0

Blocking list to add

Whats some good blocking list I should ad in nextdns in online college for Cybersecurity bs then master in it any help I love it ray toth. Like oisd is but first time at this thanks

15 replies

null
    • Calvin_Hobbes
    • 2 yrs ago
    • Reported - view

    I'm sure others will suggest certain lists.   There's really not any right or wrong lists.   Some lists will cause some sites to not work properly so it just depends on how much time you want to spend looking at the logs and deciding whether to fix things by adding specific items to your allow list vs not using the list that caused a problem.

    I use some of the more agressive lists.   When something doesn't work, sometimes I use the logs and create an entry in the allow list.   Other times, I temporarily disable NextDNS.   Each has its pros/cons and sometimes it just depends on whether I want a quick fix or spend time figuring it out.

    I also recommend blocking nearly every TLD except the ones that I know i'll need (.com, .net .org, .co, .io.) then others as needed such as .tv or .It and others that are useful to my region. There's a crazy number of TLDs and no simple way offered to block all of them, so I sat down one night and manually added them. There's several in languages that I don't know and never expect to use.

    Good luck with your studies

    • ray_toth
    • 2 yrs ago
    • Reported - view

    Ty any list can add to incorrect on did the ones on whats a block list I pay for nextdns.io since there security concerted ty for understanding me, with my high spectrum autism any list to improve blocking. Did the one in primacy fourm under what block list ty for helping

    • ray_toth
    • 2 yrs ago
    • Reported - view
    • ray_toth
    • 2 yrs ago
    • Reported - view

    Is one in li k good starting one?

    • Hey
    • 2 yrs ago
    • Reported - view

    I'd also agree with Calvin there is no right or wrong list.

    Wth the Affiliate tracking Allowlist you'll be fine with most basic stuff even if the filter is more aggressive as it whitelists certain domains and proxies them to preserve privacy.

    I'd probably just go with OISD as it's the most balanced one but try them out and choose yourself, everyone's habits are different, for light filters I'd recommend though OISD, 1HostLight and notracking usually do a pretty solid job of not blocking domains that are critical. It's your choice of privacy, security and convince.

    • ray_toth
    • 2 yrs ago
    • Reported - view

    Ok want to blockk hardfull stuff and tracking like I'm learning will this do it if use your hey

      • Hey
      • 2 yrs ago
      • Reported - view

      ray toth if you use only OISD or use NextDNS Ads&Tracking with Allow Affiliate Tracking option those would work great in my opinion.

    • ray_toth
    • 2 yrs ago
    • Reported - view

    Ook ty trying to keep harmful stuff and tracking from us

    • Roger_Wright
    • 2 yrs ago
    • Reported - view

    Accurate filtering is almost art rather than a science.  You want to block as much as possible without  false positives.  If a list is too aggressive you'll need to monitor your logs and make manual additions to your Allow List. 

    Here are the lists that work best for me in MY mobile environment:

    1Hosts (Pro)            156,691
    Goodbye Ads            124,506
    NextDNS Ads & Trackers Blocklist            93,776
    notracking            87,083
    oisd            81,381
    AdGuard DNS filter            64,260

    Results are similar for computers and at the router

    I also block several TLDs, enable all Native Tracking, and have all Security features enabled.

    • ray_toth
    • 2 yrs ago
    • Reported - view

    Ty all want to block only harnefull sites like malware and virus and tracking stuff like this this is good info

    • ray_toth
    • 2 yrs ago
    • Reported - view

    Hey will try osid only ty

      • Hey
      • 2 yrs ago
      • Reported - view

      ray toth I'd also recommend enabling

      AI-Driven Threat Detection / Block Newly Registered Domains (NRDs) /  Block Dynamic DNS Hostnames

      Basically everything in the Security Tab from my testing and a few others the security aspect is quite great I've tested it personally and recently saw another test done by a Twitter user that was better in terms of how he made his Excel lists etc a lot of work I avoided.

      https://twitter.com/brentcrawford/status/1500910925624262657
      https://twitter.com/brentcrawford/status/1500935050573013013

      OISD only is the easiest to manage and that's why I recommended it on most new threats, the Security Features take care of the New 0-Day Phishing and Malware sites and OISD includes most of the filters with a great whitelist themselves so technically having more could protect you further but with this setup you'll set it once and simply do your browsing just without all the problematic parts of the internet without the need to modify or change anything further.

    • ray_toth
    • 2 yrs ago
    • Reported - view

    Hey I also took system administration class as part of cyber security also what do the other one you renamed me turn on do under security tab leaning still

      • Hey
      • 2 yrs ago
      • Reported - view

      ray toth

      AI is what it sounds like Artificial Intelligence is used to train an algorithm with data containing good and bad sites, so Phishing and generally Malicious websites. From what I've gathered they scan the web on a timely manner with Newly Registered and also domains in general being scanned to see if they are malicious or not.

      This gives the advantage of knowing a malicious website before it is seen to a great extent, it's not perfect but it helps with new Malicious sites before they get reported and are included in Threat Intelligence / General Filters.
       

      NRD is Newly Registered Domains.

      Most of the websites we visit have been registered ever since the existence of the general web and the general adaptation, so from the 70s 80s 90s etc. Newly Registered Domains filter blocks all domains that were created in the last 30 days, that gives the Security Researchers and the general users time to react, so OISD/NextDNS etc gets these into their filters.

      It's a simple 0-Day defense that works great for the most part, you can see some new sites that are being blocked but it's extremely rare and having the assurance that most sites that are hosting malicious content will be blocked by the time we get to use them in my mind is a huge bonus and that for me makes it extremely worthy of keeping turned on.

       

      Lastly there is Block Dynamic DNS Hostnames blocking and that blocks domains hosted on DDNS, they explain it far better than I can but it's basically using easy to obtain domains that malicious actors can use to make quick vectors of attack, as most people won't ever really use it as websites, it has no real negative impact from what I know as they don't block the main DDNS host.

       

      Others are all explained in the site and should be turned on by default from what I know unless I turned something else on manually, I would keep them all on since the impact is basically not noticeable as from my experience.

      I've been using NextDNS basically a few months after their launch to now with earlier on NextDNS Ads & Tracking and now OISD with recently all the new Beta Features.

      I hadn't had to whitelist much personally other than a few edge cases like when I registered a new host name to host a Plex server and that was blocked and one other case where AI blocked something but in terms of daily activities you don't notice it's there. That's why I personally recommend this as it's not there until it either protects you from something malicious or you turn it off and realize there were ads everywhere you went.

    • ray_toth
    • 2 yrs ago
    • Reported - view

    Ty hey trying to hey these like I'm learning on my online Cybersecurity college classes and use what I might use in a business, so I know what  doing one get that job

Content aside

  • 2 yrs agoLast active
  • 15Replies
  • 1648Views
  • 4 Following