At the FOSE 2010 trade show in Washington, D.C., panelists stated malware hidden on social media Websites, like Facebook, is the new number one security threat, bypassing email.
Thus the topic for today is proxy-based Web security. We’re going to look at the technology to see how it actually works and how it can benefit those working or playing on the Web.
In computer networks, a proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, Web page, or other resource available from a different server.
The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client’s request or the server’s response, and sometimes it may serve the request without contacting the specified server.
A proxy server has many potential purposes, including:
Caching proxy server
A caching proxy server accelerates service requests by retrieving content saved from a previous request made by the same client or even other clients. Caching proxies keep local copies of frequently requested resources, allowing large organizations to significantly reduce their upstream bandwidth usage and cost, while significantly increasing performance.
A proxy that focuses on Web traffic is called a “Web proxy.” The most common use of a Web proxy is to serve as a Web cache. Most proxy programs provide a means to deny access to URLs specified in a blacklist, thus providing content filtering.
Content-filtering Web proxy
A content-filtering Web proxy server provides administrative control over the content that may be relayed through the proxy. It is commonly used in both commercial and non-commercial organizations (especially schools) to ensure that Internet usage conforms to acceptable use policy.
Anonymizing proxy server
An anonymous proxy server (sometimes called a Web proxy) generally attempts to anonymize Web surfing. Because they are typically difficult to track, open proxies are especially useful to those seeking online anonymity, from political dissidents to computer criminals.
Proxies can also be installed in order to eavesdrop upon the dataflow between client machines and the Web. All accessed pages, as well as all forms submitted, can be captured and analyzed by the proxy operator.
Intercepting proxy server
An intercepting proxy combines a proxy server with a gateway or router. Connections made by client browsers through the gateway are diverted to the proxy without client-side configuration (or often knowledge).
A suffix proxy server allows a user to access Web content by appending the name of the proxy server to the URL of the requested content.
Reverse proxy server
A reverse proxy is a proxy server that is installed in the neighborhood of one or more Web servers. All traffic coming from the Internet and with a destination of one of the Web servers goes through the proxy server.
So if you work or play on the Web, don’t leave home without some form of protection. And in today’s security environment, it’ll probably be a proxy-based solution.