is that none are really necessary?
vpn is only useful on open wifi networks and dns is useful as an extra layer
vpn is only useful on open wifi networks and dns is useful as an extra layer
- Feb 25, 2017
- 2,512
I wouldn't say that. Being connected to a VPN 24/7 brings more problems than it solves. Connection slowdowns, being unable to access some sites that block VPNs etc.
For me personally it only makes sense enabling a VPN when you need it for unblocking geo-restricted content or while you are torrenting. Using an encrypted DNS server with malicious site and phishing site blocking for your day to day browsing is a much easier and more comfortable solution. It adds extra privacy and security without a negative impact on your browsing. For most people the third-party DNS providers are even faster than the one provided by their ISP.
- Jul 23, 2017
- 46
It's true, with the vpn boom I've bought several vpns and lately I don't even use them, they often block content, for example apple music, some microsoft features, some websites...
I find it somewhat annoying to be deactivating and activating, in addition to peaks of slowing down the internet or disconnections. I'm going to investigate more about DNS
- Feb 25, 2017
- 2,512
I can recommend this video if you have some time to spare:
- Sep 2, 2021
- 2,323
Hello,
If I can help, I am connected h24 to my vpn, without slowdown.
After I use the Wireguard protocol which is more optimized.
If I can help, I am connected h24 to my vpn, without slowdown.
After I use the Wireguard protocol which is more optimized.
- Feb 25, 2017
- 2,512
While that may be true it still won't have any relevant positive impact in your day to day computer activities. Why spoofing your IP when watching Youtube, reading on news sites and checking emails? I don't see the reason of having a VPN enabled 24/7. Instead you could just use encrypted DNS and enable your VPN if you really need it.
- Mar 19, 2022
- 246
Just a thought, I have been trying out Cloudflare gateway dns .Its free plan. It seems promising with customisation options.Has a lot of content filtering options. Ads and trackers are missing though. But I added all the domains from the ad block tester site to blocked list and its working well enough for me uptil now.
- Feb 25, 2017
- 2,512
Looks interesting. Will check it out.
- Mar 19, 2022
- 246
Another thing,they(Cloudflare) don't really mention it but,they too use AI/ML to flag malicious domains and have the option to block new/newly seen domains.Looks interesting. Will check it out.
Guess I should have posted this in my previous post about comparing dns services.
- Jul 23, 2017
- 46
I have read in this thread that quad9 is better than nextdns, but my little experience with nextdns is very good, quad9 if I am not mistaken does not offer any way to check the data.
As a result of this thread I am more interested in the dns, I want to try later the new dns of adguard, blitz ahadns, controlid of windscribe.
As a result of this thread I am more interested in the dns, I want to try later the new dns of adguard, blitz ahadns, controlid of windscribe.
- Apr 1, 2019
- 2,798
Quad9 is better than NextDNS in one category and that is malware filtering. For my control and oversight over your DNS use NextDNS is the way to go.
- Aug 28, 2015
- 772
Was going to check this out until I saw this.
Note: A credit card is required for our user-limited Free Plan.
- Mar 19, 2022
- 246
No it shouldn't be. Because I haven't registered any credit cards. I don't exactly remember,but maybe I had once but then removed it from the account settings page. Its user limited, but you can use a set policy in any number of physical devices.
Encrypted DNS vs VPN............
From what I know many VPNs have their own encrypted DNS servers
So will the encrypted DNS clash with the encrypted DNS servers of the VPN? Who takes precedent?
When I tested Adguard VPN and enabled its encrypted DNS servers it looks they don't work properly together. That test was done when Adguard VPN was started. In short, I think you cannot have both running at the same time.
- Mar 19, 2022
- 246
That is actually partially correct. Many VPNs do have their own dns . And maybe you can use another encrypted DNS alongside if the VPN allows it. But when you do that , you would most probably not able to access the streaming sites or any other that detects and blocks VPNs. To bypass such blocks , you'll need to use the same dns as provided by the VPN.
