What do I need to keep to use NextDNS in Windows 11?

PhsMu

Active Member
Exactly what it says on the title. Long story short, I use it on Windows 10, but applying the same preset to a Windows 11 makes YogaDNS and NextDNS clients fail. This is the preset I'm using (With the unattended and driver sections removed).
 

Attachments

  • 1021-Mini-220523.xml
    83.3 KB

garlin

Moderator
Staff member
Any idea how YogaDNS works? Is it a proxy server, firewall client? There's no docs explaining how it re-routes traffic.
 

PhsMu

Active Member
...erm... no? I know it works, but not sure of the hows.

I mean, it get rid of my ads and did accidentally (through misuse) many websites including RG.Adguard where I can download AppX and other stuff so I know it is doing its job...
 

PhsMu

Active Member
Will try that tomorrow! Thanks. I built like a dozen images just today without success. Thanks for cracking that one for me!
 

PhsMu

Active Member
Two things, NDIS network filter didn't work, and second, how do I use that website to analyze next-dns itself? Unlike Yoga-DNS it doesn't install on W10 either. I'm trying 'by block' to see if I can isolate what component it needs.
 

garlin

Moderator
Staff member
Joe Sandbox is a malware testing company, they randomly throw Setup apps into their VM and post reports.
I found them when searching for YogaDNS, but nothing on next-dns. Both are closed-source products with no technical overviews :rolleyes:.

Guess you need to break out ProcMon, or do trial & error removals.

Your best strategy is take a clean image VM install, and use NTLite live editing to remove components one by one. Then test install/uninstall YogaDNS until the removals break it. Work backwards from the clean build towards your removal list.
 

PhsMu

Active Member
I see. thanks either way. And Next DNS is actually on Github, so... As for doing low level interfacing (AKA suspiscious stuff) of course its suspiscious, it is intercepting even Kernel level access requests because M$ hardcodes dns into many DLLs to bypass such 'blocks'. Fight fire with fire... or a bomb!
 

PhsMu

Active Member
OK, Problem Solved... more or less. Apparently Beta Version 3.0.0 finishes and works with only one error NET HELPMSG 2185 (which is perfectly reasonable as it happens when the program can't communicate with WUASERV... because its stopped. Any guesses why? :D) So all is good. Apparently they needed to implement new code for it to work around some stuff in windows 11 after some of the newer cumulative updates, and that solved my problem, indirectly.
 

garlin

Moderator
Staff member
OK, Problem Solved... more or less. Apparently Beta Version 3.0.0 finishes and works with only one error NET HELPMSG 2185 (which is perfectly reasonable as it happens when the program can't communicate with WUASERV... because its stopped. Any guesses why? :D

NextDNS according to ProcMon is looking at the root certificates list. Everyone forgets that WU handles a critical side task of updating the Certificate Trust List (CTL) once per week. A bad side effect of disabling WU is Windows isn't getting CTL updates.

http://woshub.com/updating-trusted-root-certificates-in-windows-10/
https://github.com/asheroto/Root-Certificate-Updater/blob/master/PowerShell Script/RootCertificateUpdaterScript.ps1

When you browse secure websites or execute signed code, Windows will automatically check the root certificate chain for that domain. However it's possible you'll never get around to cover every root authority listed by CTL. Therefore WU has the fallback role of refreshing it.

Run the update script every week as a workaround.
 
Top