![]() ![]() Quad9 brings together cyber threat intelligence about malicious domains from a variety of public and private sources and blocks access to those malicious domains when your system attempts to contact them. When it comes to Quad9 they are advertising their service as a malware blocking service. It’s clearly showing that Neustar is the winner in this test, rather tight followed by CleanBrowsing and Quad9. At the same time we see that 50% of the tested DNS providers are blocking nothing at all. Going through the results you see that some DNS providers are better at blocking malicious links while others are better at blocking phishing links. None of the other DNS providers blocked any of the tested phishing domain names. None of the other DNS providers blocked any of the tested malicious domain names. When splitting the test results in malware link test and phishing link test, the results are as followed: The total results from the top to the bottom, not naming the DNS services that are not blocking any links at all: None of the tested DNS providers blocked all 20 links used in my test. I also want to mention that this was not a long time testing and by this I do not know whether any of the DNS providers sometimes is blocking links incorrectly as a so called false positive detection.Īll tests were done on the 31st of march 2019. Those were collected from Openphish and Phishtank. The links were 1-3 days old and collected from sites as: urlhause, malc0de, vxvault and pastbin posts from cryptolaemus to include actively used Emotet virus links as well.Īdditionally I have tested the DNS providers against 6 domains hosting phishing links, which also where 1-3 days old and still active. I have selected 14 domains which where hosting malware on links which were still online. To compare them from a malware protection standpoint I resolved a number of currently active malicious domains while using their service. ![]() There are of course more DNS providers on the market out there than the 10 which are listed above. I was only testing against their primary DNS server. Keep in mind that the most of those DNS providers also have a secondary DNS with another IP address. Instead of using the DNS server of my ISP, I was using the VPN providers DNS which I’m using at the moment (MullvadVPN), to get some results of what an default ISP DNS server would block. The DNS providers below has been selected for this test. Some also advertise that the usage of their DNS service is blocking Ad banners while browsing which can be a nice extra feature. I’m just looking at their “default” DNS resolver or if there was a server alternative available which explicitly is for blocking malicious and phishing sites, then I used that one. ![]() Those alternate DNS servers are out of scope for the review I made. In addition to their regular ones they offer servers that block access to sites which are unsuitable for children. Some of the DNS providers are offering different types of DNS servers to choose from. See the Swedish block page from AdGuard below.ĪdGuard DNS blockpage when visiting a malicious site Those protections are mainly done in two ways:ġ) A malicious domain name is resolved with “NXDOMAIN” telling the requested system that the domain name does not exist.Ģ) A malicious domain name is resolved by the DNS provider with the response pointing to its own blocking site instead of the requested domain. Others also add protection against malware and other online threats. Google DNS is one of the most known alternative DNS server providers and has been available since 2009.Many DNS providers on the market are only offering an alternative DNS server. During the last years the market of public DNS server providers has been increased a lot. ![]()
0 Comments
Leave a Reply. |