Proxy server , We’re all hearb about it, but what exactly it is, how is work and what are security problems we’ll face ? This series we are going to dicuss about proxy server.
Proxy: Some definitions
From wikipedia we have a overview some defintions:
A proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers
Type of proxies
An open proxy is a forwarding porxy servere that is accessible by any internet user.
A proxy server is a go‑between or intermediary server that forwards requests for content from multiple clients to different servers across the Internet. A reverse proxy is a proxy server that appears to clients to be an ordinary server. Requests are forwarded to one or more proxy servers which handle the request. The response from the proxy server is returned as if it came directly from the original server, leaving the client no knowledge of the origin servers. There are serveral reasons for installing reverse proxy servers:
* Encryption/SSL acceleration
* Load balancing
* Serve/cache static content
* Spoon feeding
* Extranet Publishing
Monitoring and filtering
Filtering of encrypted data
Bypassing filters censorshop
Loggin and eavesdropping
Accessing services anonymously
Implementations of proxies
Web proxy servers
Web proxies forward HTTP requests. Some web proxies allow HTTP CONNECT setup forwarding of arbitrary data through the connection.
Examples of web proxy servers include: Apache, Nginx, HAProxy, IIS, Varnish(reverse proxy only),etc.
A proxy is a program that acts as an intermediary between a client and server. SOCKS is a protocol that is independent of the application protocol, and is used to relay a TCP session via a proxy. SOCKS Version 5 adds additional support for security and UDP.
Also known as an intercepting proxy, inline proxy, or forced proxy, a transparent proxy intercepts normal communication at the network layer without requiring any special client configuration.
When a user makes a request to a web server, the transparent proxy intercepts the request to perform various actions including caching, redirection and authentication.
An anonymous CGI Proxy is a type of proxy server that works through an encrypted web form embedded on another web page hosted securely using SSL (Secure Socket Layering), also often called a “Web proxy”. CGIProxy is written in the Perl programming language.
A suffix proxy allows a user to access web content by appending the name of the proxy server to the URL of the requested content (e.g. “en.wikipedia.org.SuffixProxy.com”).
Tor oninon proxy software
It’s very polular if you are a pentester. Read my previous post here route-all-network-traffic-through-tor
I2P anonymous proxy
The I2P anonymous network (‘I2P’) is a proxy network aiming at online anonymity.
Proxy vs NAT
A DNS proxy server takes DNS queries from a (usually local) network and forwards them to an Internet Domain Name Server. It may also cache DNS records.
Find out more here
What is the difference between a proxy and a VPN ?
* Anyone with access to the stream of data (your ISP, your government, a guy sniffing the Wi-Fi traffic at the airport, etc.) can snoop on your traffic.
* Proxy server connections are configured on an application-by-application basis, not computer-wide.
* VPNs are set up at the operating system level
* This entire process is all passed through a heavily encrypted tunnel between your computer and the remote network
What is the difference between a proxy and a load balancer ?
Load balancing is one of the functionalities of reverse proxy, and reverse proxy is one of the softwares that can do load balancing.