Some personal reflections of dealing with phishing sites:
- Reporting them to security vendors is nearly useless. Google Safebrowsing, Microsoft Smartscreen, Virustotal, safeonweb.be, Netcraft: even one day later no effect.
- Public protective DNS resolvers like Quad9 don't help. Domain still resolves next day.
- Most of phishing websites are protected by Cloudflare and they don't care at all. It's a source of revenue for them.
Well, that was interesting. I switched over to #NextDNS from #Quad9, since #Mikrotik doesn't support http2 doh. That was fine, but I then noticed that the vast majority of my requests to NextDNS were for my local hostnames! Digging... digging... found it. I don't use IPv6 internally and don't define AAAA records internally. Clients ask for both A and AAAA from a blind assumption of dual-stack. To resolve, I just set a wildcard AAAA static record for my subdomain to be ::100. It worked. 🤔
#quad9 doh service is down hard for me in Japan. Maybe I need to look into an alternative. Or go back to running unbound.
another #caturday
doh-sg.blahdns.com 直接 NXDOMAIN
發現以下也遭殃
dns.adguard.com #adguard
dns.quad9.net #quad9
The domain doh-sg.blahdns.com was blocked under Taiwan’s RPZ policy, which is enforced for crime prevention, including the mitigation of fraud and other illegal activities.
@MissConstrue Also, bear in mind that one can set system-wide secure #DNS with filters against malwaretisement ads. #Quad9 and #Mullvad have the best ones.
https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
Muthar made a very good video about this.
https://mas.to/@nemo/115681313039335785
It is also very important that governments should not meddle with independent DNS providers to make them their bouncers/enforcers/police.
#Quad9 #DNS has been awful lately for UK users.
Finally found the reason thanks to this reddit post: https://www.reddit.com/r/Quad9/comments/1pc9fus/comment/nryr38r/
Too late for me as I've already switched DNS provider. The lack of comms on a status page left me wondering if it was my setup or wifi. #ItWasDNS
🎉 #Quad9 has finally decided to retire something nobody even knew existed! 🚀 By December 2025, HTTP/1.1 will be laid to rest, and Quad9 will bravely venture into the future of internet protocols...with the speed of a sloth on a lazy Sunday. 🤦♂️
https://quad9.net/news/blog/doh-http-1-1-retirement/ #HTTP1.1 #Retirement #InternetProtocols #FutureOfTech #SlothSpeed #HackerNews #ngated
📬 EU will DNS-Anbieter zur Piraterie-Polizei machen
#Kommentar #Netzpolitik #DNSAnbieter #DNSResolver #DNSforge #offenerBrief #PirateriePolizei #Quad9 https://sc.tarnkappe.info/ca82c1
Quad9 DOH HTTP/1.1 Retirement, December 15, 2025
https://quad9.net/news/blog/doh-http-1-1-retirement/
#HackerNews #Quad9 #DOH #HTTP/1.1 #Retirement #December #15 #2025 #Cybersecurity #DNS #Privacy #TechNews
🌘 Quad9 將於 2025 年 12 月 15 日淘汰 DNS-over-HTTPS (DoH) 的 HTTP/1.1 支援
➤ 預告服務轉型:DNS-over-HTTPS 將告別 HTTP/1.1
✤ https://quad9.net/news/blog/doh-http-1-1-retirement/
Quad9 公告將於 2025 年 12 月 15 日停止支援使用 DNS-over-HTTPS (DoH) 的 HTTP/1.1 協定。此舉預計不會影響大多數使用最新瀏覽器和作業系統的用戶,但部分較舊或不符合標準的設備或軟體可能因此無法使用 DoH,需轉為使用未加密 DNS 或 DNS-over-TLS。Quad9 解釋此決策是為了簡化技術堆疊、降低維護成本,並為未來支援更多新協定騰出資源,同時也提及 HTTP/1.1 存在速度和安全風險。 MikroTik 設備是目前已知受影響的主要平臺,Quad9 已與其溝通,但尚未收到更新計畫。
+ Quad9 的決定是可以理解的,畢竟支援舊協定確實會增加維護負擔。希望
#網路安全 #DNS #DoH #HTTP1.1 #Quad9
Quad9 DOH HTTP/1.1 Retirement, December 15, 2025
https://quad9.net/news/blog/doh-http-1-1-retirement/
#ycombinator #quad9 #public_dns #dns #privacy #security
The technical version, where "pc" is a desktop client and "ns1" is the Pi-hole name server:
https://gist.github.com/AJCxZ0/8dfc6e5799f07994ac900dd70f34c98f
Note that the public name service (Quad9) is needed, as ns1 gets DNS from DHCP, which is itself.
This includes the addition of the Netdata client with a three minute startup delay.
Had awful DNS timeout issues this week. I was using #Quad9 as the #DNS provider on my pihole and changing to another DNS provider resolved the issue. Colleague (also UK based, also Ipv4 only) had the same problem. Just in case anyone else is experiencing the same issue. Not sure if the issue is localised to a particular region or not.
"When Enforcing #Copyright Starts Breaking the Internet’s Plumbing"
(Where it should be used to break #AI.)
https://quad9.net/news/blog/when-enforcing-copyright-starts-breaking-the-internets-plumbing/
📬 Rechtsdurchsetzung geistigen Eigentums für Quad9 existenzbedrohend
#Internet #Netzpolitik #Betriebskosten #DNSResolver #Kollateralschäden #Netzneutralität #Quad9 #Rechteinhaber #Zensur https://sc.tarnkappe.info/123ed9
😱 Oh no, the sky is falling! #Quad9, a tiny #DNS provider, is trembling because the pirate-hunting legal eagles decided to pick on someone their own size. Guess nobody told them that playing David against Goliath isn't a get-rich-quick scheme. 🏹😂
https://torrentfreak.com/dns-provider-quad9-sees-piracy-blocking-orders-as-existential-threat/ #DavidVsGoliath #legalbattle #cybersecurity #HackerNews #ngated
DNS Provider Quad9 Sees Piracy Blocking Orders as "Existential Threat"
https://torrentfreak.com/dns-provider-quad9-sees-piracy-blocking-orders-as-existential-threat/
#HackerNews #DNS #Quad9 #Piracy #Blocking #Existential #Threat #Cybersecurity
DNS Provider Quad9 Sees Piracy Blocking Orders as “Existential Threat”
https://torrentfreak.com/dns-provider-quad9-sees-piracy-blocking-orders-as-existential-threat/
#SiteBlocking #siteblocking #Anti-Piracy #quad9
