Transcript Document

• proxy servers
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Digital object identifier Resolution
1
It will even replace references to web-to-handle
proxy servers with native resolution.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
comScore Criticism
1
In the past, the software forwarded
users' internet traffic through
comScore proxy servers, provoking
criticism about speed performance.
As a result, several universities and
banks took steps to block the proxy
servers. In response to these
concerns, comScore no longer uses
this technology.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Hypertext Transfer Protocol Technical overview
1
HTTP proxy servers at private network
boundaries can facilitate
communication for clients without a
globally routable address, by relaying
messages with external servers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Data center Network infrastructure
1
Some of the servers at the data center
are used for running the basic
Internet and intranet services needed
by internal users in the organization,
e.g., e-mail servers, proxy servers,
and DNS servers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Proxy server Accessing services anonymously
1
Other anonymizing proxy servers, known
as elite or high-anonymity proxies, only
include the REMOTE_ADDR header with
the IP address of the proxy server, making
it appear that the proxy server is the client
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Proxy server Transparent proxy
In 2009 a security flaw in the way that
transparent proxies operate was published
by Robert Auger, and the Computer
Emergency Response Team issued an
advisory listing dozens of affected
transparent and intercepting proxy
servers.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Proxy server Implementation methods
1
In integrated firewall / proxy servers where
the router/firewall is on the same host as
the proxy, communicating original
destination information can be done by
any method, for example Microsoft TMG
or WinGate.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Proxy server Suffix proxy
1
A suffix proxy allows a user to access web
content by appending the name of the
proxy server to the URL of the requested
content (e.g. "en..org.SuffixProxy.com").
Suffix proxy servers are easier to use than
regular proxy servers but they do not offer
high levels of anonymity and their primary
use is for bypassing web filters. However,
this is rarely used due to more advanced
web filters.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Proxy server Web proxy servers
Examples of web
proxy servers (list is
not exhaustive):
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Dial-up Internet access Compression by the ISP
1
As telephone-based 56 kbit/s modems began
losing popularity, some Internet service
providers such as TurboUSA, Netzero,
CdotFree, TOAST.net, and Earthlink started
using compressing proxy servers to increase
the throughput and maintain their customer
base. As an example, Netscape ISP uses a
compression program that squeezes images,
text, and other objects at a proxy server, just
prior to sending them across the phone line.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Browser security Security
Perimeter defenses, typically through
firewalls and the use of filtering proxy
servers that block malicious websites and
perform antivirus scans of any file
downloads, are commonly implemented as
a best practice in large organizations to
block malicious network traffic before it
reaches a browser.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Spam (electronic) - Cost-benefit analyses
1
E-mail, Usenet, and instant-message
spam are often sent through insecure
proxy servers belonging to unwilling
third parties
https://store.theartofservice.com/the-proxy-servers-toolkit.html
HTTP cookie - Cross-site scripting – proxy request
1
This attack would not work for Secure
cookie, since Secure cookies go with
HTTPS connections, and its protocol
dictates end-to-end encryption, i.e.,
the information is encrypted on the
user’s browser and decrypted on the
destination server
www.example.com, so the proxy
servers would only see encrypted bits
and bytes.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Anonymous blogging - Techniques to stay anonymous
1
Using the incognito mode on the browser
can help maintain firewalls and proxy
servers and also deletes the browsing
history by disabling cookies
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Satellite Internet access - System components
The transmitting station has two
components, consisting of a high speed
Internet connection to serve many
customers at once, and the satellite uplink
to broadcast requested data to the
customers. The ISP's routers connect to
proxy servers which can enforce quality of
service (QoS) bandwidth limits and
guarantees for each customer's traffic.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Satellite Internet access - System components
Many IP-over-satellite implementations
use paired proxy servers at both
endpoints so that certain communications
between clients and servers need not to
accept the latency inherent in a satellite
connection. For similar reasons, there
exist special Virtual private network (VPN)
implementations designed for use over
satellite links because standard VPN
software cannot handle the long packet
travel times.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
P3P - Purpose
1
Users who saw this as an invasion of
privacy would sometimes turn off
HTTP cookies or use proxy servers to
keep their personal information
secure
https://store.theartofservice.com/the-proxy-servers-toolkit.html
P3P - Alternatives
P3P user agents are not the only
option available for Internet users that
want to ensure their privacy. Several of
the main alternatives to P3P include
using web browsers' privacy mode,
anonymous e-mailers and anonymous
proxy servers.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Secure Socket Tunneling Protocol
1
Secure Socket Tunneling Protocol (SSTP)
is a form of VPN tunnel that provides a
mechanism to transport PPP or L2TP
traffic through an SSL 3.0 channel. SSL
provides transport-level security with keynegotiation, encryption and traffic integrity
checking. The use of SSL over TCP port
443 allows SSTP to pass through virtually
all firewalls and proxy servers except for
authenticated web proxies.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
OpenVPN - Networking
1
It has the ability to work through most
proxy servers (including HTTP) and is
good at working through Network
address translation (NAT) and getting
out through firewalls
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Virtual private network
VPNs allow employees to securely
access their company's intranet while
traveling outside the office. Similarly,
VPNs securely and cost-effectively
connect geographically disparate
offices of an organization, creating
one cohesive virtual network. VPN
technology is also used by ordinary
Internet users to connect to proxy
servers for the purpose of protecting
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Man-in-the-middle attack - Beyond cryptography
1
In 2013, the Nokia's Xpress Browser was
revealed to be decrypting HTTPS traffic on
Nokia's proxy servers, giving the company
clear text access to its customers'
encrypted browser traffic. Nokia
responded by saying that the content was
not stored permanently, and that the
company had organizational and technical
measures to prevent access to private
information.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Handle System - Applications
1
The number of prefixes, which allow users
to assign handles, is growing and passed
212,000 in 2009. There are four top-level
Global Handle Registry servers that
receive (on average) 68 million resolution
requests per month. Proxy servers known
to CNRI, passing requests to the system
on the Web, receive (on average) 50
million resolution requests per month.
