DefensiveSec

🛡️ Summary Password spraying attacks thrive on legacy protocols like Basic Authentication. While Microsoft disabled Basic Auth for most Exchange Online endpoints in 2022, SMTP AUTH remains a critical exception—and a prime target. This post explains why, and how to audit, restrict, and shut it down. 🔍 What Are Exchange Authentication Policies? Exchange authentication policies are configuration objects in Exchange Online that allow administrators to disable Basic Authentication per protocol for specific users or groups. These policies operate at the protocol layer , preventing Basic Auth requests from ever reaching Microsoft Entra ID. This is different from Conditional Access, which evaluates sign-in attempts at the identity layer . Authentication policies are more effective for legacy protocol hardening because they cut off Basic Auth at the source . 🔓 Why Basic Authentication Is Dangerous Sends credentials in plaintext (Base64), easily intercepted. Doesn’t support M...

🔐 Summary If you're running a UniFi Gateway and want to route traffic for specific domains (like geo restricted streaming) through a NordVPN tunnel, while using AdGuard Home for DNS filtering, this guide walks you through the full configuration — from VPN client setup to DNS forwarding and policy-based routing. In this post, I'll use  example.com  to represent a domain that I want to route across a VPN tunnel. Note: This method can work with any combination of VPN provider and External DNS.  If you're just using the Unifi GW for DNS, it's even simpler. 🧭 Overview Goal: Route all traffic to example.com  and its subdomains through NordVPN. Tools Used: UniFi Cloud Gateway (Next-Gen UniFi gateway or UniFi Cloud Gateway) NordVPN (OpenVPN) AdGuard Home (DNS filtering and conditional forwarding) 1. Configure NordVPN as a Client on UniFi Gateway ✅ UI-Based Setup (No SSH Required) Navigate to UniFi Network > Sett...