Menu
What's new
By:
Filters Better Search

Add Quad 9 to the list of DNS providers in AiProtection

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

RejZoR

RejZoR

Regular Contributor
I've recently found about a new secure DNS service similar to OpenDNS that is dedicated to secure resolving and also malware/phishing protection.

It has a DNS address of 9.9.9.9 (Fully secured) and 9.9.9.10 (this one is without ANY filtering or security measures, meant for testing only!)

www.quad9.net

Seems like a worthy addition. They work together with IBM as well as few other well known companies like F-Secure.
 
Me too.

IPv4:
9.9.9.9 (primary)
149.112.112.112 (secondary)

IPv6:
2620:fe::fe (primary)
2620:fe::9 (secondary)

All ‘fully secured’.
Working well for me.
 
Quad9 has already been discussed multiple times (search the forum). Just add it as a custom provider.
 
And what would be the harm of adding it on the list? If stupid Comodo is on it, why can't be this one which is far more reliable?
 
Fair point. I suppose it depends on how popular it becomes. At the moment I don't think many people know about it.
 
I did some testing with Quad9, and the only problem I've seen is that sometimes it'll return nxdomain for a known valid domain, e.g. false positive.
 
sfx2000 said:
I did some testing with Quad9, and the only problem I've seen is that sometimes it'll return nxdomain for a known valid domain, e.g. false positive.
Click to expand...

Does it return nxdomain for blacklisted IPs?
 
RejZoR said:
I've recently found about a new secure DNS service similar to OpenDNS that is dedicated to secure resolving and also malware/phishing protection.

It has a DNS address of 9.9.9.9 (Fully secured) and 9.9.9.10 (this one is without ANY filtering or security measures, meant for testing only!)

www.quad9.net

Seems like a worthy addition. They work together with IBM as well as few other well known companies like F-Secure.
Click to expand...

I don't want to go over the top in adding new providers to that page, because there are just too many of them out there, and it will require me to actively keep that list up-to-date in case a service drops, changes, or has a licensing change that forbids including them in a router. I might take a look at this new service eventually, but it's not a priority as you can easily add it manually.
 
RMerlin said:
Does it return nxdomain for blacklisted IPs?
Click to expand...
https://quad9.net/#/faq#is-there-a-...a-user-might-get-if-they-go-to-a-blocked-site

Is there a URL we can check to see if a given domain is blocked, and what a user might get if they go to a blocked site?
If a site is blocked, users receive an “NXDOMAIN” response so the end use system acts like the domain does not exist. This may change in the future to point certain requests to a Quad9-operated information page, informing the user of the threat mitigation and additional information.
 
bluepoint said:
https://quad9.net/#/faq#is-there-a-...a-user-might-get-if-they-go-to-a-blocked-site

Is there a URL we can check to see if a given domain is blocked, and what a user might get if they go to a blocked site?
If a site is blocked, users receive an “NXDOMAIN” response so the end use system acts like the domain does not exist. This may change in the future to point certain requests to a Quad9-operated information page, informing the user of the threat mitigation and additional information.
Click to expand...

That would indeed point at a false positive in sfx's case then.
 
ColinTaylor said:
Quad9 has already been discussed multiple times (search the forum). Just add it as a custom provider.
Click to expand...

I hear you. I’m not fussed about Quad9 not being hard coded into the firmware, I’m happy to configure my own DNS options.

Until very recently I didn’t know Quad9 was out there.
For reliability reasons I avoid ISP DNS. Where I live Quad9 resolves considerably faster than any other public DNS I know of.

So, a useful discovery for me.
 
RMerlin said:
That would indeed point at a false positive in sfx's case then.
Click to expand...

The nxdomain observed was the captive portal at San Diego airport - on Mac, DNS can be manually set, and it's global - so I was testing Quad9 and forgot to remove it from the manual settings...
 
I see no point in adding Quad9 , it does almost nothing that is not already available.

I use DNSWATCH which provides No Logging and is DNSSEC enabled , coupled with ASUS AiProtection .

AiProtection gives you far more protection than Quad9.
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
S Route add via SSH - persistent-how? Asuswrt-Merlin 4
M [🙏 Feature request For Asus Merlin] Add Public WiFi Mode for GT-AX11000 Asuswrt-Merlin 7
TanyaC cannot add domain to router URL filter Asuswrt-Merlin 15
L Setting up 2 mac addresses to same IP in dnsmasq.conf.add Asuswrt-Merlin 6
CaptnDanLKW Simple Route Add Command Asuswrt-Merlin 9
L Openvpn internal error add route Asuswrt-Merlin 0
P Updating dnsmasq.conf.add does nothing Asuswrt-Merlin 6
P Catch all IPs from certain port and add them to ipset list? Asuswrt-Merlin 18
M Can't Add aiMesh Node to RT-AC68P running Merlin 386.7_2 Asuswrt-Merlin 11
Robert Tickle Why Can't I Add a 3rd AiMesh Node Asuswrt-Merlin 2

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 617 (members: 17, guests: 600)
Top