(Statistics from Handle Quick Facts.)
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Web cache - Further reading
1
Ari Luotonen, Web Proxy Servers
(Prentice Hall, 1997) ISBN 0-13680612-0
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Network socket - Sockets in network equipment
However, stateful network firewalls,
network address translators, and proxy
servers keep track of active socket pairs
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Freedom of speech - Internet censorship
The system blocks content by
preventing IP addresses from being
routed through and consists of
standard firewall and proxy servers at
the Internet gateways
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Team Foundation Server - Server Architecture
1
Build servers, lab management servers,
release management servers and proxy
servers (to reduce some of the load on the
application tier), test machines and load
test machines can also be added to the
infrastructure
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Team Foundation Server - Team Foundation Version Control
1
To improve performance for remote
clients, TFS includes the ability to
install Proxy Servers. Proxy servers
allow source control contents to be
cached at a site closer to the
developers to avoid long network trips
and the associated latency. Check-ins
are still performed directly against
the TFS application tier so the Proxy
Server is most beneficial in read
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Application firewall - Network-based application firewalls
1
Often, it is a host using various forms
of proxy servers to proxy traffic before
passing it on to the client or server
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Golden Shield Project - History
1
A major part of the project includes
the ability to block content by
preventing IP addresses from being
routed through and consists of
standard firewalls and proxy servers
at the Internet gateways
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Golden Shield Project - Bypassing
1
Proxy servers outside China can be used,
although using just a simple open proxy
(HTTP or SOCKS) without also using an
encrypted tunnel (such as HTTPS) does
little to circumvent the sophisticated
censors.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
WinGate
WinGate is Integrated Gateway
Management Software for Microsoft
Windows, providing web caching, firewall
and NAT services, along with a number of
integrated proxy servers and also email
services (SMTP, POP3 and IMAP servers).
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
WinGate - Features
1
At its core, WinGate provides 3 levels of
Internet Access: a stateful packet-level
firewall with NAT, several circuit-level
proxies (SOCKS 4/4a/5, and proprietary
Winsock redirector), and multiple
application-level proxy servers. This
provides a comprehensive access
framework, and allows the maximum level
of access control.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Novell BorderManager - History
1
Aside from the more easily copied firewall
and VPN access point services, Novell
designed the proxy services to retrieve
web data with a server to server
connection rather than a client to server
connection as all of the prior proxy servers
on the market had done
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Session Initiation Protocol - Protocol design
The features that permit familiar
telephone-like operations: dialing a
number, causing a phone to ring, hearing
ringback tones or a busy signal - are
performed by proxy servers and user
agents
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Session Initiation Protocol - Redirect server
1
A user agent server that generates 3xx
(Redirection) responses to requests it
receives, directing the client to
contact an alternate set of URIs. The
redirect server allows proxy servers to
direct SIP session invitations to
external domains.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Google Analytics - Privacy issues
It has been anecdotally reported that
behind proxy servers and multiple firewalls
that errors can occur changing time
stamps and registering invalid searches.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Application layer firewall - Network-based application firewalls
1
Often, it is a host using various forms
of proxy servers to proxy traffic before
passing it on to the client or server
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Gmail - Privacy
In December 2013, Gmail made
changes in how images are displayed
to improve protection of privacy.
