Jump to content

Malicious site filters on DNS in 2020

Sampei.Nihira

By Sampei.Nihira
in Windows XP

 Share

Recommended Posts

Sampei.Nihira

Sampei.Nihira

Posted
Posted (edited)

Interesting test:

https://www.skadligkod.se/general-security/phishing/malicious-site-filters-on-dns-in-2020/

Quad9 DNS ranks first for malware (92%) and phishing (100%) blocked.

The blocking action of Quad9 DNS compared to that of AdGuard DNS:

(Click with the mouse to enlarge the images)

R4RvCHBc_t.jpg

FAbofkqF_t.jpg

Unfortunately after several stress tests I concluded that Quad9 is malfunctioning in my Windows XP.

Specifically, random unblocked occur, especially after emptying the cache dns.

Test phishing websites:

https://www.phishtank.com/phish_search.php?valid=y&active=y&Search=Search

Frequent check:

Offline - http://signinemail.weebly.com/

Online - http://kisalinkim.com/piabet

Other comparison test:

https://www.cloudflare.com/ssl/encrypted-sni/

Quad9:

(Click with the mouse to enlarge the images)

Ot2vRcA8_t.jpg

AdGuard:

VkBKpe1u_t.jpg

My final choice was AdGuard DNS, with second place for malware blocked (67%).

MFNS users can try if they don't have problems with Quad9.

MSFN users who choose AdGuard DNS should also integrate the browser with a custom phishing list on your ADBlocking.

Phishing Army

which can be found on the Filter List:

https://filterlists.com/

This compensates for the lack of protection Google Safe Browsing not present in many browsers that we use.

But above all because AdGuard DNS is in last place for phishing blocked (42%).

 

Thanks for your attention.

Edited by Sampei.Nihira
1
Link to comment
Share on other sites

dencorso

dencorso

Posted
Posted

You should give Pi-Hole a try. I do use it to protect all machines in my LAN. Big advantage is one single dedicated RaspberryPi protects all machines, and one has just one central ad/malware trap to configure and tweak. One RaspberryPi 3B or 3B+ is not much of a cost for such 24/7 protection. Of course, this is just my 2¢, and YMMV! :)

2
Link to comment
Share on other sites
Bill Woodcock

Bill Woodcock

Posted
Posted
On 6/9/2020 at 12:24 PM, Sampei.Nihira said:

Interesting test:

https://www.skadligkod.se/general-security/phishing/malicious-site-filters-on-dns-in-2020/

Quad9 DNS ranks first for malware (92%) and phishing (100%) blocked.

Unfortunately after several stress tests I concluded that Quad9 is malfunctioning in my Windows XP.

Specifically, random unblocked occur, especially after emptying the cache dns.

Have you contacted support@quad9.net?  It's difficult to know what the problem is without a bit more information.  But Quad9 per se will do the same thing regardless of what OS you're running. It's possible that there's an unexpected resolver behavior on your client (the OS using another recursor when Quad9 blocks, for instance), or that your queries to Quad9 are being intercepted along the way.

Are you using DNS-over-TLS, DNScrypt, or DNS-over-HTTPs?  If not, and you try one of them (easiest might be try to replicate the problem inside Mozilla, using Quad9 over DNS-over-HTTPs), do you also see the intermittent failure to block?

Link to comment
Share on other sites
Sampei.Nihira

Sampei.Nihira

Posted
  • Author
Posted (edited)
1 hour ago, Bill Woodcock said:

Have you contacted support@quad9.net?  It's difficult to know what the problem is without a bit more information.  But Quad9 per se will do the same thing regardless of what OS you're running. It's possible that there's an unexpected resolver behavior on your client (the OS using another recursor when Quad9 blocks, for instance), or that your queries to Quad9 are being intercepted along the way.

Are you using DNS-over-TLS, DNScrypt, or DNS-over-HTTPs?  If not, and you try one of them (easiest might be try to replicate the problem inside Mozilla, using Quad9 over DNS-over-HTTPs), do you also see the intermittent failure to block?

Hi,
I have not contacted Quad9 support because there are no such problems in W.10.

I did the usual stress tests with Chrome and Edge / Chromium without any problems.

___________

Maybe for the OS,but certainly not for browsers.

___________

Regarding the questions of the second part of your reply, don't forget that the topic of this forum is Windows XP.:dubbio:
We cannot use the current versions of Firefox,Chrome ..... etc ... etc 

 

Edited by Sampei.Nihira
Link to comment
Share on other sites
Bill Woodcock

Bill Woodcock

Posted
Posted
22 hours ago, Sampei.Nihira said:

Regarding the questions of the second part of your reply, don't forget that the topic of this forum is Windows XP.:dubbio:
We cannot use the current versions of Firefox,Chrome ..... etc ... etc 

Sorry, sorry, not a Windows user myself, so didn't realize that, but it makes sense.  My apologies.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...