FREE DNS Service blocks malicious domains for everyone

November 28, 2017 / BY / IN 95.9 Radio Spot

New “Quad9” DNS service blocks malicious domains for everyone. It’s as simple as setting your local computer or internet routers DNS Server settings to Once the setting is changed, any “known” malware and phishes won’t be able to phone home. Steps for configuring Windows and macOS machines can be found on the Quad9 website.

The Global Cyber Alliance (GCA) – an organization founded by law enforcement and research organizations to help reduce cyber-crime has partnered with IBM and Packet Clearing House to launch this FREE public Domain Name Service system.

The system is intended to block domains associated with botnets, phishing attacks, and other malicious Internet hosts—primarily targeted at organizations that don’t run their own DNS blacklisting and whitelisting services. Called Quad9 (after the Internet Protocol address the service has obtained), the service works like any other public DNS server (such as Google’s), except that it won’t return name resolution for sites that are identified via threat feeds. If a domain name is on the block list, the service simply responds to the query with an “NXDOMAIN” (non-existant domain) message.

As of launch, there were clusters of DNS servers located in 70 different locations around the world and GCA expects to top 100 servers by the end of the year.

Since the threat feeds will be updated only once or twice a day globally, Quad9 will potentially not have much of an impact on malware that uses rapidly shifting DNS addresses for command and control. But it does offer a basic level of protection against domain-spoofing phishing attacks and other Web-based attacks that have been picked up by major threat feeds.

The Quad9 service is free, but it does need to be continually funded. GCA is a non-profit—so the long-term growth of the service is based largely on government and industry continuing to fund it. GCA itself was funded initially with $25 million in criminal asset forfeiture directed to the organization by Manhattan District Attorney Cyrus Vance Jr. The GCA is talking with other major DNS providers about how they can replicate Quad9’s service, so there’s a chance that GCA may be absorbed into the greater Internet’s infrastructure benefitting everyone.


Special thanks to Ars Technical for sharing this important information