DNS

DNS

DNS, or Domain Name System, is the “phonebook of the internet” that translates human-friendly domain names, like www.google.com, into machine-readable IP addresses, such as 172.217.160.142. This process allows web browsers to connect to the correct server to display a webpage, making it possible to use easy-to-remember names instead of complex numbers.

DNS is unencrypted by default. Unencrypted DNS requests are sent in plain text, similar to a postcard, allowing third parties to monitor which websites you visit and even to manipulate your requests

Encrypted DNS

Encrypted DNS secures the connection between your device and the DNS resolver by encrypting DNS queries, which prevents third parties like your ISP from seeing what websites you are visiting. It uses protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT), which scramble the data to ensure privacy and integrity.

You should use encrypted DNS to protect your privacy and security by preventing your Internet Service Provider (ISP), network administrators, and others from seeing or tampering with your browsing activity.

The best way is to run your own DNS server at home, like on a Raspberry Pi, and then in your router’s LAN configuration point the DNS there to your DNS server. Then all your devices will be protected.

Quad9

Quad9 is a non-profit foundation based in Switzerland that provides a free public DNS (Domain Name System) service for enhanced cybersecurity and privacy. Headquartered in Zurich, the organization uses its Swiss base to ensure its operations are protected by strong privacy laws, which it extends to all users worldwide. It filters malicious domains to block malware, phishing, and spyware, and does not collect or sell user data.

We recommend using Quad9 for encrypted DNS.

IPv4
9.9.9.9
149.112.112.112
IPv6
2620:fe::fe
2620:fe::9
HTTPS
https://dns.quad9.net/dns-query
TLS
tls://dns.quad9.net