Ressources >> Outils >> Informatique et SEO >> Zonecheck
Quad9 is a free service that replaces your default ISP or enterprise Domain Name Server (DNS) configuration. When your computer performs any Internet transaction that uses the DNS (and most transactions do),
Quad9 blocks lookups of malicious host names from an up-to-the-minute list of threats. This blocking action protects your computer, mobile device, or IoT systems against a wide range of threats such as malware, phishing, spyware, and botnets, and it can improve performance in addition to guaranteeing privacy.
The Quad9 DNS service is operated by the Swiss-based Quad9 Foundation, whose mission is to provide a safer and more robust Internet for everyone.
OpenDNS FamilyShield is a free DNS service by Cisco that automatically blocks adult content and malicious sites without requiring any setup or account. It is designed for quick, easy protection, especially for families and home users.
Cloudflare Gateway DNS (1.1.1.2/1.1.1.3) is a secure DNS resolver that blocks malware, phishing, and unwanted content. It offers a free basic version for individuals and paid plans with advanced security features for businesses.
NextDNS is a secure and configurable DNS resolver that blocks malware, trackers, ads, and unwanted content. It offers a free tier with limited queries and paid plans for full protection, advanced filtering, and detailed analytics.
Cisco Umbrella DNS Resolver is an enterprise-grade DNS filtering solution that provides DNS-layer protection using extensive threat intelligence. It blocks malicious domains and enforces security policies, with basic DNS security in free versions and full enterprise features in paid plans.
AdGuard DNS — Offers free DNS servers with blocking for ads, trackers, and malicious sites.
CleanBrowsing — Provides free DNS filters focused on security, adult content blocking, and family-safe browsing.
Neustar UltraDNS Public — Offers a free, secure DNS service focused on protection against malware and phishing (less popular today, but still active).
For full, complex enterprise security (with integration, policy management, internal DNS security, etc.), Enterprise DNS Security Solutions are needed like:
DNS Firewalls intercept and block harmful DNS queries at the network level.
Infoblox DNS Firewall — One of the leading enterprise DNS firewall solutions, providing internal DNS threat protection, policy enforcement, and malware domain blocking.
BlueCat DNS Edge — Focused on internal DNS control, segmentation, and detection of suspicious DNS queries inside corporate environments.
Cisco Umbrella — While known for DNS-layer security, it also acts as a DNS firewall by enforcing domain-based security policies across users and devices.
Akamai Enterprise Threat Protector — Offers DNS firewall capabilities combined with web security and threat intelligence, protecting users before threats reach endpoints.
Cloudflare Gateway DNS — Provides DNS firewall services through malware and content blocking at the DNS resolution level, with centralized policy management.
DNS Monitoring and Analytics detect abnormal or malicious DNS behavior.
Splunk (with DNS monitoring apps) — Powerful platform to collect, analyze, and detect anomalies in DNS traffic across large networks.
Infoblox BloxOne Threat Defense — Provides detailed DNS analytics, threat detection, and automated response based on DNS behavior.
Cisco Secure Analytics (formerly Stealthwatch) — Monitors DNS traffic to detect threats like domain generation algorithms (DGAs) or exfiltration.
Palo Alto Networks Cortex XSIAM (with DNS analytics modules) — Uses machine learning to identify DNS anomalies linked to threats.
Corelight (Zeek-based sensors) — Network security monitoring platform that deeply analyzes DNS transactions and flags suspicious patterns.
DNS Threat Intelligence Feeds provide updated lists of dangerous domains.
Here are the main DNS Threat Intelligence Feeds used by cybersecurity teams:
Cisco Talos Intelligence — Provides extensive real-time threat data, including malicious domain lists.
Palo Alto Networks Unit 42 Threat Intelligence — Offers domain-based threat indicators integrated into security platforms.
Recorded Future — Supplies threat feeds with detailed risk scores on domains, IPs, and related infrastructure.
ThreatConnect — Aggregates and enriches domain reputation data for automated security decisions.
Anomali ThreatStream — Provides feeds of malicious domains and supports integration with SIEMs and firewalls.
Proofpoint Emerging Threats Intelligence — Includes domain threat lists focused on malware, phishing, and botnets.
IBM X-Force Exchange — Delivers curated threat intelligence, including high-risk domain data.
Spamhaus Domain Blocklists — Well-known blocklists identifying spam and malware-related domains.