DNS Advantage Phish Blocking: Lame?

« Some of Sandy's Documentation Does Privacy Warnings Right | Main | Toward a Post-Constitutional Best Practices »

February 13, 2008

DNS Advantage Phish Blocking: Lame?

Charlie Schluting took a look at DNS Advantage over on ENP. Like OpenDNS, which has been around for a while, DNS Advantage provides free, optimized DNS services. It also claims to provide a filter for phishing sites, but Charlie found that filter ... sub-par:

"Furthermore, DNS Advantage advertises that its DNS servers will block access to malicious sites, such as ones containing malware or phishing pages. During our testing we were unable to trigger this blocking.
"Using publicly available data from anti-phishing sites such as Spamhaus and PhishTank), we attempted to access sites that have been identified as suspicious or plainly malicious for months. We were never denied access via DNS Advantage's blocking service. Firefox, on the other hand, ended up blocking most of the sites using its blocklists. Using DNS Advantage provided no Advantage in this regard.
"The DNS Advantage FAQ concedes that the service's malicious site blocking isn't perfect:
"Q. I found a website DNS Advantage should be blocking. What should I do?
A. We do our best to stay on top of the growing list of blocked domains. However, there may be some that we don't protect against yet. We are in the process of creating a mechanism to submit these types of websites to us.
"During our testing, the value of 'some' was equal to 100 percent of the 150 sites we attempted to visit while using DNS Advantage for DNS queries."

Ouch. Anyone else have any experiences with it? Charlie's not claiming some definitively scientific figure for DNS Advantage's success rate, but 0 out of 150?

(link)