Jump to content

Quad9

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by DavidCWG (talk | contribs) at 02:00, 7 June 2021 (Reads like an ad - pretty gratuitous too). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Quad9
FounderPacket Clearing House
IBM
Global Cyber Alliance
SWITCH
TypePublic-benefit not-for-profit foundation
FocusInternet privacy and security
Location
Area served
Global
Employees
12

Quad9 is largest of the three global public recursive DNS resolvers which protect users from malware and phishing, and is notable for consistently being found to be by far the most effective (97%) at doing so in independent evaluations.[1][2][3] It was the first to use standards-based strong cryptography to protect the privacy of its users' communication, and the first to use DNSSEC cryptographic validation to protect users from domain name hijacking.[4][5][6][7] Quad9 is the only one of the three which protects users' privacy by not retaining or processing the IP address of its users, and is consequently also the only one which is GDPR-compliant.[8][9][10]

The Quad9 recursive resolver is operated by the Quad9 Foundation, a Switzerland Swiss public-benefit, not-for-profit foundation with the purpose of improving the privacy and cybersecurity of Internet users, headquartered in Zurich.[11] It is the only global public resolver which is operated not-for-profit, in the public benefit. Quad9 is entirely subject to Swiss privacy law, and the Swiss government extends that protection of law to Quad9's users throughout the world, regardless of citizenship or country of residence.[12] Quad9 is currently the only global recursive resolver which is not subject to United States law, as the others are each domiciled in the San Francisco Bay Area and governed by the Northern District of California US Federal Court.[13][14]

Locations

Map of Quad9 recursive resolver locations as of 2021-05-27
Map of Quad9 recursive resolver locations as of 2021-05-27

As of May, 2021, the Quad9 recursive resolver was operating from server clusters in 184 locations on six continents and 89 countries.[15][16]

IP addresses

Quad9 operates recursive name servers for public use at the following IP addresses. These addresses are routed to the nearest operational server using IP anycast routing. Quad9 offers DNS over TLS over port 853,[17] DNS over HTTPS over port 443,[18] and DNSCrypt over port 443.[19]

Secured (Mainstream) Unsecured Secured, with ECS support
DoH addresses[20] https://dns.quad9.net/dns-query
https://dns9.quad9.net/dns-query (optional) 		https://dns10.quad9.net/dns-query https://dns11.quad9.net/dns-query
DoT addresses[21] dns.quad9.net
dns9.quad9.net (optional) 		dns10.quad9.net dns11.quad9.net
IPv4 addresses[20] 9.9.9.9
149.112.112.112
149.112.112.9 (optional) 		9.9.9.10
149.112.112.10 		9.9.9.11
149.112.112.11
IPv6 addresses[20] 2620:fe::fe
2620:fe::fe:9
2620:fe::9 (optional) 		2620:fe::10
2620:fe::fe:10 		2620:fe::11
2620:fe::fe:11

