How efficient are those security-enhanced DNS services?

[RMerlin]

An interesting article on various DNS servers that are optimized for blocking malicious site.

https://blog.cryptoaustralia.org.au/2017/12/23/best-threat-blocking-dns-providers/

A shame that the best performing of the lot is getting discontinued in November 2018.

EDIT: Updated URL.

 

[Gar]

Been using OpenDNS Home for years, guess I can do better...

 

[AntonK]

Been using OpenDNS Home for years, guess I can do better...

I'm a OpenDNS home user too. I see no reason to change. OpenDNS is free, I couldn't find a way to signup for Strongarm, and SafeDNS is $20.00/year.

Anton

 

[Gar]

I'm a OpenDNS home user too. I see no reason to change. OpenDNS is free, I couldn't find a way to signup for Strongarm, and SafeDNS is $20.00/year.

Anton

Given the cost I plan to stay too.

 

[coxhaus]

I just setup Quad9 on my firewall. I will try it for a while.

 

[Gar]

Might be worth trying 1.1.1.1 also, still doing research as it wasn't in the review.

 

[RMerlin]

Might be worth trying 1.1.1.1 also, still doing research as it wasn't in the review.

Their goal is not to block malicious sites, but to provide "faster" and more "privacy-enhanced" service.

 

[Gar]

I see. Wonder if using them and something like Malwarebytes might still be a safe alternative.

 

[Marica Calma]

Based on experienced, OpenDNS is really reliable and has faster internet speeds. Also, it is free and helps block phishing websites from loading on your computer.

 

[Gar]

Based on experienced, OpenDNS is really reliable and has faster internet speeds. Also, it is free and helps block phishing websites from loading on your computer.

I have used OpenDNS for years and just got comfortable with it, and it's free. No complaints until now, just didn't pay any attention to its abilities compared to the competition. My concern is this review that doesn't show OpenDNS very effective. I'm thinking it might be time to change.

 

[umarmung]

Quad9 is founded by law enforcement.

 

[Gar]

Quad9 is founded by law enforcement.

I'm tying it now, so far so good.

 

[Gar]

What I don't understand is when I used opendns I had dnsomatic also. Using quad9 should there be an accompanying service? Obviously I don't understand all this. As my 3 year old granddaughter would say...Dang it!

 

[RMerlin]

What I don't understand is when I used opendns I had dnsomatic also. Using quad9 should there be an accompanying service? Obviously I don't understand all this. As my 3 year old granddaughter would say...Dang it!

OpenDNS offers a managed service, which is why they need a DDNS update to determine that it's actually you (by associating your queries with your DDNS's IP), and personalize your service based on your settings. Quad9 is unmanaged, everyone shares the same settings, so there's no need for a DDNS service.

 

[Gar]

OpenDNS offers a managed service, which is why they need a DDNS update to determine that it's actually you (by associating your queries with your DDNS's IP), and personalize your service based on your settings. Quad9 is unmanaged, everyone shares the same settings, so there's no need for a DDNS service.

Thanks, my 3 year old and I are happy to learn it!

 

[mtganzer]

An interesting article on various DNS servers that are optimized for blocking malicious site.

https://blog.cryptoaustralia.org.au/best-threat-blocking-dns-providers/

A shame that the best performing of the lot is getting discontinued in November 2018.

Having just set up a pfSense firewall (retirement project for the home office/home network), I happened to notice that the hpHosts list they use in their testing is one of the feeds that I set up the pfBlockerNG plugin to use.

I also set up pfSense to forward DNS queries to Quad9 after passing through pfBlocker - this in case they add an emerging threat before my local block list gets updated.

 

[AndreiV]

Well, the article linked in the OP is no longer there , it returns a 404 not found.

Another secure DNS service I just found is Clean Browsing .

https://cleanbrowsing.org

They offer a range of services , 3 free , and 1 paid .

They do not log any information so your privacy is maintained. Their database of bad domains is updated hourly and DNSCrypt is fully supported

As security professionals, we built privacy and security into our network. We are the only provider to support DNSCrypt (port 8443), DNS over TLS (port 853) and DNS over HTTPS (port 443) by default on our Anycast DNS network. DNSSEC is also enforced and validated.

Data that does not exist can not be compromised. We also believe that you should be in control of your privacy, so our free (public) filters do not log any of your requests. Since the data is not stored, it can not be compromised or misused. Privacy first.

 

[popxunga]

Well, the article linked in the OP is no longer there , it returns a 404 not found.

Another secure DNS service I just found is Clean Browsing .

https://cleanbrowsing.org

They offer a range of services , 3 free , and 1 paid .

They do not log any information so your privacy is maintained. Their database of bad domains is updated hourly and DNSCrypt is fully supported

Very interesting !
Thanks for pointing that out

 

[Gar]

been using for several months, no complaints.

 

[RMerlin]

The original article was moved.

https://blog.cryptoaustralia.org.au/2017/12/23/best-threat-blocking-dns-providers/