search

nextdns / metadata

This repository contains the data behind our Security, Privacy and Parental Control features.
https://nextdns.io
637 stars 138 forks source link

Malicious urls passing through? #923

Closed SohanRay closed 2 years ago

SohanRay commented 2 years ago

Malicious urls from : https://urlhaus.abuse.ch/downloads/text present in threat intelligence feeds, seem to pass through the filtering of NextDns. The Urls seem to load on the browser whereas there should have been a like 'unable to reach' kinda message.

beerisgood commented 2 years ago

This list doesn’t work with DNS.

SohanRay commented 2 years ago

This list doesn’t work with DNS.

Well if it doesn't and NextDns isn't blocking these , why is it mentioned in the threat intelligence feeds??

quantumpacket commented 2 years ago

NextDNS supports parsing some non-hosts lists, hence the format value for each threat feed.

For this list I've noticed that if you have HTTPS-only enabled in the browser it will ask to load the HTTPS version of the site and prompt to download the page if you proceed to HTTPS. If you have HTTPS-only off it will be blocked by NextDNS as intended.

As to why that is happening I have not investigated. :eyes:

SohanRay commented 2 years ago

This list doesn’t work with DNS.

please refer to post #939