From 31669c323760bc0c87f1f34175e09d04b4bd779e Mon Sep 17 00:00:00 2001 From: yokoffing <11689349+yokoffing@users.noreply.github.com> Date: Sun, 27 Nov 2022 17:58:53 -0500 Subject: [PATCH 1/5] add question FAQ --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 5e06a78..57837e9 100644 --- a/README.md +++ b/README.md @@ -311,8 +311,12 @@ Just in case a [filterlist goes haywire](https://github.com/yokoffing/NextDNS-Co ### How do I signup for NextDNS? Click [here](https://nextdns.io/?from=xujj63g5)! +### "I'm thinking about having as less as possible activated so that NextDNS doesn't get slow, or does it not affect the speed of NextDNS?"[1](https://github.com/yokoffing/NextDNS-Config/issues/12) + +The amount of settings your enable/disable does not affect your DNS latency. + ### Is it redundant to set DoH at browser-level if I'm already using it at system-level? -Unless you use a separate profile for the browser, it is not neccessary, and it should not slow down your web browsing.[1](https://old.reddit.com/r/nextdns/comments/yfjvqy/is_it_redundant_to_set_at_doh_at_browserlevel_if/iu3vjzt/?context=3) However, I recommend [setting it in your web browser](https://www.itechtics.com/dns-over-https/#how-to-enable-or-disable-dns-over-https-in-your-browsers) anyway. +Unless you use a separate profile for the browser, it is not neccessary.[1](https://old.reddit.com/r/nextdns/comments/yfjvqy/is_it_redundant_to_set_at_doh_at_browserlevel_if/iu3vjzt/?context=3) However, I recommend [setting it in your web browser](https://www.itechtics.com/dns-over-https/#how-to-enable-or-disable-dns-over-https-in-your-browsers) anyway. ### If I have a profile for my router and another profile for my device, which one will my device use? The device will use the profile set by the NextDNS app or the installed [root CA](https://help.nextdns.io/t/g9hmv0a/how-to-install-and-trust-nextdns-root-ca). However, if the device has not been configured to use a separate profile, then it will use the wifi/router configuration.[1](https://old.reddit.com/r/nextdns/comments/yf4hnv/question_about_home_router_and_app_running_in/) From 3f20054389737ab9352662d72fcaf3f26a3db779 Mon Sep 17 00:00:00 2001 From: yokoffing <11689349+yokoffing@users.noreply.github.com> Date: Sun, 27 Nov 2022 18:01:26 -0500 Subject: [PATCH 2/5] add link for AI-Driven Threat Detection --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 57837e9..73c1236 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ Security settings protect your data from harm, theft, and unauthorized use. ### Threat Intelligence Feeds [1](https://github.com/nextdns/metadata/blob/master/security/threat-intelligence-feeds.json) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Use Threat Intelligence Feeds -### AI-Driven Threat Detection +### AI-Driven Threat Detection [1](https://unofficialbird.com/nextdns/status/1440291577713233925?lang=en) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable AI-Driven Threat Detection ### Google Safe Browsing [1](https://user-images.githubusercontent.com/11689349/107696360-d8dde800-6c7f-11eb-9882-cccc8d2065c5.jpg) [2](https://safebrowsing.google.com/safebrowsing/report_general/) [3](https://the8-bit.com/apple-proxies-google-safe-browsing-privacy/) [4](https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)#services-we-proxy-through-brave-servers) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Google Safe Browsing From 6edd94a7929ab10d98d664a28c366d8ed728b04a Mon Sep 17 00:00:00 2001 From: yokoffing <11689349+yokoffing@users.noreply.github.com> Date: Sun, 27 Nov 2022 19:37:36 -0500 Subject: [PATCH 3/5] add link for GSB --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 73c1236..3d15946 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ Security settings protect your data from harm, theft, and unauthorized use. ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Use Threat Intelligence Feeds ### AI-Driven Threat Detection [1](https://unofficialbird.com/nextdns/status/1440291577713233925?lang=en) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable AI-Driven Threat Detection -### Google Safe Browsing [1](https://user-images.githubusercontent.com/11689349/107696360-d8dde800-6c7f-11eb-9882-cccc8d2065c5.jpg) [2](https://safebrowsing.google.com/safebrowsing/report_general/) [3](https://the8-bit.com/apple-proxies-google-safe-browsing-privacy/) [4](https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)#services-we-proxy-through-brave-servers) +### Google Safe Browsing [1](https://user-images.githubusercontent.com/11689349/107696360-d8dde800-6c7f-11eb-9882-cccc8d2065c5.jpg) [2](https://safebrowsing.google.com/safebrowsing/report_general/) [3](https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/) [4](https://the8-bit.com/apple-proxies-google-safe-browsing-privacy/) [5](https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)#services-we-proxy-through-brave-servers) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Google Safe Browsing ### Cryptojacking Protection [1](https://github.com/nextdns/metadata/blob/master/security/cryptojacking.json) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Cryptojacking Protection From 953066a5c05f796b0fcdc7538040c9a4ba515478 Mon Sep 17 00:00:00 2001 From: yokoffing <11689349+yokoffing@users.noreply.github.com> Date: Sun, 27 Nov 2022 19:57:09 -0500 Subject: [PATCH 4/5] IDN Homograph links --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3d15946..d0b1812 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Security settings protect your data from harm, theft, and unauthorized use. ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Cryptojacking Protection ### DNS Rebinding Protection [1](https://help.nextdns.io/t/35hmval/what-is-dns-rebinding-protection) [2](https://www.reddit.com/r/nextdns/comments/t0ne8r/does_dns_rebinding_protection_block_remote_access/?context=3) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable DNS Rebinding Protection -### IDN Homograph Attacks Protection +### IDN Homograph Attacks Protection [1](https://blog.riotsecurityteam.com/idn-homograph-attacksprevention) [2](https://www.akamai.com/blog/security/watch-your-step-the-prevalence-of-idn-homograph-attacks) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Homograph Attacks Protection ### Typosquatting Protection [1](https://github.com/nextdns/metadata/blob/master/security/typosquatting/protected-domains) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Typosquatting Protection From e79c88c82836add9382fb6e7a5793b51555c4b75 Mon Sep 17 00:00:00 2001 From: yokoffing <11689349+yokoffing@users.noreply.github.com> Date: Sun, 27 Nov 2022 20:16:53 -0500 Subject: [PATCH 5/5] remove NRD links; add link for DDNS --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d0b1812..ee48223 100644 --- a/README.md +++ b/README.md @@ -41,10 +41,10 @@ Security settings protect your data from harm, theft, and unauthorized use. ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Typosquatting Protection ### Domain Generation Algorithms (DGAs) Protection ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable DGA Protection -### Block Newly Registered Domains (NRDs) [1](https://www.malwarebytes.com/glossary/phishing) [2](https://old.reddit.com/r/uBlockOrigin/comments/w64sqt/comment/ihboutk/?context=3) [3](https://www.boldgrid.com/instagram-influencer-accounts-are-being-hacked-phishing-attacks/) +### Block Newly Registered Domains (NRDs) [1](https://www.boldgrid.com/instagram-influencer-accounts-are-being-hacked-phishing-attacks/) :warning: Blocking NRDs may cause [false positives](https://csrc.nist.gov/glossary/term/false_positive) [occasionally](https://old.reddit.com/r/InternetIsBeautiful/comments/w2wdro/comment/iguvg8y/?context=3). Be selective when adding NRDs to your allowlist; and, if you do, **NEVER** give [sensitive information](https://www.egnyte.com/guides/governance/sensitive-information) to a NRD. *If you plan to [set-and-forget](https://glosbe.com/en/en/set-and-forget) your configuration, disable this setting.*

![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Block Newly Registered Domains (NRDs) -### Block Dynamic DNS Hostnames [1](https://github.com/nextdns/metadata/blob/master/security/ddns/suffixes) [2](https://twitter.com/NextDNS/status/1541740963760144386?cxt=HHwWhIC8iZ7PruUqAAAA) [3](https://www.phishing.org/what-is-phishing) +### Block Dynamic DNS Hostnames [1](https://user-images.githubusercontent.com/11689349/204171461-5bf9fb5b-a567-4692-8992-37108c8e7f1d.png) [2](https://github.com/nextdns/metadata/blob/master/security/ddns/suffixes) [3](https://twitter.com/NextDNS/status/1541740963760144386?cxt=HHwWhIC8iZ7PruUqAAAA) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Enable Block Dynamic DNS Hostnames ### Block Parked Domains [1](https://github.com/nextdns/metadata/blob/master/security/parked-domains-cname) ![Enabled](https://raw.githubusercontent.com/crssi/NextDNS-Config/main/icons/enabled.svg) Block Parked Domains