Are you looking to improve your computer’s security measures, but don’t know how to improve it beyond the regular programs (i.e. antivirus, firewalls, etc)? Then you might want to consider routing your computer’s traffic through a new Domain Name Service system called Quad9. Put together in partnership between the Global Cyber Alliance (GCA) and IBM, Quad9 improves computer security by automatically blocking malicious websites that could potentially harm your computer (i.e. sites that could DarkHotel your PC).
Follow along below, and we’ll dive into what Quad9 DNS is all about as well as how to set it up on your PC.
What is Quad9 DNS?
As mentioned above, GCA and IBM have worked together to create Quad9, a Domain Name Service system that will prevent computers on your network from connecting to sites bent on planting malicious software on your computer or network.
Basically, Quad9 was the GCA’s idea, but with the partnership with IBM, Quad9 is able to check a site against IBM’s X-Force threat intelligence database, which is a database of over 40 billion (and growing) analyzed web pages and images. On top of that, Quad9 works with another 18 threat intelligence partners to block threats (or to stop PCs from connection to malicious domains) from reaching the end-user and businesses.
Should you use Quad9 DNS?
That all sounds great, but should you use Quad9 DNS? If you’re looking to enhance your computer’s security while you’re online, the answer is a resounding yes. Quad9 DNS is a simple system in that it’s primary goal is keeping you from connecting to malicious sites–there isn’t much to it beyond that.
Another benefit to Quad9 DNS is its performance. Quad9 servers are distributed all around the world, even in under-served areas. In other words, users all over the world can see performance increases in DNS lookups, even those in rural areas. They do this by putting those servers near Internet Exchange points. That means there’s less distance and time to get a response from queries, which is how Quad9’s performance and response times are much better than the competition.
Quad9 DNS also takes privacy seriously. It doesn’t store any personal information on its server; in fact, isn’t even stored or distributed. Quad9 uses your IP address to complete the domain query in a local data center (a requirement for the functioning of the service), but won’t keep it on hand or distribute it elsewhere. Quad9 makes sure they’re not taking advantage of your privacy by using only information they absolutely need to perform the service.
How to setup Quad9 DNS in Windows 10
Literally anyone can setup Quad9 DNS, and in just a few minutes, too. It’s also entirely free, so you don’t need to shell out any extra cash for a subscription or anything. This is because Quad9 is a nonprofit organization with the goal of only keeping up with the operation of its DNS servers–there’s no secondary revenue streams, which is a second confirmation that Quad9 isn’t pulling your data and selling it.
Setting it up on Windows 10 is fairly easy. The first step is to open up Control Panel.
Next, select the Network and Internet heading.
Now, select the Network and Sharing Center heading.
Under this panel, in the left navigation pane, click on the link that says Change Adapter Settings.
Next, right-click on the Network Interface you’re using. In my case, this is the Wi-Fi model. If you’re trying to figure out which one to select, the one you want to right-click will be the only one that doesn’t say “Not Connected.”
Once you right-click on the proper interface, select Properties.
In the scrollable menu, highlight the option that says Internet Protocol Version 4 (TCP/IPv4), and then select the Properties button below the menu.
Next, you’ll want to select the radio button that says Use the Following DNS Server Address and type in 220.127.116.11 in the top box.
Once you’re done, select OK, and then you can close out of the menus. You’re done! Now, your traffic is being routed through the Quad9 servers, protecting you from hitting any malicious websites.
Setup Quad9 in Linux
If you’re running Linux on your PC, specifically Ubuntu or a Debian-based distribution, it’s a tad bit easier to setup, as there’s a few less menus to go through.
In Linux, we’re going to use NetworkManager. Within Linux, go into System Settings and then into Network–clicking on Wi-Fi or Ethernet options will take you to the same place.
Next, click on the Settings gear icon, select the IPv4 tab, and then enter 18.104.22.168 into the DNS box. Make sure “Automatic” is turned off. Once you’re done, press “Apply” and you’re good to go.
Setting up Quad9 in any Router
If you want to route your entire network’s traffic through Quad9 servers, it’s just as simple. You’ll need to get into your router configuration. You can read out article on how to do that here. From there, you’ll need to navigate to the router’s DNS preferences (as seen in the image above).
From there, it’s as simple as entering 22.214.171.124 into the Primary DNS box. Save your configuration and reboot your router. Congratulations, you’re now routing traffic through Quad9’s DNS servers!
Testing Quad9 DNS
Now, in Windows 10, to test that we’re using the Quad9 DNS, you can open up Command Prompt (or PowerShell) and type in the command “nslookup” followed by the Enter button. To ensure you’re connecting to Quad9’s DNS servers, it should look like what we have above. In Linux, you can follow a similar process, opening up Linux’s Terminal, and then using the “dig” command. You should get similar results to what we have above (i.e. showing you the default server and corresponding address).
We tried going to a number of malicious sites after connecting to Quad9 DNS (we don’t recommend this, please don’t try at home), and found that Quad9 DNS works just as it’s supposed to. Every site we went to Quad9 would terminate the request, and we would get an error like above.
To show you how it works behind the scenes, we went through a couple of tests using the nslookup command in Command Prompt. First, we started by doing a lookup of a malicious website. It seems that if Quad9 detects malicious activity, it either times out the request or returns the domain as not found. In the most common scenario, it times out the request as seen above.
As for accessing a website that isn’t blocked, such as Google, Quad9 returns the domain as it normally would (again, you can see this in the image above).
As you can see, setting up Quad9 on your Windows 10 or Linux machine is easy, but it might be even easier to set it up on your router due to a few less steps being involved. By setting up Quad9 on your network, you increase your security online, keeping you and your family safe from any viruses, ransomware, etc that a website might try to plant on your computer or network.
Got any questions or need some additional help setting up Quad9? Be sure to leave us a comment in the comments section below. You can find more information about Quad9 here.