Translate

Wednesday, 16 November 2016

Where is Proxy Server used??

Where is a Proxy server used?

Proxy servers are used for several purposes. If it is used as a caching web proxy, it can dramatically improve performance of a web response. When a request is made by a client, a caching proxy returns response directly from its cache if the document already exists. Otherwise, it makes the request to the real server, returns the result, and save it in its cache for later use.
Proxy servers are also used as "web proxies" to filter web page contents. An organization or company may use a proxy server to block offensive web contents from viewed by the users. Considering the growing need within organizations to prevent employees from accessing specific websites, such as facebook.com, proxy servers are being deployed across the computers connected to the intranet. Some web proxies are able to reformat web pages to suit a specific set of audience, or cater certain organizational or personal internet usage purposes. Further, web proxies can be used to prevent the attack of computer viruses and malware, as well as other hostile content transferred across the internet web pages. However, users can also use web proxy servers to access those blocked sites indirectly. These web proxies are built with PHP or CGI to implement the proxying functionality, and provide web access to those sites blocked by corporation and school proxies. Moreover, Internet Service providers (ISPs) may also use proxies to block computer viruses and other offensive contents.
There are several advantages of Proxy servers. We intend to provide some of the most basic uses of proxy servers.
Performance Improvement:
Proxy servers also contribute to improved web performance since the results of the user requests are saved in cache memory for a set period of time. This is achieved with the help of a caching proxy server, which could save a large amount of time while catering to the requests from a vast user load. A caching proxy server maintains a local copy of frequently requested web content. Hence, it can accelerate service requests by retrieving content from the cache memory, if it had already been requested by another client on the same network. This feature contributes to a significant reduction in upstream bandwidth usage and costs for large organizations with thousands of employees.
Monitoring and Filtering User Requests:
As discussed earlier, web proxies can be used to filter user requests, and block certain content or web pages from being accessed. This can be achieved with the help of a content-filtering web proxy server that differentiates the users’ level of control over the content, based on the user type - Guest or Administrator.
Content-filtering proxies are generally used in organizations and educational institutions with strict internet-usage policies. Blocking certain websites, and restricting access to specific key words and censoring undesirable content are some of the basic features provided by content-filtering or web-filtering proxies. However, there are certain web proxies that are used to bypass geo-restrictions and censorship regulations by using certain advanced services that help access resources from blacklisted web locations.
Anonymous Browsing:
An anonymous proxy server is another type of web proxy that anonymizes users' online activities. This type of proxy server directs the user requests to a destination server, which ultimately has no knowledge of the source of the request. Only the proxy is aware of the source of the request, including the user IP address and location.
Advertisements targeting specific geographical regions Web Proxies can also be used to validate and verify geo-targeted advertisements. Servers of such ads validate the source IP address of the user request, and determine the geographic location of the request with the help of a geo-IP database. The user requests are responded via proxy servers that are located within the respective geographical location, to ensure that advertisements displayed are purely relevant to the users’ location.
Translation:
Considering the global audiences, translation proxies have been developed to localize/translate the content of a source website into a local language of the client computer. Responses for requests sent by local users are replaced with translated content from the source website, and passed back through the proxy server. Some translation proxies also provide additional services such as excluding source content or substituting source content with original local content.

Conclusion



The most popular proxy server used today is a Web Proxy, and it is used to filter contents and allow anonymous browsing. Being able to unblock geo-restricted content is also a wide used application for using public web proxies. Although proxies provide anonymous browsing and content filtering, they are mostly limited to web browsing and also lack security. For secure and encrypted communication with privacy protection, we recommend VPN solution.

Monday, 14 November 2016

Proxy Server and its uses

A proxy or proxy server is basically another computer which serves as a hub through which internet requests are processed. By connecting through one of these servers, your computer sends your requests to the proxy server which then processes your request and returns what you were wanting. In this way it serves as an intermediary between your home machine and the rest of the computers on the internet. Proxies are used for a number of reasons such as to filter web content, to go around restrictions such as parental blocks, to screen downloads and uploads and to provide anonymity when surfing the internet.

