Report About Proxy Server

Student Name :
Antonios Mounir Fahmy

Department:
Software Engineering

Dr :
Dalia
Thanks in advance
 Proxy Server

A proxy server is a dedicated computer

or a software system running on a
computer that acts as an intermediary
between an endpoint device, such as a
computer, and another server from
which a user or client is requesting a
service. The proxy server may exist in
the same machine as a firewall server or
it may be on a separate server, which
forwards requests through the firewall.

An advantage of a proxy server is that

its cache can serve all users. If one or
more Internet sites are frequently
requested, these are likely to be in the
proxy's cache, which will improve user
response time. A proxy can also log its
interactions, which can be helpful
for troubleshooting.

How proxy servers work

When a proxy server receives a request for
an Internet resource (such as a Web page), it
looks in its local cache of previously pages.
If it finds the page, it returns it to the user
without needing to forward the request to
the Internet. If the page is not in the cache,
the proxy server, acting as a client on behalf
of the user, uses one of its own IP
addresses to request the page from the server
out on the Internet. When the page is
returned, the proxy server relates it to the
original request and forwards it on to the
user.
Proxy servers are used for both legal and
illegal purposes. In the enterprise, a proxy
server is used to facilitate security,
administrative control or caching services,
among other purposes. In a personal
computing context, proxy servers are used to
enable user privacy and anonymous surfing.
Proxy servers can also be used for the
opposite purpose: To monitor traffic and
undermine user privacy.

To the user, the proxy server is invisible; all

Internet requests and returned responses
appear to be directly with the addressed
Internet server. (The proxy is not actually
invisible; its IP address has to be specified
as a configuration option to the browser or
other protocol program.)

Users can access web proxies online or

configure web browsers to constantly use a
proxy server. Browser settings include
automatically detected and manual options
for HTTP, SSL, FTP, and SOCKS proxies.
Proxy servers may serve many users or just
one per server. These options are called
shared and dedicated proxies, respectively.
There are a number of reasons for proxies
and thus a number of types of proxy servers,
often in overlapping categories.

Forward and reverse

proxy servers
Forward proxies send the requests of a
client onward to a web server. Users access
forward proxies by directly surfing to a web
proxy address or by configuring their
Internet settings. Forward proxies allow
circumvention of firewalls and increase the
privacy and security for a user but may
sometimes be used to download illegal
materials such as copyrighted materials or
child pornography.

Reverse proxies transparently handle all

requests for resources on destination servers
without requiring any action on the part of
the requester.

Reverse proxies are used:

 To enable indirect access when a website

disallows direct connections as a security
measure.
 To allow for load balancing between
severs.
 To stream internal content to Internet
users.
 To disable access to a site, for example
when an ISP or government wishes to
block a website.
Sites might be blocked for more or less
legitimate reasons. Reverse proxies may be
used to prevent access to immoral, illegal or
copyrighted content. Sometimes these
reasons are justifiable and sometimes they
are not. Reverse proxies sometimes prevent
access to news sites where users could view
leaked information. They can also prevent
users from accessing sites where they can
disclose information about government or
industry actions. Blocking access to such
websites may violate free speech rights.

Other types of proxy servers

Transparent proxies are typically found
near the exit of a corporate network. These
proxies centralize network traffic. On
corporate networks, a proxy server is
associated with -- or is part of --
a gateway server that separates the network
from external networks (typically the
Internet) and a firewall that protects the
network from outside intrusion and allows
data to be scanned for security purposes
before delivery to a client on the network.
These proxies help with monitoring and
administering network traffic as the
computers in a corporate network are
usually safe devices that do not need
anonymity for typically mundane tasks.

Anonymous proxies hide the IP address of

the client using them allow to access to
materials that are blocked by firewalls or to
circumvent IP address bans. They may be
used for enhanced privacy and / or
protection from attack.

Highly anonymous proxies hide even the

fact that they are being used by clients and
present a non-proxy public IP address. So
not only do they hide the IP address of the
client using them, they also allow access to
sites that might block proxy servers.
Examples of highly anonymous proxies
include I2P and TOR.

Socks 4 and 5 proxies provide proxy

service for UDP data and DNS look up
operations in addition to Web traffic. Some
proxy servers offer both Socks protocols.

DNS proxies forward domain name service

(DNS) requests from LANs to Internet DNS
servers while caching for enhanced speed.
Proxy hacking
In proxy hacking, an attacker attempts to
steal hits from an authentic web page in a
search engine's index and search results
pages. The proxy hacker would have a either
a fraudulent site emulating the original or
whatever they felt like showing the clients
requesting the page.
Here's how it works: The attacker creates a
copy of the targeted web page on a proxy
server and uses methods such as keyword
stuffing and linking to the copied page from
external sites to artificially raise its search
engine ranking. The authentic page will rank
lower and may be seen as duplicated
content, in which case a search engine may
remove it from its index.

This form of hacking can be also be used to

deliver pages with malicious intent. Proxy
hacking can direct users to fake banking
sites, for example, to steal account info
which can then be sold or used to steal funds
from the account. The attacker can also use
the hack to direct users to a
malware-infected site to compromise their
machines for a variety of nefarious
purposes.
Some means have been developed to
compromise proxy abilities. Specially
crafted Flash and Java apps, Javascript, Acti
ve X and some other browser plugins can be
used to reveal a proxy user’s identity, so
proxies should not be used on untrusted sites
or anywhere that anonymity is important.

Website owners who suspect they have been

the victim of a proxy hack can test the
theory by searching for a phrase that would
be almost uniquely identifying to the site.
Their site should be prominent on the search
engine results page (SERP). If a second site
with the same content shows up, it may be a
proxy page.
Proxy server security
Proxy servers in many forms enhance
security but like many things in computing
may be vulnerable themselves. To
prevent DoS attacks and network intrusion,
administrators should keep software up to
date, use load balancing, enforce secure
authorization and authentication and block
unsolicited traffic, malicious and open
proxies.

End of report .