VPN vs DNS: which is better for protection against malicious domains and attackers?
- Thread starter SohanRay
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
Router based IP/URL filtering, IDS, or browser extensions and/or AV filtering. These tend to be much more effective than any DNS service.
I wouldn’t rely solely on a DNS filtering service. It’s a nice additional layer.
Ok
Ohk. I just got a phishing link through text message. In windows only Bitdefender blocked it,but in Android Bitdefender didn't, Sophos didn't, Nextdns didn't, Quad9 didn't, Cloudflare gateway didn't, ControlD paid version didn't block it!
Nothing blocks everything. I get phishing texts regularly, I just delete them. The best defense against phishing is education. I know for less tech savvy people that can be a challenge, so some layer of protection helps. But there is no 100% protection against true 0-day of anything.
Hi, I only use my NordVPN when I am on shady websites or doing other questionable stuff, I am not that technical so I don't know which solution is the safest, but I will put my money on DNS Firewall.
the summary is that none are really necessary?
vpn is only useful on open wifi networks and dns is useful as an extra layer
vpn is only useful on open wifi networks and dns is useful as an extra layer
I wouldn't say that. Being connected to a VPN 24/7 brings more problems than it solves. Connection slowdowns, being unable to access some sites that block VPNs etc.
For me personally it only makes sense enabling a VPN when you need it for unblocking geo-restricted content or while you are torrenting. Using an encrypted DNS server with malicious site and phishing site blocking for your day to day browsing is a much easier and more comfortable solution. It adds extra privacy and security without a negative impact on your browsing. For most people the third-party DNS providers are even faster than the one provided by their ISP.
It's true, with the vpn boom I've bought several vpns and lately I don't even use them, they often block content, for example apple music, some microsoft features, some websites...
I find it somewhat annoying to be deactivating and activating, in addition to peaks of slowing down the internet or disconnections. I'm going to investigate more about DNS
I can recommend this video if you have some time to spare:
Hello,
If I can help, I am connected h24 to my vpn, without slowdown.
After I use the Wireguard protocol which is more optimized.
If I can help, I am connected h24 to my vpn, without slowdown.
After I use the Wireguard protocol which is more optimized.
While that may be true it still won't have any relevant positive impact in your day to day computer activities. Why spoofing your IP when watching Youtube, reading on news sites and checking emails? I don't see the reason of having a VPN enabled 24/7. Instead you could just use encrypted DNS and enable your VPN if you really need it.
Just a thought, I have been trying out Cloudflare gateway dns .Its free plan. It seems promising with customisation options.Has a lot of content filtering options. Ads and trackers are missing though. But I added all the domains from the ad block tester site to blocked list and its working well enough for me uptil now.
Looks interesting. Will check it out.
Another thing,they(Cloudflare) don't really mention it but,they too use AI/ML to flag malicious domains and have the option to block new/newly seen domains.Looks interesting. Will check it out.
Guess I should have posted this in my previous post about comparing dns services.
I have read in this thread that quad9 is better than nextdns, but my little experience with nextdns is very good, quad9 if I am not mistaken does not offer any way to check the data.
As a result of this thread I am more interested in the dns, I want to try later the new dns of adguard, blitz ahadns, controlid of windscribe.
As a result of this thread I am more interested in the dns, I want to try later the new dns of adguard, blitz ahadns, controlid of windscribe.
Quad9 is better than NextDNS in one category and that is malware filtering. For my control and oversight over your DNS use NextDNS is the way to go.
Was going to check this out until I saw this.
Note: A credit card is required for our user-limited Free Plan.
No it shouldn't be. Because I haven't registered any credit cards. I don't exactly remember,but maybe I had once but then removed it from the account settings page. Its user limited, but you can use a set policy in any number of physical devices.
Encrypted DNS vs VPN............
From what I know many VPNs have their own encrypted DNS servers
So will the encrypted DNS clash with the encrypted DNS servers of the VPN? Who takes precedent?
When I tested Adguard VPN and enabled its encrypted DNS servers it looks they don't work properly together. That test was done when Adguard VPN was started. In short, I think you cannot have both running at the same time.
That is actually partially correct. Many VPNs do have their own dns . And maybe you can use another encrypted DNS alongside if the VPN allows it. But when you do that , you would most probably not able to access the streaming sites or any other that detects and blocks VPNs. To bypass such blocks , you'll need to use the same dns as provided by the VPN.
You may also like...
-
-
Mullvad VPN audit: low number of vulnerabilities found and fixed, lots of praise- Started by Gandalf_The_Grey
- Replies: 23
-
-
Block Common Attacks: A Beginner's Guide to Windows Firewall- Started by Divergent
- Replies: 18
-
OOpera’s revamped VPN Pro is here to bring you stronger protection and blazing-fast speeds
- Started by Opera Team
- Replies: 1