The ULTIMATE Guide to Mastering NextDNS!

Introduction to Next DNS and its features, including security options, privacy options, block lists, parental controls settings, and device linking.

NextDNS is a DNS provider that acts like a phone book for the internet, translating website names into IP addresses. It offers privacy-respecting features and goes beyond just making DNS queries more private by providing customizable security and privacy controls through individual block lists.

NextDNS Security Options The security panel in NextDNS offers several features, including threat intelligence feeds to block malware domains, AI-driven threat detection (beta), Google safe browsing for system-wide protection, crypto-jacking protection against unauthorized cryptocurrency mining, DNS rebinding protection for local devices using private IP addresses. It also includes phishing attack prevention and typo squatting protection to safeguard against URL impersonation and similar-sounding URLs. Additionally, it provides the option to block newly registered domains within the first 30 days of activity due to their association with malicious campaigns.

Block Lists and TLD Blocking NextDNS allows users to enable or disable various security measures such as blocking parked domains used for malicious purposes and top-level domain (TLD) blocking. The TLD blocking feature enables users to outright block certain TLDs that are frequently abused or considered problematic based on personal preference or recommendations from guides like GitHub's list of suggested blocked TLDs.

CSAM Protection The CSAM (child sexual abuse material) protection is a privacy-respecting feature that blocks access without transmitting any information back when a domain associated with CSAM is detected. This feature is enabled by default in NextDNS's security settings.

Native Tracking Protection NextDNS has introduced a feature to block native tracking done by operating systems like Microsoft, Apple, and Samsung. This feature uses pre-compiled block lists to prevent spying and tracking on devices running NextDNS.

Third-party Tracker Blocking and Affiliate Links The default setting in NextDNS detects and blocks third-party trackers that pretend to be first party. It also allows users to enable or disable affiliate links based on personal preference for privacy or supporting content creators.

Understanding Block Lists in NextDNS Block lists are a highly personal preference and there is no correct answer for which ones to use. They contain massive lists of things to block, with some being updated daily and others not updated for years. It's important to avoid outdated block lists and look for more recent options that are continually updated.

Recommendation: Hagezi Suite Hagezi is recommended as it combines multiple popular blocklists into one, providing frequent updates and addressing false positives. The suite offers different versions based on threat model preferences, with Pro++ being the author's preferred choice due to its balance between protection and false positives. Adding too many blocklists can slow down web traffic and lead to numerous false positives, so experimenting with different options is encouraged.

Device Controls The 'Parental' Controls tab in Next DNS is not just for parents and children. It allows users to establish boundaries with their devices, such as enabling YouTube restricted mode, safe search, and blocking specific websites or apps. The feature also includes a recreation time function that blocks certain categories during specified hours of the day.

Block Bypass Methods Next DNS offers the option to block bypass methods like VPNs and Tor proxies. However, this may not be suitable for privacy-conscious adults who use these tools regularly. The ability to add custom restrictions would enhance the flexibility of this feature.

The deny list blocks specific domains, like blocking facebook.com. It's not a sophisticated block list, just for single domains. The allow list is important to prevent false positives when using security and privacy features.

Analytics provides a broad overview of device activity, including queries, blocked items, and block lists. It shows blocked domains and IPs. Logs offer real-time monitoring with live refresh for troubleshooting website access issues.

In the settings tab, you can choose where your data is stored - EU, UK, Switzerland or US. Changing storage location deletes past logs but allows new data storage. Enabling logs is necessary for analytics and multiple profiles are possible with different block lists.

Linking NextDNS to Devices NextDNS can be configured on devices, and it's important to keep the ID private. The free plan is limited in queries, so sharing the account may lead to query limitations. DNS over TLS and DNS over HTTPS are unique technologies for protecting DNS queries.

Setting Up NextDNS with VPNs "Most people will use DNS over HTTPS or copy/paste code for Android's native feature of using DNS over TLS. Combining nextdns with a VPN requires specific configurations based on different providers like ivpn or movat."

The video provides a comprehensive guide to NextDNS, emphasizing its features and limitations. It highlights the effectiveness of ad blocking via DNS but notes that certain platforms like YouTube may still display ads. Additionally, it emphasizes the importance of maintaining proper privacy and security practices alongside using NextDNS for protection.

Personal Experience with NextDNS The speaker shares their personal experience with using NextDNS, emphasizing that it is a highly personalized tool for gaining control over internet domains. They express love for the tool and encourage viewers to find what works best for them.

Support and Community Engagement The speaker provides important announcements, including links to GitHub pages, affiliate links for NextDNS, and a forum where users can seek tech support. They also mention switching VPN providers due to the benefits of using NextDNS.