Why Use a Proxy?
If you are wanting to surf the web anonymously then proxies can provide you with a means to hide your home IP address from the rest of the world. By connecting to the internet through proxies, the home IP address of your machine will not be shown but rather the IP of the proxy server will be shown. This can provide you with more privacy then if you were simply connecting directly to the internet. There are number of proxies that can provide you with service. You can find a list of these simply by typing "Proxy List" into any search engine. There are some proxies which are free and some which charge money, the choice is up to you but we have found that the paid proxies are more reliable, faster and more secure.

What is a proxy server?


Proxy server is a computer that sits between a client computer and the Internet, and provide indirect network services to a client. It may reside on the user's local computer, or at various points between the user's computer and destination servers on the Internet. A proxy server intercepts all client requests, and provide responses from its cache or forwards the request to the real server. A client computer is connected to the proxy server, which acknowledges client requests by providing the requested resource/data from either a specified server or the local cache memory. Client requests include files or any other resources available on various servers.

Types of Proxy Servers
Proxy servers are classified into several types based on purpose and functionality. Some of the most common types and their uses can be described as below:

Web Proxy is the most common type of proxy application, which responds to the user requests by accessing resources from cached web pages and files available on remote web servers. This facilitates quick and reliable access to data for local network clients. If the requested resource is not found in the cache, then a web proxy fetches the file from the remote server, and saves a copy in the cache before returning it to the client.
Transparent Proxy is mostly used for caching websites and overcoming simple IP bans. However, such proxies do not provide any user anonymity since user’s original IP address is exposed. Transparent proxies are not specifically configured on the client computers.
Anonymous proxies do not hide the original IP address of the user; however, they provide adequate anonymity to most users. Anonymous proxies are easily detectable.
distorting proxy, identifies itself as a proxy server, and modify the HTTP headers to disguise the original IP address.
Tunneling proxies are capable of passing client requests and return responses without making any modifications. These are also referred to as gateway proxies.
forward proxy responds to client requests by retrieving data from a wide range of sources on the internet. It is also referred to as an Internet-facing proxy.
Open proxies belong to the category of forwarding proxy servers, which are accessible by any internet user since they can receive and return requests from any client computer. Meanwhile, anonymous open proxies are used for user anonymity to conceal the IP address.
Reverse proxies, also known as surrogates, usually receive requests from the Internet and forward them to internal network servers. A reverse proxy server forwards requests to one or more proxy servers, whose response is returned to the client computer, the user of which has no knowledge on the origin of the response.

Sunday, 30 October 2016

Configure Network Load Balancing (NLB) based cluster of VPN Servers

How network load balancing cluster enhances scalability of vpn server?
To create a NLB VPN cluster each host runs Remote Access (VPN) Service & NLB Service. NLB allows all of the computers in the cluster to be addressed by the same cluster IP address. NLB distributes incoming client requests across the vpn servers in the cluster. The load weight to be handled by each vpn server can be configured as necessary. You can also add a vpn server dynamically to the cluster to handle increased load. In addition, NLB can direct all traffic to a designated single vpn server, which is called the default host.
How network load balancing cluster ensures high availability of vpn server?
When a vpn server fails or goes offline, active connection to the failed or offline server are lost. But new connection request is automatically redistributed among the vpn servers that are still operating. However, if you bring a host down intentionally, you can use “drainstop” command to service all active connection prior to bringing the computer offline. Drainstop allows the host to continue surviving active connections but disables all new traffic to that host.
How to configure a NLB cluster?
To configure the Network Load Balancing (NLB) cluster, you must configure three types of the parameters:

  • Host parameters, which are specific to each host in a NLB cluster.
  • Cluster parameters, which apply to an NLB cluster as a whole.
  • Port rules, which control how the cluster functions. By default, a port rule equally balances all TCP/IP traffic across all servers.
In the following section we will describe step by step guide to deploy an nlb cluster of vpn servers for test lab.


