OCS banner and logo
Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe 
Search All Articles

Browse by Category

powered by pmc2m


Quad9 for added security

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. DNS stands for Domain Name System. This is how the domains you enter are translated into addresses the browser can go to. So, if you enter steveshank.com the DNS system will return which is my address and the browser will go there.

Normally, people use the DNS server provided by their ISP. So, Comcast clients usually just use Comcast's DNS server. I tend to setup Laptops to use OpenDNS, which is a more private and secure DNS server than just using whatever the router gets. It is important for mobile devices because we cannot trust the DNS servers at hotels and cafes. A bad DNS server can send you to phony sites that only appear to be your bank or Paypal etc.. However, I'm switching to Quad9.

Quad9 routes your DNS queries through a secure network of servers around the globe. The system uses constantly updating threat intelligence from 19 of the industry’s leading cyber security companies, to give a real-time perspective on what websites are safe, and what sites are known to include malware or other threats. It prevents your browser from going to known Malware sites thus protecting you from many online threats.

Quad9 currently works with 19 threat intelligence providers and has 100 active resolver clusters (of at least 3 servers each) placed all around the world. Your queries are routed to the closest server cluster. In my multiple tests, I got results back on average in less than 0.1 seconds and the worst case was 0.2 seconds.

Quad9 is a combined international effort of law enforcement agencies and Cybersecurity researchers dedicated to protecting your privacy and increasing your security.

How to use it

They provide simple one-minute videos explaining how to set up a Windows or Mac computers to use their DNS service. Of course, I'll be happy to do this for you.

In addition, I suggest doing this on your router. That way, your Android or iOS devices, as well as any other network attached devices which get DNS from the router, will be able to take advantage of Quad9. This provides some security for IoT devices.

Each router is different, but this is how I set it up on my Asus router.

From the main menu, I choose WAN. WAN refers to the Wide Area Network, as differentiated from LAN which is the Local Area Network. The router provides a wall between the external world (WAN) and your internal network (LAN). Then I flip the switch to not connect automatically. Yes means asking Comcast for the address. Then I put in for the DNS server. There is always a slot for a secondary server if something goes wrong with the primary one. I use OpenDNS for that - That's it. Now any device I have connecting to my router and getting addresses from my router will use Quad9.

Further Reading

Date: December 2017

Creative Commons License
This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

  Please direct questions/suggestions about website to the webmaster