In partnership with IBM and Packet Clearing House, the Global Cyber Alliance officially launched a new Domain Name Server (DNS) hosting platform last week, officially called Quad9 – named after the 22.214.171.124 Internet Protocol (IP) address the group has obtained. The service is 100% free and allows internet users to conveniently change the settings on their home routers to channel all of their internet traffic through Quad9‘s servers. In this way Quad9 keeps you, your computer and any device connected to the internet safe and secure, by checking all of your online traffic against 19 of the Internets largest threat databases, including IBM’s X-Force threat intelligence database.
What makes Quad9 different from its competitors or any other DNS service like it on the market, is that the service is specifically designed with user security in mind. Not only does Quad9 “blacklist” and prevent you from accessing any one of the +40 billion known malicious websites on the internet, but it will also block you from clicking on or interacting with images/links regularly associated with phishing attacks or the distribution of other malware. Perhaps most importantly of all, by routing your internet connectivity through Quad9’s servers, it will prevent any of your “smart devices” from ever becoming a part of a Botnet in the future.
Additionally, according to Phil Rettinger, the Global Cyber Alliance‘s President and Chief Operating Officer, the service will not be “logging the (IP) addresses making DNS requests,” nor will it log the websites you visit. Instead, the company says they will only be logging the general geographical location of the devices connecting to their network, such as their country of origin. To add to and ensure the full security of their customers, Rettinger says that the company is “anonymizing the data, sacrificing on the side of privacy.”
Upon launch, Quad9 servers are already hosted in over 70 locations in 40 different countries around the world, with plans to increase this to 100 locations by the start of 2018 and double these figures over the course of the next 18 months. Lastly, while Quad9 claims that internet speeds will not be impacted once you switch to their servers, early research indicates that connection speeds do indeed slow down slightly. With that said, those same researchers point out that Quad9 is already considered one of the Internets top 4 fastest DNS services and claim that the added security benefits are well worth marginally slower speeds.
For more information on what a DNS service does, as wells as how to switch to Quad9, you can learn more here: https://quad9.net/
Wanting to learn more about their new service, I sent an email to IBM and Quad9 support asking how their servers would work in case of a DDoS attack. More specifically, I was interested in learning if their servers would stand in front of individual devices or websites in the event of a DDoS attack against them or if their servers would conceal the IP Addresses of individual users on their network, so that hackers could not easily uncover this information. For example, this is something that other services like Cloudflare offer once you switch to their Name Servers.
In response to these questions, in an email with Legacy Medi4, a Quad9 representative explained that:
“Unfortunately our service is an open recursive (and not authoritative) DNS service so we are not in a position to provide DDoS mitigation services for websites. We do how ever have in place various controls to make sure that our service is not used to conduct DDoS attacks on others.
So the difference between us and a cloudflare or other provider is simple. We do not host your dns records for you, we simply have built a system that allows you (and anyone else) to use us to query and resolve any domain name into an ip address. We are not actually authoritative for any of the domains people recurse through our infrastructure. I know that can be a bit confusing to wrap your head around at first, but services like cloud flare are different then us. The services that we are more similar to are OpenDNS, Googles 126.96.36.199, Level3’s 188.8.131.52, and other open recursive DNS systems.”
To put this into Layman’s terms for my readers, this also means that Quad9 DNS does not conceal your individual IP Address. Meaning that hackers can still uncover it and your Internet Service Providers will still be able to see, log and review all of your online activity whilst on Quad9 servers. For this very reason, Quad9 strongly recommends their users to utilize a VPN connection in conjunction with their DNS hosting service, to get the best of both worlds.
Categories: Tech Stuff