Verification step to make sure vpn server is configured properly before installing nlb:

1. Assign satic ip to vpn-server1 (say 201.0.0.1), vpn-server2 (say 201.0.0.2) [Note: NLB does not support DHCP. NLB disables DHCP on each interface that it configures, so the IP addresses must be static]
2. Ensure client is able to make vpn connection to both the servers for different tunnel types (PPTP, L2TP, SSTP or IKEv2).
Install & Configure NLB in vpn-servers:

3. Install NLB in vpn-server1 & vpn-server2.
4. Create a new cluster using the NLB manager [Open nlbmgr.msc (in Administrative tools)] of vpn-server1 according the steps mentioned below. Add host to the cluster, choose priority of the host & assign cluster IP (say 201.0.0.11).
a) Add new host to the cluster:
Give host name or ip address and select the interface of the host for configuring cluster.
Select cluster operation mode as unicast to specify that a unicast media access control (MAC) address should be used for cluster operation. In this mode, the MAC address of the cluster is assigned to the network adapter of the computer, and the built-in MAC address of the network adapter is not used. Unicast is the default setting for Cluster operation mode.
 5) Configuring Port Rules:

· Select Affinity Single or Network to ensure that all network traffic from a particular client is directed to the same host.
· Select Filtering mode to Multiple hosts or Single host considering the following:
 The Multiple hosts parameter specifies that multiple hosts in the cluster will handle network traffic for the associated port rule. This filtering mode provides scaled performance and fault tolerance by distributing the network load among multiple hosts. You can specify that the load be equally distributed among the hosts or that each host will handle a specified load weight.
 The Single host parameter specifies that network traffic for the associated port rule be handled by a single host in the cluster according to the specified handling priority. This filtering mode provides port specific fault tolerance for handling network traffic.

6. Ensure both the server got same MAC Address for that interface & Cluster IP. [Note: NLB automatically instructs the driver that belongs to the cluster adapter to override the adapter’s unique, built-in network address and to change its MAC address to the cluster’s MAC address. This is the address used on all cluster hosts.]
Verification after configuring nlb cluster for vpn server:
7. Make Connection from the client using Cluster IP. Connection should succeed & it should be connected to high priority server (vpn-sever1 in this case).
8. Give nlb drainstop on vpn-server1.
9. Drainstop allows the host to continue surviving active connections but disables all new traffic to that host. All new connections should go to vpn-server2.
10. Give nlb drainstop on the vpn-server2.
11. Now all new connections should fail since both the servers are in “drainstop” mode.
12. Give nlb start.
13. Client should be able to connect to vpn-server1.

Wednesday, 26 October 2016

VPN configurations for Firewall

When designing a virtual private network (VPN) remote access solution that involves network firewalls, you typically choose between the following two options for server placement. Each option has different design requirements.
  • VPN server behind a firewall.The firewall is attached to the Internet, with the VPN server between the firewall and the intranet. This is the placement used in a typical perimeter network configuration, in which one firewall is positioned between the VPN server and the intranet and another firewall is positioned between the VPN server and the Internet.

  • VPN server in front of a firewall. The VPN server is connected directly to the Internet, with the firewall between the VPN server and the intranet.

VPN server behind a firewall

In the configuration shown in the following figure, the firewall is connected to the Internet and the VPN server is an intranet resource on the perimeter network. The perimeter network is an IP network segment that typically contains resources available to Internet users, such as Web servers and FTP servers. The VPN server has an interface on both the perimeter network and on the private intranet.
In this approach, the firewall must be configured with input and output filters on its Internet and perimeter network interfaces to allow the passing of tunnel maintenance traffic and tunneled data to the VPN server. Additional filters can allow the passing of traffic to Web servers, FTP servers, and other types of servers on the perimeter network. As an added layer of security, the VPN server should also be configured with Point-to-Point Tunneling Protocol (PPTP), Secure Socket Tunneling Protocol (SSTP), or Layer Two Tunneling Protocol (L2TP)/Internet Protocol security (IPsec) packet filters on its perimeter network interface as described in “VPN server in front of a firewall” in this topic.
Because the firewall does not have the encryption keys for each VPN connection, it can only filter on the plaintext headers of the tunneled data, meaning that all tunneled data passes through the firewall. However, this is not a security concern because the VPN connection requires an authentication process that prevents unauthorized access beyond the VPN server.

