0

NRD False Negatives

What is the appropriate mechanism for reporting false negative NDR lookup answers?  For example - buysellrentbyrenee[dot]com.  Caution - I don't know if that's a malicious domain or not.  What I do know is that it's brand new and not being seen as such.  I have NRDs blocked and this domain somehow misses correct categorization.  I came across this doing some testing and comparing NextDNS with a larger commercial competitor.

3 replies

null
    • NextDNs
    • 3 mths ago
    • Reported - view

    This domain was registered in the past until very recently (and expired in October 2023), then registered again on January 9, 2024. Considering recently expired domain that are re-registered soon after as NRD is something that we are currently working on.

    Would love to hear your feedback on how we fare against that large competitor on our security features set, feel free to reach out at team@nextdns.io.

    • richard_stovall
    • 3 mths ago
    • Reported - view

    Thanks for the explanation.  Is there a way for me, using publicly available tools like WHOIS, to determine if a given domain has a history of expiry then re-registration like this one?

     

    Re: the comparison, I'll email you directly at team@nextdns.io.

    • fserve
    • 3 wk ago
    • Reported - view

    Similar problem. ( NRD false negative ):
    alottogrowthrough.com Creation Date: 2024-03-19T18:12:43.00Z
    I dont know if it was expired sometime ago, but seems to be a malicious domain.

Content aside

  • 3 wk agoLast active
  • 3Replies
  • 270Views
  • 3 Following