DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS / Cisco Umbrella
ฝัง
- เผยแพร่เมื่อ 28 พ.ค. 2020
- Connecting With Us
---------------------------------------------------
+ Hire Us For A Project: lawrencesystems.com/hire-us/
+ Tom Twitter 🐦 / tomlawrencetech
+ Our Web Site www.lawrencesystems.com/
+ Our Forums forums.lawrencesystems.com/
+ Instagram / lawrencesystems
+ Facebook / lawrencesystems
+ GitHub github.com/lawrencesystems/
+ Discord / discord
Lawrence Systems Shirts and Swag
---------------------------------------------------
►👕 lawrence.video/swag
AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store
🛒 www.amazon.com/shop/lawrences...
UniFi Affiliate Link
🛒 store.ui.com?a_aid=LTS
All Of Our Affiliates that help us out and can get you discounts!
🛒 lawrencesystems.com/partners-...
Gear we use on Kit
🛒 kit.co/lawrencesystems
Use OfferCode LTSERVICES to get 5% off your order at
🛒 lawrence.video/techsupplydirect
Digital Ocean Offer Code
🛒 m.do.co/c/85de8d181725
HostiFi UniFi Cloud Hosting Service
🛒 hostifi.net/?via=lawrencesystems
Protect you privacy with a VPN from Private Internet Access
🛒 www.privateinternetaccess.com...
Patreon
💰 / lawrencesystems
Forum post with the script and details
forums.lawrencesystems.com/t/...
Part two:DNS Malware Filtering Followup: Comments, Concerns, Cisco Corrections and Conversation
• DNS Malware Filtering ...
Also, The IP visible at the top of the OpenDNS page is not my office IP address. - วิทยาศาสตร์และเทคโนโลยี
The Forum Post:
forums.lawrencesystems.com/t/dns-malware-filtering-compared-quad9-vs-cloudflave-vs-dns-filter-vs-opendns-cisco-umbrella/5072
Part Two:DNS Malware Filtering Followup: Comments, Concerns, Cisco Corrections and Conversation
th-cam.com/video/sDuhxCWd3wU/w-d-xo.html
The IP visible at the top of the OpenDNS page is not my office IP address.
Also I did a test with NextDNS and posted the results in my forums
th-cam.com/video/imlFubYv8YY/w-d-xo.html your ip is visible
at the top of the open dns site
The OpenDNS numbers are horrible. Did you configure it to block malware for your IP address? Be certain it's configured for your IP address.
You need to configure your IP in cisco umbrella for it to apply the policy or use the roaming client. Even if it resolves it will show the block page.
Unfortunatelly you didn't test Cisco Umbrella but only OpenDNS personnal. The Umbrella dashboard, possibilities and filter are way far more different.
Do you have a list of you tested domains so I can test it with a proper Umbrella DNS and SIG deployement ?
I guess you should probably change the video name to remove Umbrella or make an addon.
Have a nice day :)
Sorry I forgot, in your first page of resolution you have a 146.112.61.108, wich is an Open DNS IP, so your request has been redirect to an OpenDNS block page, did you take it in your maths ?
Oh my gosh. Excellent Data Analysis! I'm going back to Quad9 even though the speed is slightly slower (by about 15ms) compared to Cloudflare. Thanks for sharing.
That's miniscule. The key benchmark is to stay below 50ms as a performance metric. For my network, Cloudflare was the fastest, but it's not stable and consistent. Upload speed was the most affected.
Would love to see a followup on this! Maybe make it an annual event?
Agreed 👍🏾
Yes, it's been awhile. Whats the new DNS we should be using now
This is great, and surprising. Thanks for the quality content, really like your videos. Switched all my gear to quad9. Interesting to see Umbrella crap the bed, they sure market the hell out of that.
Thank's man, you're making so nice and valuable content, keep going ❤️
I'm trying out Quad9 on my pi-hole. Thanks for the great review!
For some constructive feedback, it would be great to see the exact config used in each subscription or in an included writeup. Great that you reviewed some but not really complete if you don't do the same for all.
Catching this after 2 years. Wonder how much has changed in that time? And if OpenDNS is still so far behind?
Great video Tom. Thanks for the comparison.
Would be nice to see this test ONCE every year. Thank you BTW for the effort of this video
This is great info! Will be doing something around it soon...
Lawrence please can you redo this test. It would be hugely beneficial for everyone. Would nice to see how NextDNS ranks against newer ones such as control d. Etc.
