Which 3rd party dns filters do you use?

[blade12]

I recently got Control D dns and want to filter out ads/malware/phishing. I want to set it and forget so want to minimize false positives. I also want to minimize overlap of filters.

Here's the filters I have chosen so far:

Any ideas if any overlap? Are there any that might be worth changing/disabiling? Thanks!

 

[bbunge]

A quick search for reviews of this service showed me mixed results. Many were not pleased with it. I also feel there are smoke and mirrors in their claims.
You can do as well with a free service such as OpenDNS and they also support DoT and DNSSEC.

 

[Gary_Dexter]

Hagzi's list incorporate most (if not all) of the other "non-Hagezi" lists.. so just stick with Hagezi.

Use either Normal, Pro or Pro Plus and TIF and that should be more than enough.

 

[sfx2000]

FWIW - I don't use any of these block list things at a router level...

Why - because it's overhead that I'd rather spend time doing something else... and I have client side blockers where needed - Adblock, Ghostery, etc...

 

[Tech9]

Exactly my way of doing things at home. Whoever wants to block something - I can assist. Business network is different.

 

[blade12]

FWIW - I don't use any of these block list things at a router level...

Why - because it's overhead that I'd rather spend time doing something else... and I have client side blockers where needed - Adblock, Ghostery, etc...

I always thought the best protection was 2 layered. First at dns level and second at browser level. Isn't that still the best approach to block majority of ads?

I do worry about false positives though. On dns layer, false positives can cause hell.

 

[Tech9]

I always thought the best protection was 2 layered.

Isn't that still the best approach to block majority of ads?

Best protection and blocking majority of ads are two different things. Both impossible to achieve with DNS filtering only.

 

[blade12]

Best protection and blocking majority of ads are two different things. Both impossible to achieve with DNS filtering only.

By protection, I was primarily focused on ad blocking rather than malware/virus/ddos/etc protection.

 

[Tech9]

By protection, I was primarily focused on ad blocking rather than malware/virus/ddos/etc protection.

Your "protection" is currently very weak. If you don't intercept DNS requests on your LAN, don't block DoT port, don't block known DoH servers, allow QUIC, iCloud Private Relay, etc. - almost any device can go around your Control D easily and some will do it right out of the box without asking.

 

[blade12]

Your "protection" is currently very weak. If you don't intercept DNS requests on your LAN, don't block DoT port, don't block known DoH servers, allow QUIC, iCloud Private Relay, etc. - almost any device can go around your Control D easily and some will do it right out of the box without asking.

What would you suggest then on top of Control D dns and ublock origin on PC (Adguard on phone)? I also do have BitDefender Total Security running on the computers.

 

[Tech9]

I would remove this Control D because the same can be done on the router. I would also uninstall this Total Security because built-in Windows Security is good enough. uBlock Origin can stay - the best ad-blocker. The other items above you have to address one by one, no one-click solution.

 

[sfx2000]

just a quick heads up - Google with Chrome is going to implement Manifest 3 - which will seriously impact plugins and what their capable of doing - like blocking ads - which is google's big business...

Similar to what's happening now with YouTube and ad-blockers...

I'm not saying this is a bad thing - actually it's good, as this makes alternatives like Firefox and Safari more viable - Microsoft is going to perhaps make a choice as their currently in bed with Google on their Edge browser - but at least they do have a browser engine in their back pocket if Chrome goes bad...

 

[RMinNJ]

I was testing out nextdns and like simple it is to use and setup, whitelist etc

 

[RMerlin]

Microsoft is going to perhaps make a choice

They will most likely be forced to follow if they intend to maintain compatibility with Chrome addons.

They could also possibly relax the restrictions of Manifest V3 to allow for new addons to work, without breaking adblockers who need so many filter rules.

My money is on adblocker devs finding their way around that restriction however.

 

[L&LD]

The 'net without adblockers is a travesty.

Adblockers make today's web usable. As RMerlin states, I'm sure the devs will find a way, no matter what additional idiocy Google implements.

 

[Treadler]

The 'net without adblockers is a travesty.

Adblockers make today's web usable. As RMerlin states, I'm sure the devs will find a way, no matter what additional idiocy Google implements.

Internet Crime Complaint Center (IC3) | Cyber Criminals Impersonating Brands Using Search Engine Advertisement Services to Defraud Users

www.ic3.gov

Interesting ad blocking recommendation.

 

[L&LD]

I don't just block ads. I block all 'social' sites, widgets, and many others. All of them are cyber-criminal related, IMO.

So yeah, it's not just adblocking. To me, it's more of a 'pure' internet experience. One where I look for information and just find what I want, no more, no less.

 

[Paliv]

The Manifest V3 rules have already been relaxed to a point that AdGuard and uBlock Origin still appear to be adapting. They won’t be the powerhouses they are now, but they will most likely work well. Honestly I would love for sites to be able to monetize, their work isn’t free, but the web ad business totally tanked which is why sites are now unusable plastered.

 

[Tech9]

We'll change the browser to non-Google one if needed. For every action, there is an equal and opposite reaction.

 

[sfx2000]

I have no problem moving away from Chrome - I've got Safari and Firefox...