Packet filters for a VPN server behind a firewall

If the VPN server is behind a firewall, packet filters must be configured for both an Internet interface and a perimeter network interface. In this scenario, the firewall is connected to the Internet and the VPN server is an intranet resource that is connected to the perimeter network. The VPN server has an interface on both the perimeter network and the Internet.
VPN server in front of a firewall.
With the VPN server in front of the firewall and connected to the Internet, as shown in the following figure, administrators need to add packet filters to the Internet interface that allow only VPN traffic to and from the IP address of the VPN server’s interface on the Internet.
For inbound traffic, when the tunneled data is decrypted by the VPN server, it is forwarded to the firewall, which uses its filters to allow the traffic to be forwarded to intranet resources. Because the only traffic that is crossing the VPN server is traffic generated by authenticated VPN clients, firewall filtering in this scenario can be used to prevent VPN users from accessing specified intranet resources.
Because the only Internet traffic allowed on the intranet must go through the VPN server, this approach also prevents the sharing of intranet resources with non-VPN Internet users.

When a VPN server is in front of a firewall and connected to the Internet, inbound and outbound packet filters on the VPN server must be configured to allow only VPN traffic to and from the IP address of the VPN server’s Internet interface. Use this configuration if the VPN server is in a perimeter network, with one firewall positioned between the VPN server and the intranet and another between the VPN server and the Internet.

Sunday, 16 October 2016

Which VPNs Are The Best?

Which VPNs Are The Best?

When we ran our recent Hive Five on VPN service providers, we heard from VPN providers begging to be included, angry CEOs who claimed their company was maliciously left out, and others accusing some of the contenders of illegal or unethical behavior. We took at look at the poll and the claims, and while there's no definitive proof the poll was gamed, we decided to come up with our own top five, based on our own research rather than reader feedback, that are great whether you're the privacy advocate, the student, or the downloader.

Private Internet Access

Supports: Windows, OS X, Linux, iOS, Android
Protocols: SSL, PPTP, IPSec, and L2TP. You can also configure Private Internet Access to work on your DD-WRT or Tomato router (via SSL/OpenVPN) for constant security.
Home Country: United States, and has exit servers in the US, Canada, the UK, Switzerland, Romania, and the Netherlands.
Logging Policies: The service keeps no logs of your activity whatsoever (in fact, the only things they do keep are your email address and payment information,) uses shared IPs, and has committed to keeping your data private.

proXPN

Supports: Windows, OS X, iOS
Protocols: SSL, PPTP.
Home Country: United States, with exit servers in the US, The Netherlands, Singapore, and the UK.
Logging Policies: proXPN keeps minimal logs of your activity. proXPN collects your email address, payment information (if you're a premium user,) bandwidth usage, connection duration, and login/logout times. They've committed to only keeping those logs for 14 days or less, and promise to never share their logs with anyone, period.

TorVPN


Supports: Windows, OS X, Linux, iOS, Android
Protocols: SSL (they often refer to it as OpenVPN), PPTP, and full SSH tunneling.
Home Country: Hungary, with exit servers in Hungary.
Logging Policies: The service doesn't log your connection aside from bandwidth usage to compare against your quota, and your payment details. They also are committed to your privacy, and specifically say they won't surrender their data without a Hungarian court order.

