While reviewing the logs of my OpenVPN server recently, I noticed a series of suspicious looking entries that indicated that it was being used as part of a UDP reflection attack. Thankfully this is pretty straightforward to block using the built in functionality of OpenVPN and/or firewall software such as nftables. I'll cover both approaches here.
Enabling multi-factor authentication (MFA) is one of the single most effective steps you can take to protect your online accounts against unauthorised access. Combining something you have (a device or smartcard) or something you are (biometrics) with something you know (your password) ensures that if your password falls into the hands of an attacker, whether through a security breach, malware, or brute force guessing, then they still won't be able to get access to your account.
Recently I've been trying to make some improvements to sites that I'm ivolved with, particularly converting images to SVG format and implementing HTTP Content Security Policy (more to come on those later). While doing so I ran into a strange issue to do with how Microsoft Edge handles the combination of these two technologies which only seems to be documented in an Edge bug report.
In order to combat spam and fraudulent email it's become common practice to deploy technologies such as SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to provide a means for receivers to verify whether a message is from who it claims to be. Unfortunately, these are not foolproof and can still allow fraudulent messages to slip through. There's also no way of knowing what a receiver will do with messages that fail these checks and no way of knowing how effective they are. DMARC (Domain-based Message Authentication, Reporting and Conformance) goes some way towards improving this.
