© 2014, Triad Square Infosec Pvt. Ltd.

Proxy

What is Proxy ?

© 2014, Triad Square Infosec Pvt. Ltd.

Communication between two computers (shown in grey) connected through a third computer (shown in red) acting as a proxy.

Types of Proxy

Forward proxy Open proxy Reverse proxy

© 2014, Triad Square Infosec Pvt. Ltd.

Forward proxy

A forward proxy taking requests from an internal network and forwarding them to the Internet.

© 2014, Triad Square Infosec Pvt. Ltd.

Open proxy

An open proxy forwarding requests from and to anywhere on the Internet.

© 2014, Triad Square Infosec Pvt. Ltd.

Reference: en.wikipedia.org

Reverse proxy

A reverse proxy taking requests from the Internet and forwarding them to servers in an internal network.

Those making requests connect to the proxy and may not be aware of the internal network.

© 2014, Triad Square Infosec Pvt. Ltd.

Squid Web Proxy Server

© 2014, Triad Square Infosec Pvt. Ltd.

Security Advantages

Terminates the TCP connection before relaying to target host (in and out)

Hide internal clients from external network Blocking of dangerous URLs Filter dangerous content Check consistency of retrieved content Single point of access, control and logging

© 2014, Triad Square Infosec Pvt. Ltd.

TCP connection termination

The incoming and outgoing TCP connections are terminated

Prevents a hacker from hijacking a stale (old) connection on a service that is being proxied.

Example . HTTP page request

© 2014, Triad Square Infosec Pvt. Ltd.

User Proxy Server

request packet

request packet’

response packet’

response packet

Connection remain open until the proxy closes it after receiving response packet and sending it back to user

Connection only remain open until server closes the connection after sending the response packet

Reference

en.wikipedia.org

© 2014, Triad Square Infosec Pvt. Ltd.

Thank You