See also

References

  1. ^ Lawrence, Tom (2020-05-03). DNS Malware Filtering Compared: Quad9 VS Cloudflare VS DNS Filter VS OpenDNS. lawrencesystems.com. Lawrence Systems. Retrieved 2021-05-27. Quad9: 97.16% effective, Cloudflare: 56.74% effective, OpenDNS: 9.22% effective
  2. ^ Young, Andrew (2020-05-31). "Comparing Malware-blocking DNS Resolvers". andryou.com. Andryou. Retrieved 2021-05-27. Quad9: 97.08% effective, Cloudflare: 56.20% effective, OpenDNS: 2.19% effective
  3. ^ Kod, Skadlig (2020-05-02). "Malicious Site Filters on DNS". skadligkod.se. Skadlig Kod. Retrieved 2021-05-27. Quad9: 96% effective, Cloudflare: 13% effective, OpenDNS: 46% effective
  4. ^ "New "Quad9" DNS service blocks malicious domains for everyone". Ars Technica. Retrieved 2018-04-08.
  5. ^ Bortzmeyer, Stéphane (2017-11-21). "Quad9, a Public DNS Resolver - with Security". labs.ripe.net. RIPE Labs. Retrieved 2021-05-27. Last week, the new DNS resolver Quad9 has been announced. It is a public DNS resolver with the additional benefit that it is accessible in a secure way. There are other public DNS resolvers, but the link to them is not secure. This allows hijackings as well as third-party monitoring. The new Quad9 service on the other hand is operated by the not-for-profit Packet Clearing House (PCH), which manages large parts of the DNS infrastructure, and it allows access to the DNS over TLS. This makes it very difficult for third parties to listen in. And it makes it possible to authenticate the resolver.
  6. ^ Woodcock, Bill (2021-02-09). "Statement by Bill Woodcock, chairman of Quad9's board". Reddit. Retrieved 2021-05-27.
  7. ^ Dickinson, Sara (2019-11-28). "DNS Privacy Public Resolvers". DNS Privacy Project. Retrieved 2021-05-27.
  8. ^ "Quad9 Data and Privacy Policy". Quad9. Retrieved 2021-05-27. The Reply To Address is purged from RAM as soon as we have transmitted the reply to the user's Reply To Address. The Reply To Address (or any representation of, or proxy for, it) is not copied to permanent storage, nor is it transmitted across the network to any destination other than the user. It leaves the machine on which we received it only in the form of a reply to the user – to no other destination, in no other form, for no other purpose.
  9. ^ "A Deeper Dive Into Public DNS Resolver Quad9". Internet Society. Retrieved 2018-04-08.
  10. ^ Brennan, Jim (2017-11-16). "New Quad9 DNS Service Makes the Internet Safer and More Private". securityintelligence.com. Security Intelligence. Retrieved 2021-05-27. Quad9 goes far beyond standard DNS name resolution. Unlike many other DNS services, Quad9 does not store, correlate or otherwise employ any personally identifiable information (PII).
  11. ^ "Quad9 moves to Switzerland". ncsc.admin.ch. Swiss National Cyber Security Centre. 2021-02-17. Retrieved 2021-05-27. Non-profit organisation Quad9 is relocating its headquarters to Zurich.
  12. ^ Steiger, Martin (2021-02-18). "Quad9 Foundation – Recursive DNS Resolver in Switzerland / Applicability of Swiss and European Data Protection Law" (PDF). steigerlegal.ch. Steiger Legal. Retrieved 2021-05-27. Quad9 is entirely and fully subject to Swiss data protection law including the Swiss Federal Act on Data Protection (FADP) and its corresponding ordinance with regard to all data subjects, i.e., for all persons worldwide whose data is being processed by Quad9. Compliance with Swiss data protection law is subject to the independent supervision of the Swiss Federal Data Protection and Information Commissioner (FDPIC). Data subjects may file a complaint with the FDPIC regardless of their citizenship or country of residence.
  13. ^ "Cloudflare corporate headquarters". linkedin.com. 2021-05-27. Retrieved 2021-05-27. Cloudflare corporate headquarters: San Francisco, California
  14. ^ "Cisco corporate headquarters". cisco.com. 2021-05-27. Retrieved 2021-05-27. Cisco corporate headquarters: San Jose, California
  15. ^ "PeeringDB: Packet Clearing House AS42". peeringdb.org. PeeringDB. 2021-05-27. Retrieved 2021-05-27.
  16. ^ "Internet Exchange Points Quad9 is Present In". pch.net. Packet Clearing House. 2021-05-27. Retrieved 2021-05-27.
  17. ^ Dickinson, Sara (2019-11-28). "DNS Privacy Public Resolvers: DNS-over-TLS (DoT)". DNS Privacy Project. Retrieved 2021-05-27.
  18. ^ Dickinson, Sara (2019-11-28). "DNS Privacy Public Resolvers: DNS-over-HTTPS (DoH)". DNS Privacy Project. Retrieved 2021-05-27.
  19. ^ Kumar, Arvind (2021-05-27). "DNScrypt Resolvers". github.com. EnKrypt. Retrieved 2021-05-27. quad9-dnscrypt-ip4-filter-pri Quad9 (anycast) dnssec/no-log/filter 9.9.9.9 / 149.112.112.9
  20. ^ a b c "DoH with Quad9 DNS Servers". Quad9. Retrieved 2018-10-05.
  21. ^ "Enable Private DNS using Quad9 on Android 9". Quad 9. 2018-09-18. Retrieved 2020-09-28.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Quad9&oldid=1027279485"