Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 16 Dec 2017, 03:43
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Quad9
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [1 Post]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1029
Location: Canada

PostPosted: Thu 16 Nov 2017, 16:34    Post subject:  Quad9
Subject description: Free security tool protects Internet users through DNS
 

https://www.quad9.net/#/

Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy.

Security: Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 will check the site against the IBM X-Force threat intelligence database of over 40 billion analyzed web pages and images. Quad9 also taps feeds from 18 additional threat intelligence partners to block a large portion of the threats that present risk to end users and businesses alike.

Performance: Quad9 systems are distributed worldwide in more than 70 locations at launch, with more than 160 locations in total on schedule for 2018. These servers are located primarily at Internet Exchange points, meaning that the distance and time required to get answers is lower than almost any other solution. These systems are distributed worldwide, not just in high-population areas, meaning users in less well-served areas can see significant improvements in speed on DNS lookups. The systems are “anycast” meaning that queries will automatically be routed to the closest operational system.

Privacy: No personally-identifiable information is collected by the system. IP addresses of end users are not stored to disk or distributed outside of the equipment answering the query in the local data center. Quad9 is a nonprofit organization dedicated only to the operation of DNS services. There are no other secondary revenue streams for personally-identifiable data, and the core charter of the organization is to provide secure, fast, private DNS.


Does Quad9 implement DNSSEC?
Yes. Quad9 provides DNSSEC validation on our 9.9.9.9 resolver. This means that for domains that implement DNSSEC security, the Quad9 system will cryptographically ensure that the response provided matches the intended response of the domain operator. In the event of a cryptographic failure, our system will not return an answer at all. This ensures protection against domain spoofing or other attacks that attempt to provide false data.


What to remember is : 9.9.9.9
If you are using Google public DNS 8.8.8.8 , then 9.9.9.9 is as easy to remember with added privacy and security.
I am convinced VPN providers will switch to this service sooner than later. Up to now, numerous VPN providers use Google public DNS for their customers.

Application for firejail users : you can use this DNS service when using firejail.
With Wicd, you can easily make the switch, as well as with Network Manager.

Further reading :
http://www.eweek.com/security/quad9-secure-dns-service-embeds-ibm-security-intelligence
https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/

UPDATE

Unfortunaltely, not every network manager are as sophisticated as Network Manager used by Ubuntu and derivatives.
So you may need to alter resolv.conf manually. Since DNS settings found in resolv.conf are overwritten, don't even try changing values in it. Instead, create a new file called resolv.conf.head. Add nameserver 9.9.9.9 save and reboot. You will find your new values in resolv.conf permanently written.
How to create a file : geany /etc/resolv.conf.head

With firejail : firejail --private --dns=9.9.9.9 --caps.drop=all firefox -no-remote

Replace Firefox with your prefered browser.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [1 Post]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 1.0408s ][ Queries: 14 (0.8020s) ][ GZIP on ]