Home » Online security » Quad9 internet protection

Quad9 internet protection

This page contains the content from a Cheshire Police Alert supported by Action Fraud issued on 11 January 2018. It describes a useful technique that can be applied to a variety of computer systems to protect the user from known malicious web sites. This can prevent you inadvertently landing on a web site that is known to offer malware and other software that may be used to infect your computer or carry out fraud against you. If you should ever get malware attached to an email this protection can prevent the malware, phishing or botnet, from ‘calling home’ for its destructive instructions.

To apply the protection requires some changes to your network configuration. These are not difficult to carry out, even for the non-technical person. However, the instructions are not perfect for the Windows 10 user. If you wish to apply the change to a Windows 10 system please see my additional notes at the bottom. The Quad9 system instructions also refer only to IPv4 – that’s every system (don’t worry, you’ll see what that means when you watch the video!). They make no mention of IPv6 which is now coming into use. Again, I have added this in the notes at the bottom. I haven’t tried any of this on a Mac computer so I can’t say how good the instructions are, but the protection provided will be just the same. This change is very unlikely to slow down your access to web sites. I’m not aware of any means of applying this to smart phones or tablets at present because they don’t provide the necessary access to network configuration fields.
Tim Boddington 14/01/2018.

Additional notes

Windows 10 and IPv6

The notes and video above are not especially clear and miss out some detail which could lead to confusion, so I give here the sequence of clicks to be used –

  1. Click the Home button at the bottom left of your screen;
  2. In the left hand column click the Settings button (the cog wheel, 3rd one up on my system);
  3. Click on ‘Network & Internet’;
  4. Click on ‘Ethernet’;
  5. Click on ‘Change adapter options’;
  6. You may have more than one Ethernet device. Repeat the following items for each in turn;
  7. Right mouse click on the Ethernet device, and select ‘Properties’;
  8. In the list in the middle of the screen click on ‘Internet Protocol Version 4 (TCP/IPv4’;
  9. Click on ‘Properties’;
  10. In the lower part of the screen, click on ‘Use the following DNS server addresses:’. This will highlight the boxes below and put the cursor in the first box;
  11. Type  in the box and click OK at the bottom.
  12. This returns you to the previous screen. Once again in the list in the middle of the screen, you may need to scroll the list down, click on ‘Internet Protocol Version 6 (TCP/IPv6)’, this should also be ticked on the left;
  13. Click on ‘Properties’;
  14. In the lower part of the screen, click on ‘Use the following DNS server addresses:’. This will highlight the boxes below and put the cursor in the first box;
  15. Type  2620:fe::fe  in the box (I suggest you copy and paste, it’s so easy to miss that double ::) and click OK at the bottom.
  16. Click Close. Windows may indicate that it is trying to resolve a problem. Wait until it’s finished then clear the error page – there is no error.
  17. Repeat items 7 to 16 as necessary for other Ethernet devices.
  18. Check by going to your browser and loading any page. It should be just as before. The above changes will be providing you with invisible protection.

The seriously technically minded might like to read this from Arstechnica.