New “Quad9� DNS service blocks malicious domains for everyoneq
 

New “Quad9� DNS service blocks malicious domains for everyone

Full story:
https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/

Set DNS server to 9.9.9.9, and (known) malware and phishes won’t be able
to phone home.

The Global Cyber Alliance (GCA)—an organization founded by law
enforcement and research organizations to help reduce cyber-crime—has
partnered with IBM and Packet Clearing House to launch a free public
Domain Name Service system. That system is intended to block domains
associated with botnets, phishing attacks, and other malicious Internet
hosts—primarily targeted at organizations that don't run their own DNS
blacklisting and whitelisting services. Called Quad9 (after the 9.9.9.9
Internet Protocol address the service has obtained), the service works
like any other public DNS server (such as Google's), except that it
won't return name resolutions for sites that are identified via threat
feeds the service aggregates daily.

"Anyone anywhere can use it," said Phil Rettinger, GCA's president and
chief operating officer, in an interview with Ars. The service, he says,
will be "privacy sensitive," with no logging of the addresses making DNS
requests—"we will keep only [rough] geolocation data," he said, for the
purposes of tracking the spread of requests associated with particular
malicious domains. "We're anonymizing the data, sacrificing on the side
of privacy."

.... more ....



--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
�借貸! ��騙! ��交! �打交! �打劫! �自殺! 請考慮綜� (CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 11/17/2017 07:29 PM, Mr. Man-wai Chang wrote:
New “Quad9� DNS service blocks malicious domains for everyone

Full story:
https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/


Set DNS server to 9.9.9.9, and (known) malware and phishes won’t be able
to phone home.

The Global Cyber Alliance (GCA)—an organization founded by law
enforcement and research organizations to help reduce cyber-crime—has
partnered with IBM and Packet Clearing House to launch a free public
Domain Name Service system. That system is intended to block domains
associated with botnets, phishing attacks, and other malicious Internet
hosts—primarily targeted at organizations that don't run their own DNS
blacklisting and whitelisting services. Called Quad9 (after the 9.9.9.9
Internet Protocol address the service has obtained), the service works
like any other public DNS server (such as Google's), except that it
won't return name resolutions for sites that are identified via threat
feeds the service aggregates daily.

"Anyone anywhere can use it," said Phil Rettinger, GCA's president and
chief operating officer, in an interview with Ars. The service, he says,
will be "privacy sensitive," with no logging of the addresses making DNS
requests—"we will keep only [rough] geolocation data," he said, for the
purposes of tracking the spread of requests associated with particular
malicious domains. "We're anonymizing the data, sacrificing on the side
of privacy."

... more ....




Any better or worse than Open DNS?

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 19/11/2017 5:01 AM, T wrote:

Any better or worse than Open DNS?

It claimed to block malicious websites. But the ping to it is really high.

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
�借貸! ��騙! ��交! �打交! �打劫! �自殺! 請考慮綜� (CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 11/19/2017 4:12 AM, Mr. Man-wai Chang wrote:
On 19/11/2017 5:01 AM, T wrote:

Any better or worse than Open DNS?

It claimed to block malicious websites. But the ping to it is really high.

same here
9.9.9.9 52 ms
8.8.8.8 5 ms

New “Quad9” DNS service blocks malicious domains for everyoneq
 

On Sat, 18 Nov 2017 13:01:26 -0800, T wrote:

On 11/17/2017 07:29 PM, Mr. Man-wai Chang wrote:
New “Quad9” DNS service blocks malicious domains for everyone

Full story:
https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/


Set DNS server to 9.9.9.9, and (known) malware and phishes won’t be able
to phone home.
,,,,,,,,,


Any better or worse than Open DNS?

For tracking users ? About as efficient as Google's.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 11/18/2017 01:01 PM, T wrote:
On 11/17/2017 07:29 PM, Mr. Man-wai Chang wrote:
New “Quad9� DNS service blocks malicious domains for everyone

Full story:
https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/


Set DNS server to 9.9.9.9, and (known) malware and phishes won’t be
able to phone home.

The Global Cyber Alliance (GCA)—an organization founded by law
enforcement and research organizations to help reduce cyber-crime—has
partnered with IBM and Packet Clearing House to launch a free public
Domain Name Service system. That system is intended to block domains
associated with botnets, phishing attacks, and other malicious
Internet hosts—primarily targeted at organizations that don't run
their own DNS blacklisting and whitelisting services. Called Quad9
(after the 9.9.9.9 Internet Protocol address the service has
obtained), the service works like any other public DNS server (such as
Google's), except that it won't return name resolutions for sites that
are identified via threat feeds the service aggregates daily.

"Anyone anywhere can use it," said Phil Rettinger, GCA's president and
chief operating officer, in an interview with Ars. The service, he
says, will be "privacy sensitive," with no logging of the addresses
making DNS requests—"we will keep only [rough] geolocation data," he
said, for the purposes of tracking the spread of requests associated
with particular malicious domains. "We're anonymizing the data,
sacrificing on the side of privacy."

... more ....




Any better or worse than Open DNS?

I did not mean speed wise. I meant security wise.

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 20/11/2017 6:59 AM, Shadow wrote:

For tracking users ? About as efficient as Google's.

Google's public DNS does not filter?

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
�借貸! ��騙! ��交! �打交! �打劫! �自殺! 請考慮綜� (CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 11/19/2017 08:38 PM, Mr. Man-wai Chang wrote:
On 20/11/2017 6:59 AM, Shadow wrote:

For tracking users ? About as efficient as Google's.

Google's public DNS does not filter?

I second the question

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 20/11/2017 3:41 PM, T wrote:
On 11/19/2017 08:38 PM, Mr. Man-wai Chang wrote:
On 20/11/2017 6:59 AM, Shadow wrote:

For tracking users ? About as efficient as Google's.

Google's public DNS does not filter?

I second the question

AFAIK, Google's public DNS server do not block.

--
@~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
�借貸! ��騙! ��交! �打交! �打劫! �自殺! 請考慮綜� (CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa

New “Quad9� DNS service blocks malicious domains for everyoneq
 

On 11/20/2017 07:24 AM, Mr. Man-wai Chang wrote:
On 20/11/2017 3:41 PM, T wrote:
On 11/19/2017 08:38 PM, Mr. Man-wai Chang wrote:
On 20/11/2017 6:59 AM, Shadow wrote:

For tracking users ? About as efficient as Google's.

Google's public DNS does not filter?

I second the question

AFAIK, Google's public DNS server do not block.


I have had to use Google's DNS at several facilities because
the DNS's provided by the ISP's did not resolve too many web
sites properly. Calling and complaining about each bad
resolution was just not worth my time.