Really useful great comparison
Hello :-) is this still the same 3 years later? Be good to see an update. Love your videos.
Quad9 all the way, great info ! :-) Subscribed
I became a patron today. Thanks, Tom.
Thank you
very nice, thanks for this
Very interesting comparison. I did notice that the portal your using for OpenDNS is the free version and not their paid tenant portal. Curious if there is a different level of protection between the 2.
There are a lot more features included in Umbrella the enterprise DNS-Layer protection such as a selective proxy. Indeed this test does use the consumer edition which is OpenDNS branded not Umbrella. If you are curious to see some tests Umbrella the enterprise package check out these tests performed by AV-TEST www.av-test.org/fileadmin/pdf/reports/AV-TEST_DNS_Layer_Protection_Test_Feb_2020.pdf
Did you create an OpenDNS account and create a policy and associate your internet facing IP? By default it doesn't filter suspicious sites.
Looks like you missed an IP @ 3:12. You blurred one but missed the other
shhhhhhh. Loose lips sink ships
You should do another one of these
Time to do NextDNS /Cleanbrowsing in this mix and run it generally as a new update
It would be cool to see an updated test again.
+1 every year audit
Not really surprise and i started to do this test some months ago ;) Thanks for sharing
I’m wondering if more of the malware sites would have been blocked by dnsfilter if more categories were used...they might have them under other categories.
Putting malware domains under any other category would not make any sense. I mean would they be under finance since some are ransomware?
Good start, but I don't think that this test is representable enough. It is possible that Quad9 just happens to use that exact list for constructing block list. Or Quad9 could just concentrate on a specific part of malware domains that is represented in the list used for testing. All in all, this test only increases Quad9's chances to beat other services, but it is to early to state that it's so much better.
Would be nice to see nextdns
I did a test of NextDNS and posted the results in my forums. forums.lawrencesystems.com/t/dns-malware-filtering-compared-quad9-vs-cloudflare-vs-dns-filter-vs-opendns-cisco-umbrella/5072
@@LAWRENCESYSTEMS thank you, I was gonna run it myself later today but you saved me a few minutes. Interesting results...
Hi everytime i search for my primary and secondary DNS IP ADRESS i have 6 Malwares and i don’t know how to remove it, i have multiplie times searched for malwares on antivirus programs as Malwarebyte / F-Secure and Avast. They don’t find anything. But everytime i go to totalvirus i see my malwares. I need help to remove this please help me out.
There is also MDBR & MDBR+ from CIS (Akamai)
I don't think you have to sign up to opendns to use it for home use
Do you have an updated link to the list or a list of lists pf the rogue domains please?
no, because all the public lists are also in Quad9 and most other popular DNS systems.
I'm guessing quad9 comes out on top
it's time for a new video to update the results
This need an update. Its been 3 years already. If I may I wish to sugest getting Quad9, NextDNS and Coltrol D antimalware against each other. Cloudflare, Google, OpenDNS are a waste of time, they will be bad at the end anyway.
Can you please cover NextDNS?
David Hartley Yes, THIS!
I did a test of NextDNS and posted the results in my forums. forums.lawrencesystems.com/t/dns-malware-filtering-compared-quad9-vs-cloudflare-vs-dns-filter-vs-opendns-cisco-umbrella/5072
Cheers from Florida!
I wish there were something like quad9 but faster. Because I get a few issue in some game because of that
Open dns is still faster than all in my area
I'm confused which one to use!! Actually I need something that blocks malware, blocks antiphising, doesn't store ip address, deletes all history and does not save any users information. plz suggest me which one to use Quad9, Cloudflare or OpenWatch. Or some other dns which i don't know
Use NextDNS or Quad9 if you need malware protection and privacy. Rest are just marketing DNS query farms.
Pi-Hole is a nice element in DNS filtering :).
Can't use your pi hole outside your network unless you want to VPN into your network daily on a mobile device.
Well you can't really use a cloud based DNS either without the use of an app, at least on android you have to change the DNS on each individual network and for the most part you can't change settings for your 3G/4G connection at all and technically you can use pi-hole outside, it's not as if port forwarding is hard you just need a good way to automatically update your IP but of course it generally isn't recommended opening your devices up to the internet, the alternative is using an app such as Netguard which creates a local VPN that allows your device to do its own filtering via hosts file, so again extra work to manually update the lists but otherwise the best option for filtering outside your network.
@@----------------------------- I use it on my Note 8 daily without fail. Android has an option for private dns address to be input. Granted one vm instance of with pihole I use is dedicated only for off site devices.