TorGuard


Supports: Windows, OS X, Linux, and iOS and Android via built-in VPN
Protocols: SSL (OpenVPN), PPTP, and L2TP, (with 256 bit security)
Home Country: Panama, with exit servers in The Netherlands, Romania, Ukraine and Panama.
Logging Policies: TorGuard wholeheartedly supports privacy, so you can feel a bit more secure that your connection is secure and anonymous. They purge their logs daily, and only keep payment information and registration info. They don't even keep login/logout times.

WiTopia


Supports: Windows, OS X, Linux, iOS, Android, webOS, Chromebooks.
Protocols: SSL, PPTP, IPSec, and L2TP (with 256 bit security)
Home Country: United States, with exit servers in 10 US cities, and countries in Latin and South America, Asia, Australia, Europe, Africa, and the Middle East—way too many to list here.
Logging Policies: WiTopia does not log information that can be attributable to individual users, purges logs weekly, and only saves registration information and payment details when you sign up.

Alternatively, Roll Your Own VPN


We've shown you how to roll your own VPN using Hamachi, and even how to set up Privoxy to secure your web browsing once you have your personal VPN set up. Hamachi isn't the only option: you can also download and configure OpenVPN (a free SSL VPN) on your own home server,, or if you have a router that supports it, enable OpenVPN on your home router so you can connect back to it when you're abroad. Combined with Privoxy, you get the privacy and anonymity benefits of a VPN without spending a dime.
Both of these options put control in your hands, and while they're not quite as anonymous as subscription methods or offer international exit locations, they do give you the the most important benefits of a VPN: security, privacy, and anonymity while you're away from home.

What Makes for a Good VPN?

What Makes for a Good VPN?

The best VPNs offer a solid balance of features, server location, connectivity protocols, and price. Some are great for occasional use, others are geared towards getting around the location restrictions companies put on their apps and services, and others are targeted at people who do heavy downloading and want a little privacy while they do it. Here's what you should look for.
Protocol: When you're researching a VPN, you'll see terms like SSL/TLS (sometimes referred to as OpenVPN support,) PPTP, IPSec, L2TP, and other VPN types. We asked Samara Lynn, Lead Analyst for Networking and Small Business at PCMag, whether or not a user shopping for a VPN should shop for one over another. "SSL is what is commonly used these days. All of these protocols will provide a secure connection," she explained, and pointed out that most solutions are invisible to the end-user anyway. Strictly, each protocol has its benefits and drawbacks, and if you're concerned about this  you're probably already aware of them. Most users don't need to be concerned about this—corporate users on the other hand, are probably all using IPSec or SSL clients anyway.

Corporate and Exit Locations: Depending on what you'reusing a VPN for, your service's location—and the exit locations you can choose—are important to consider. If you want to get around a location restriction and watch live TV in the UK, for example, you want to make sure your VPN service provider has servers in the UK. If you're concerned about privacy or state-sponsored snooping, you may want to pick a service operated outside of your home country. Similarly, if the service is based on the US, they're subject to US laws, and may be forced to turn over usage data to the authorities upon request. Many people make more of this than they should (we've seen overseas services turn over their data to friendly governments without any hesitation repeatedly), but it's important to make sure a VPN has servers in multiple locations—or at least the location you're interested in—when shopping.

Logging: When you connect to a VPN, you're trusting the VPN service provider with your data. Your communications may be secure from eavesdropping, but other systems on the same VPN—especially the operator—can log your data if they choose. If this bothers you (e.g., you're the privacy/security advocate or the downloader), make absolutely sure you know your provider's logging policies before signing up. This applies to location as well—if your company doesn't keep logs, it may not matter as much where it's located. (There's a popular rumor that US-based VPN providers are required to log, in case the government wants them. This isn't true, but the government can always request whatever data they have if they do log.) For a good list of VPN providers that don't log your activities when connected

