Browsed by
Category: dns

Configuring Quad9 on pfSense

Configuring Quad9 on pfSense

Quad9 is a DNS platform that adds a layer of security. It does this via standard DNS queries/responses. Basically, if a machine on your network queries a known bad hostname, the Quad9 DNS server responds by stating that domain does not exist (NX DOMAIN or non-existent domain). If you would like a bit more info on Quad9 including some speed benchmarks against other DNS services, I would suggest an earlier article, Quad9 – First Thoughts & Benchmarks. This post is all…

Read More Read More

Quad9 – First Thoughts & Benchmarks

Quad9 – First Thoughts & Benchmarks

Changelog 29Nov2017 – Originally published 6Dec2017  – Provided download links to DNS Benchmark tool and associated ini file Quad9 is the collaboration of IBM X-Force, PCH, and Global Cyber Alliance. It provides a DNS platform that combines high performance with security by blocking known malicious domains. At the time of this writing, Quad9 was using 19 threat feeds. I’m not going to get into the marketing speak because quite frankly, enough folks cover that well enough. Quad9 Main Site New…

Read More Read More

Testing SPF, DKIM, and DMARC

Testing SPF, DKIM, and DMARC

If you are interested in a step-by-step implementation of SPF, DKIM, and DMARC, there’s a post for that! It’s on this site as well and it will walk you through the entire process. https://www.linuxincluded.com/implementing-spf-dkim-and-dmarc/ Before you jump into testing SPF, DKIM, or DMARC, you need to verify where your authoritative DNS nameservers are. The easiest way to do this is by going to a Linux command line and performing a whois. # whois linuxincluded.com   Domain Name: LINUXINCLUDED.COM   Registry Domain ID: 1985890536_DOMAIN_COM-VRSN   Registrar WHOIS…

Read More Read More

Implementing SPF, DKIM, and DMARC

Implementing SPF, DKIM, and DMARC

If you made it here, you might not be interested in the why’s of implementing the holy trinity of anti-email spoofing. However, if you’re still uncertain whether you should or shouldn’t, just do it! With the guide below, you’ll see it isn’t all that difficult and when used together, they provide great benefits like brand protection, reducing a phishing attack vector, less chance of your legitimate marketing emails ending up in spam, etc. It also makes you and your domain a…

Read More Read More

Dynamic DNS… With Google Domains?

Dynamic DNS… With Google Domains?

I recently switched all of my domains over to Google Domains. While I didn’t have an issue with my previous domain registrar, I wanted to try something new. The primary allure of moving to Google Domains was the fact that private info domain registrations cost nothing additional over public registrations. I’ve never experienced issues as a direct result of public registrations… most likely because I always created email aliases instead of using actual email addresses. Regardless, I haven’t felt completely at…

Read More Read More