@@----------------------------- I'm not saying the pi-hole is ultimate solution for every issue. However I'm actually using solution you suggested.:)
I'm suspecting you didn't go thoroughly into settings for NextDNS. NextDNS has more security and privacy features, plus you select the blacklists yourself and there are many! It should just wipe out others in your test.
edit: You also didn't go into advanced settings for OpenDNS? It logs you out and you didn't bother?
Does anyone know how pi hole compares to these?
Pihole just sits in between your computer and a big name DNS resolver. If we want to talk about performance, clearly a local DNS server is superior. I personally use it to have network wide DOH resolutions.
Where’s WebTitan?
Looked like you were signed into an OpenDNS account and not Cisco Umbrella. The Umbrella dashboard is totally different. Cisco has made no improvements to the original OpenDNS service. I did similar testing with OpenDNS a few years back and actually found that the malware filtering was better without creating an account. When I created an account and provided my WAN IP malware was no longer filtered.
It is not quite true but I worked for Umbrella and I'm not surprised with test results tbh.
I would also be interested in how Cisco Umbrella does.
@@johnhanly2948 Public results here for Cisco Umbrella www.av-test.org/fileadmin/pdf/reports/AV-TEST_DNS_Layer_Protection_Test_Feb_2020.pdf There is also a OpenDNS Prosumer package that provides the Umbrella dashboard to consumers with a limited feature set.
Does someone knows secondary iPV4 adress of DNSFilter?
Does Quad9 block ads as well or just malware?
If you want to block ads, and you are comfortable running your own services at home, then an excellent tool would be something like pi-hole, which you can setup to forward to Quad9.
why not use adguard dns?
@@homemark22 privacy
@@bren.r Cares about your privacy
Protecting your personal data is our top priority. With AdGuard, you and your sensitive data will be safe from any online tracker and analytics system that may attempt to steal your data while surfing the web. - that was from their website
@@homemark22 yeah that doesn’t help
Nextdns is underrated
I did a test of NextDNS and posted the results in my forums. forums.lawrencesystems.com/t/dns-malware-filtering-compared-quad9-vs-cloudflare-vs-dns-filter-vs-opendns-cisco-umbrella/5072
Wow so shocked that Cisco, the #1 networking security company in the world has lousy protection......LOL
Can you please make a video about RethinkDNS?
I don't use it or plan to. We use pfblocker and ublock.
@@LAWRENCESYSTEMS do you have a video on pfblocker?
@@LAWRENCESYSTEMS so if you don't use a product you won't make a video?
@@mrf_71 I don't have time to test every tool on the market so I pick ones that are interesting or complementing.
Can someone please summarise?
I'm confused, that's a lot info to process spoken really fast... so quad9 is safest?
Just use Quad9
Ciao. MAke sense since I am using Surfshark VPN to use also Surfshark DNS? or it is no need? thanks
I still prefer Quad9, even when I am using a privacy VPN.
@@LAWRENCESYSTEMS huh! better then cloudflare?
I think so.
Cloudflave?
Hahha, thanks and fixed
You're telling me that Cloudflare let ALL of the malware through? Yeesh...
Need 2022 comparison please
Still using Quad9
@@LAWRENCESYSTEMS quad9 is too slow here in India/Asia, and cloudflare zero trust DNS filtering seems to be improved a lot. so a new 2022 comparison video would be awesome
@@Allltha8matters It's work just fine for me in SEA
this video need a 2024 update
There is a new version here th-cam.com/video/NUT4K3tk9Ns/w-d-xo.html
be nice if you checked the adult content filtering too... malware is one but family safety is another.
Only 1 issue with your videos: you talk too fast and a lot of words are not understandable by me or by the auto subtitle. Please, slow down just 5% and try to pronounce every at least technical word correctly. Love ya
Your methodology might give a lot of wrong results. Using "dig" will not always give the right IP. Many malware sites have a low TTL on their A records and change the IP multiple times. Also sometimes they use Cloudflare first > and send the user to another site/IP afterwards. And as we know Cloudflare is awesome if you want to host malware sites, since Cloudflare rarely blocks sites or take them down.
I wonder how many of those IP's belongs to Cloudflare....
@@clausdk6299 Good point @8:15 the results show around line 16 or 17 IP address 146.112.61.108. The entire address block of 146.112.0.0 is registered to Cisco Umbrella. talosintelligence.com/reputation_center/lookup?search=146.112.61.108
talk less show more performance... don't talk walk the talk