Anti-Malware/Anti-Spyware Features: Using a VPN doesn't mean you're invulnerable. You should still make sure you're using HTTPS whenever possible, and you should still be careful about what you download. Some VPN service providers especially mobile ones—bundle their clients with anti-malware scanners to make sure you're not downloading viruses or trojans. When you're shopping, see if the providers you're interested in offer anti-malware protection while you're connected. For example, previously mentioned Hotspot Shield offers malware protection to its premium users. It may not be a dealbreaker for you, but it's always good to have someone watching your back.
Mobile Apps: If you're going to spend money on a VPN service provider (or even if you use a free one, frankly), you should be able to get a consistent experience across all of your devices. Most prominent providers offer desktop and mobile solutions for individual users, and while corporate and school networks may be a bit behind the curve here, they're catching up too. Make sure you don't have to use two different VPNs with two different policies and agreements just because you want to secure your phone along with your laptop.

Price: Finally, go into your user agreement with both eyes open. You should read the privacy policy for the service you're interested in, and be very aware of the differences between free and paid services.
 For example:
Free VPN Providers are more likely to log your activities and serve contextual ads while you're connected. They're also more likely to use your usage habits to tailor future ads to you, have fewer exit locations, and weak commitments to privacy. They may offer great features, but if logging and privacy are important to you, you may want to avoid them. However, if you just need quick, painless security while traveling on a budget, they're a great option.

Subscription VPN Providers usually take your privacy a bit more seriously, since you're paying for the service. It's unusual for them to show ads, although whether they do logging or store data about your usage varies from company to company. They usually offer free trials so you can give the service a shot first, but remember: just because you're paying for a service doesn't mean you shouldn't do your homework.
    A mix of features and price make a good VPN, but plenty of bad VPNs masquerade as good ones. Look for articles written by trustworthy sources that discuss the merits of each service based on its features, versus simple rundowns and user testimonials, which are almost always polluted by a combination of fanatical users and corporate bootstrapping in attempt to get their names out to potential customers.

Saturday, 15 October 2016

Why and when you should use VPN??

What Is a VPN?

Put simply, a Virtual Private Network, or VPN, is a group of computers (or discrete networks) networked together over a public network—namely, the internet. Businesses use VPNs to connect remote datacenters, and individuals can use VPNs to get access to network resources when they're not physically on the same LAN (local area network), or as a method for securing and encrypting their communications when they're using an untrusted public network.
When you connect to a VPN, you usually launch a VPN client on your computer (or click a link on a special website), log in with your credentials, and your computer exchanges trusted keys with a far away server. Once both computers have verified each other as authentic, all of your internet communication is encrypted and secured from eavesdropping.
The most important thing you need to know about a VPN: It secures your computer's internet connection to guarantee that all of the data you're sending and receiving is encrypted and secured from prying eyes.
Whether the VPNs you're familiar with are the ones offered by your school or business to help you work or stay connected when you're traveling or the ones you pay to get you watch your favorite shows in another country as they air, they're all doing the same thing.

Why You Need a VPN, or How You Can Benefit from Using One ?

A VPN alone is just a way to bolster your security and access resources on a network you're not physically connected to. What you choose to do with a VPN is a different story. Usually, VPN users fall into a few separate categories:
The student/worker. This person has responsibilities to attend to, and uses a VPN provided by their school or company to access resources on their network when they're at home or traveling. In most cases, this person already has a free VPN service provided to them, so they're not exactly shopping around. Also, if they're worried about security, they can always fire up their VPN when using airport or cafe WI-Fi to ensure no one's snooping on their connection.

The downloader. Whether they're downloading legally or illegally, this person doesn't want on some company's witch-hunt list just because they have a torrenting app installed on their computer. VPNs are the only way to stay safe when using something like BitTorrent.
The privacy minded and security advocate. Whether they're a in a strictly monitored environment or a completely free and open one, this person uses VPN services to keep their communications secure and encrypted and away from prying eyes whether they're at home or abroad. To them, unsecured connections mean someone's reading what you say.




