Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet...
-
Upload
austen-wilson -
Category
Documents
-
view
212 -
download
0
Transcript of Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet...
![Page 1: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/1.jpg)
Proxy Servers
![Page 2: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/2.jpg)
Introduction
• 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating directly, when in fact it all goes through the proxy
• 2. Works as a Disk Cache for faster retrieval of frequently requested information
![Page 3: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/3.jpg)
Firewall vs. Proxy Server
• Firewalls work at the Network layer and can block untrusted traffic
• Proxies work at the Application layer – and often map internal network addresses to single IP (NAT). This makes it difficult for outsiders to access internal IPs
• Can also be application specific: http – proxy, ftp-proxy, etc
![Page 4: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/4.jpg)
Circuit-level Proxy
• Works between Application and Transport layer
• Establishes a a virtual circuit between clients and untrusted hosts
• Lets software work as if it had a direct internet connection instead of forcing individual setup of each application
![Page 5: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/5.jpg)
Caching
• Works much like web browser caching, but for multiple users
• Significantly speeds up information retrieval (duh!) and takes load off of actual servers
• Read-ahead caching
• Last-modified multiplier
• Reverse caching
![Page 6: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/6.jpg)
Security Features
• NAT/NPAT
• Packet Sequencing
• Packet Filtering
![Page 7: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/7.jpg)
Modern Proxy
• Usually implemented inside of software suite as opposed to as a stand-alone product
![Page 8: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/8.jpg)
Risks
• Initial configuration – remember access controls
• No access controls leaves the possibility for portscans.
• Worst case – allows for reverse connections
• No need to portscan, however, a google search can find Open Proxies
![Page 9: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/9.jpg)
Proxy Abuse
• Open Proxy
• Simple method (from 2002): telnet to proxy, enter GET http://www.yahoo.com/ HTTP/1.0 – if page is returned, the proxy is ripe for abuse
• Anonymity value – how much does the HTTP header reveal about you?
![Page 10: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/10.jpg)
Examples
• [Wed Aug 21 09:00:46 2002] 80.178.71.x: HEAD http://www.israela.com/sr/0838ap10_thumb.jpmela HTTP/1.0 [Wed Aug 21 09:01:57 2002] 80.178.71.x: HEAD http://www.israela.com/keyz HTTP/1.0 [Wed Aug 21 09:02:59 2002] 80.178.71.x: HEAD http://www.israela.com/private/htpass HTTP/1.0 [Attacker trying to find vulnerable CGI scripts on a porn site]
![Page 11: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/11.jpg)
More Examples
• [Thu Aug 22 10:11:20 2002] 212.0.201.x: GET http://www.helllabs.com.ua/cgi-bin/textenv.pl HTTP/1.0 [Someone testing anonymity of the proxy]
• [Thu Aug 22 11:47:07 2002] 195.190.97.x: CONNECT http://login.icq.com:443/ HTTP/1.0 [Someone trying to hide their IP address on ICQ. Possible IM spammer]
![Page 12: Proxy Servers. Introduction 1. Acts as an intermediary between a private network and the internet – both client and remote host think they are communicating.](https://reader036.fdocuments.in/reader036/viewer/2022083005/56649f125503460f94c2563c/html5/thumbnails/12.jpg)
The End?