For those already familiar with the function of a proxy server, there’s a good chance that the mere mention of them brings up images ranging from, that of your friendly network engineer to those of steam pumpkin inspired hackers, brandishing ridiculous looking headgear. While these two extremes are not totally incorrect, they don’t exactly represent the entirety of the spectrum either. Originally proxy servers were instrumental in allowing multiple computers on a local network, to access the Internet without their IP addresses conflicting. But the invention of an IP remapping method known as Network Address Translation, allow this capability to be inexpensively integrated into routers.
Just because proxies are no longer needed to connect to the Internet, it doesn’t mean they have fallen completely out of use. It turns out that they are still quite a few functional roles that proxies can serve for the those operating on a network. One such role is “Squid Style Caching” which can be used to store things like frequently accessed online files, downloads, and updates. Eliminating the need for a network worth of users, to download said materials individually. This has the benefit of greatly increase in transfer speeds, because files are now taken from a private network instead of over the Internet. Proxy networks can be used in conjunction with special protocols to act as a security gate keeper, verifying or encrypting packets routed through it depending on their direction of travel.
Recent demands for increased security among businesses and individuals alike, has led to greater use of these services known as VPN’s, which businesses use in an effort to shield things like their customers’ monetary information or internal company data that they need to be able to access remotely, and individuals use for well, similar reasons. And also things like accessing online services that are region off, or squirting around overzealous governmental intrusion and censorship.
To better explain this aspect of proxy server functionality, we’ll turn to one of my ever popular analogies. Let’s say you’re a PCIP address sitting at your local Internet bar whatever, when suddenly you spy this beautiful forum website two doors down the street, in the window of a foreign bar. Now although theoretically you should be able to walk down, and take a peek at that foreign website content, in reality there’s a bouncer in their firewall who prevents you from entering.
What you have to do then is go next door, to your boy the proxy service place. He is able to let you slip into the foreign club through a side door. You can score that website binary digits and sneak back out, without them ever knowing where you came from.
With all that said, we painted proxy servers with a rainbow color brush so far. They’re not purely used as a force for good. While most people have honest intentions, when using proxy services to discreetly cruise the web. A small percentage of users including the fashionably challenged hackers, use them for attacks including what is referred to as a man in the middle attack to plant ransomware Trojans and other nasty malware.
It disguises an intrusion into a system as legitimate IP traffic originating from a proxy. This is particularly worrisome because it can end up painting a very large red target on those servers, which can contain big amounts of valuable information. While automated data caching can be tremendous, for reducing little headaches. The big headaches can result if your IT staff isn’t on the ball, and some compromised files slip through and push through an entire network.
[su_box title=”About David Balaban” style=”noise” box_color=”#336588″][short_info id=”64625″ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.