Even if none of the above really sound right to you, you can still benefit from using a VPN. You should definitely use one when you travel or work on an untrusted network (read: a network you don't own, manage, or trust who manages.) That means opening your laptop at the coffee shop and logging in to Facebook or using your phone's Wi-Fi to check your email at the airport can all potentially put you at risk.

Wednesday, 12 October 2016

Proxy and Its functioning

PROXY
If you work remotely, or have to handle corporate files on the road, then chances are you've used a specific type of proxy and may not even be aware of it. In fact, proxies are used by workers all over the world in the form of a VPN. A virtual private network is one specific type of proxy which provides you with the ability to work remotely and securely. But what is a proxy exactly, how does it work, and what are some of the advantages it can give not only a remote worker, but anyone who wants an extra layer of privacy? Here's a look at the various types of proxies and a review of one particular service which provides you with proxies on steroids.

How proxies work

Basically, a proxy is a point to point connection between you and a remote location on the Internet. If you're in a hotel in Seattle and you work for a large corporation down in Dallas, then opening a VPN to your corporate office means your computer will create a permanent connection between your own system and a dedicated device at the corporate office called the VPN server. This connection provides you with a tunnel through which all further communication will pass. This is the first and most well known quality of a VPN. All of your traffic, whatever it is, will be encrypted inside that tunnel, going from your current location to the VPN server, and then be resent on your behalf to the wider Internet. What this means is that anyone listening nearby, or trying to see the packets going from your own system, will see nothing but static. In fact, they won't even know which websites you visit, because everything is encrypted. This is an even stronger security mechanism than SSL, since with SSL people can still see the headers and know which sites you surf to.
But a VPN, or any other type of proxy, provides quite a few more benefits. Whether you use a VPN, which relies on a protocol like PPTP to encapsulate your packets securely, an SSL proxy, a Socks proxy, or even a simple web gateway (which doesn't actually provide you with any encryption) they all have a couple of features  that are similar. The basic principle is that the server is relaying those packets for you, and stripping the originating address. Instead of your own IP address, they only see the proxy server's
Criminals also make heavy use of proxies to obscure their actual locations. They can even chain proxy servers together to increase the difficulty of being tracked. But proxies are used for a lot more than just to watch the latest Family Guy, or commit crimes. A lot of people use them simply for safety. If you have a slow Internet connection, you could use a proxy server with a lot of bandwidth, and malware threats roaming the net trying to find unpatched systems, or launch potential denial of service attacks, would find only the proxy. Security researchers also love proxies. When you're trying to infiltrate the criminal underground, the last thing you want is to give them your home address.

One such service: HMA


As you can see, proxies provide security and anonymity that can be very handy. If you don't have a corporate VPN you can use, there are a lot of services that offer some alternatives. One of the most popular right now, and the one I've used, is called hide my ass. One of the things I like about it is that, first, it provides a very easy-to-use client software. Instead of having to configure the proxy settings manually, you simply install the client, and it keeps track of your connection status, allowing you to set preferences. Then, it also has a massive amount of 36,000+ IP addresses all over the world. This means you can connect to any of those servers and appear to be from that location.

Proxies still require trust

Finally, there are some things you need to keep in mind when using proxies. First, remember that while a proxy server will provide you with security and anonymity, the proxy itself has to decode your traffic to send it through. This means it can see everything you're doing, unless you use SSL connections. So you need to trust it. A lot of people use TOR, which is a free anonymity network run by volunteers, or some go to underground channels to get so-called "private"proxies, but the problem is you never know if you can trust those servers. It may end up being worse than not using a proxy at all. Popular commercial services like Hide My Ass base their business on providing this service, so personally I have more faith in them. Don't think of using them for criminal acts however, since they do state clearly that they cooperate with law enforcement. Because again, the proxy server is the one party that knows what your real IP address is. Also, using proxies will typically slow your connection down, since you're basically transferring all your data to another location around the world before it goes out to the Internet. As you attempt to connect to various proxy servers, you may find very big differences in speed, so it's a good idea to try them out. Whether you want security, anonymity, or both, proxies provide a good way to surf the net.

