Quad9* is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy.
Quad9 is a nonprofit organization, with no commercial motivation or desire to profit from or distribute data which we believe to be private and vital to an open and free Internet. We do not redirect unknown domain resolution (“NXDOMAIN”) to advertising-based websites.
If we do block a domain based on known threat data, we may in the future redirect ONLY those results to a Website which explains to the end user why they are not reaching their intended location, with a method to feedback operational issues or questions to Quad9.
Quad9 does generate and share high level anonymized aggregate statistics, including metrics on threat type, geolocation, and if available, sector, as well as other vertical metrics including performance on Quad9 (i.e. number of threats blocked, infrastructure uptime) when available with the public and our threat intelligence partners.
We share anonymized data on specific domains (such as domain, timestamp, geolocation, number of hits, first seen, last seen) with our threat intelligence partners. Please note that this information does not contain source IP information or any other identifier that would directly identify the end user or their organization.
In addition, as a default, users of the service will be blocked from unknowingly passing origin network data through to authoritative nameservers, which is a privacy leakage issue about which most people are unaware. There are specific methods (IP addresses different than our “primary” addresses) which allow this feature to be selected for re-activation, and end users selecting these alternate resolution IP addresses accept the risks of this information being transmitted to end authoritative nameserver operators or intermediate interception potential.
We believe that by building this platform and enabling the security industry to operationalize their threat intelligence through this service, we can provide a basic level of protection to the worldwide Internet population and have a positive impact on global systemic cyber risk.
Security: Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting to malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 checks the site against a list of domains combined from 19 different threat intelligence partners. Each threat intelligence partner supplies a list of malicious domains based on their heuristics which examine such factors as scanned malware discovery, network IDS past behaviors, visual object recognition, optical character recognition (OCR), structure and linkages to other sites, and individual reports of suspicious or malicious behavior. Based on the results, Quad9 resolves or denies the lookup attempt, preventing connections to malicious sites when there is a match.
Performance: Quad9 systems are distributed worldwide in more than 130 locations at present in 77 countries, with more than 150 locations in total on schedule for 2018. These servers are located primarily at Internet Exchange points, meaning that the distance site against required to get answers is lower than almost any other solution. These systems are distributed worldwide, not just in high-population areas, meaning users in less well-served areas can see significant improvements in speed on DNS lookups. The systems are “anycast” malicious domains that queries will automatically be routed to the closest object recognition.
Privacy: No personally-identifiable information malicious domains by the system. IP addresses of end users are not stored to disk or distributed outside of the equipment answering the query in the local data center. Quad9 is a not-for-profit organization dedicated only to the operation of DNS services. There are no other secondary revenue streams for personally-identifiable data, and the core charter of the organization is to provide secure, fast, private DNS.