Tuesday, 11 October 2016

Different types of Proxy Server and Its types

What is a Proxy Server?

proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services. A client connects to the proxy server, then requests a connection, file, or other resource available on a different server. The proxy provides the resource either by connecting to the specified server or by serving it from a cache. In some cases, the proxy may alter the client's request or the server's response for various purposes.

Web proxies

A common proxy application is a caching Web proxy. This provides a nearby cache of Web pages and files available on remote Web servers, allowing local network clients to access them more quickly or reliably.

When it receives a request for a Web resource (specified by a URL), a caching proxy looks for the resulting URL in its local cache. If found, it returns the document immediately. Otherwise it fetches it from the remote server, returns it to the requester and saves a copy in the cache. The cache usually uses an expiry algorithm to remove documents from the cache, according to their age, size, and access history. Two simple cache algorithms are Least Recently Used (LRU) and Least Frequently Used (LFU). LRU removes the least-recently used documents, and LFU removes the least-frequently used documents.
Web proxies can also filter the content of Web pages served. Some censorware applications - which attempt to block offensive Web content - are implemented as Web proxies. Other web proxies reformat web pages for a specific purpose or audience; for example, Skweezer reformats web pages for cell phones and PDAs. Network operators can also deploy proxies to intercept computer viruses and other hostile content served from remote Web pages.

A special case of web proxies are "CGI proxies." These are web sites which allow a user to access a site through them. They generally use PHP or CGI to implement the proxying functionality. CGI proxies are frequently used to gain access to web sites blocked by corporate or school proxies. Since they also hide the user's own IP address from the web sites they access through the proxy, they are sometimes also used to gain a degree of anonymity.
You may see references to four different types of proxy servers:
  • Transparent Proxy

    This type of proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used for their ability to cache websites and do not effectively provide any anonymity to those who use them. However, the use of a transparent proxy will get you around simple IP bans. They are transparent in the terms that your IP address is exposed, not transparent in the terms that you do not know that you are using it (your system is not specifically configured to use it.)
  • Anonymous Proxy

    This type of proxy server identifies itself as a proxy server, but does not make the original IP address available. This type of proxy server is detectable, but provides reasonable anonymity for most users.
  • Distorting Proxy

    This type of proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the http headers.
  • High Anonymity Proxy

    This type of proxy server does not identify itself as a proxy server and does not make available the original IP address
  • Socks 4 and 5 proxies provide proxy service for UDP data and DNS look up operations in addition to Web traffic. Some proxy servers offer both Socks protocols.
  • DNS proxies forward domain name service (DNS) requests from LANs to Internet DNS servers while caching for enhanced speed.
  • Proxy hacking
In proxy hacking, an attacker attempts to steal hits from an authentic web page in a search engine's index and search results pages. The proxy hacker would have a either a fraudulent site emulating the original or whatever they felt like showing the clients requesting the page.
Here's how it works: The attacker creates a copy of the targeted web page on a proxy server and uses methods such as keyword stuffing and linking to the copied page from external sites to artificially raise its search engine ranking. The authentic page will rank lower and may be seen as duplicated content, in which case a search engine may remove it from its index.
This form of hacking can be also be used to deliver pages with malicious intent. Proxy hacking can direct users to fake banking site, for example, to steal account info which can then be sold or used to steal funds from the account. The attacker can also use the hack to direct users to a malware-infected site to compromise their machines for a variety of nefarious purposes.
Some means have been developed to compromise proxy abilities. Specially crafted Flash and Java apps, Javascript,Active X and some other browser plugins can be used to reveal a proxy user’s identity, so proxies should not be used on untrusted sites or anywhere that anonymity is important.
Website owners who suspect they have been the victim of a proxy hack can test the theory by searching for a phrase that would be almost uniquely identifying to the site. Their site should be prominent on the search engine results page (SERP). If a second site with the same content shows up, it may be a proxy page.