Gmail now serves all images through
Google’s own secure proxy servers. It
also removes the ability for Email
Service Providers to track IP, user
agent, if it was a mobile open or which
mobile device was used.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Golden Shield Project - History
1
A major part of the project includes
the ability to block content by
preventing IP addresses from being
routed through and consists of
standard firewalls and proxy servers
at the Internet gateway
(telecommunications)|gateways
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Golden Shield Project - Bypassing
1
* Proxy servers outside China can be
used, although using just a simple open
proxy (HTTP or SOCKS) without also
using an encrypted tunnel (such as
HTTPS) does little to circumvent the
sophisticated censors.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
IHeartRadio - Positioning
The iHeartRadio official web site,
www.iheart.com, has been offering access
to over 800 live radio stations streaming
online, but the streams are served only to
IP addresses, or proxy servers, that can
be identified as being in the USA
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
F5 Networks
* Access through firewalls: IPsec
connections may be blocked by firewalls
or proxy servers while port 443/TCP is
almost always allowed.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
TVCatchup - Legality
1
The service makes clear that users should
be in possession of a UK TV licence to
watch television as it is being broadcast. ,
the site has been using stringent IP
monitoring facilities to detect and block
access from many proxy servers, to
ensure that users are situated within the
UK.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
.mobi - Similar services
This is the idea behind proxy-based
microbrowsers like Opera Mini that
download the optimized and compressed
version of web pages through dedicated
proxy servers
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Content-control software - Types of filtering
Filters can be implemented in many
different ways: by software on a personal
computer, via network infrastructure such
as proxy servers, Domain Name
System|DNS servers, or Firewall
(computing)|firewalls that provide Internet
access.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Freedom of Information - Internet censorship
1
The system blocks content by preventing
IP addresses from being routed through
and consists of standard firewall and proxy
servers at the Internet gateway
(telecommunications)|gateways
https://store.theartofservice.com/the-proxy-servers-toolkit.html
E-mail spam - Theft of service
1
Spammers frequently seek out and make use
of vulnerable third-party systems such as
open mail relays and open proxy servers.
SMTP forwards mail from one server to
another—mail servers that ISPs run
commonly require some form of
authentication to ensure that the user is a
customer of that ISP. Open relays, however,
do not properly check who is using the mail
server and pass all mail to the destination
address, making it harder to track down
spammers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
E-mail spam - Side effects
To combat the problems posed by
botnets, open relays and proxy servers
many email server administrators
pre-emptively block dynamic IP
ranges and impose stringent
requirements on other servers
wishing to deliver mail
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Mass surveillance - Syria
1
At least 13 Blue Coat Systems|Blue Coat
proxy servers are in use, Skype calls are
intercepted, and Social engineering
(security)|social engineering techniques,
phishing, and malware attacks are all in
use.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Workplace privacy - United States
The tools that are used for this
surveillance are often caching proxy
servers that are also used for webmonitoring.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Spam (electronic) - Cost-benefit analyses
E-mail, Usenet, and instant-message
spam are often sent through insecure
proxy servers belonging to unwilling third
parties
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Blazer (web browser) - Blazer 2
Blazer 2 was released in early 2002.
Blazer 2 added the ability to use proxy
servers, Secure Sockets Layer|SSL, 16 bit
color, and an improved user interface.
Blazer 2 was available both as product
bundled with the Treo 180, and as a paid
download.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
WebSocket - Proxy traversal
In some cases, additional proxy server
configuration may be required, and certain
proxy servers may need to be upgraded to
support WebSocket.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
WebSocket - Proxy traversal
If unencrypted WebSocket traffic flows
through an explicit or a transparent proxy
server on its way to the WebSocket server,
then, whether or not the proxy server
behaves as it should, the connection is
almost certainly bound to fail today (as
WebSocket become more mainstream,
proxy servers may become WebSocket
aware). Therefore, unencrypted
WebSocket connections should be used
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
WebSocket - Proxy traversal
However, since the wire traffic is
encrypted, intermediate transparent
proxy servers may simply allow the
encrypted traffic through, so there is a
much better chance that the
WebSocket connection will succeed if
WebSocket Secure is used
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet Channel
Internet Channel uses an internet
connection (set in the Wii Settings) to
retrieve pages directly from a web
site's HTTP or HTTPS server, not
through a network of proxy servers as
in Opera Mini products. Internet
Channel is capable of rendering most
web sites in the same manner as its
desktop counterpart by using Opera's
Medium Screen Rendering
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Maxthon - Version 2.x
1
*'Super agent:' supports the adoption
of HTTP, HTTPS, Socks4, Socks4a,
Socks5, and other internet connection
proxies, and also supports proxy that
require authentication. By setting the
Advanced Proxy Rule, the Maxthon
Web browser can automatically switch
to different proxy servers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Avant Browser - Security and privacy
1
* Multiple proxy servers
may be configured
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Bolt (web browser) - Data centers for servers
1
The proxy servers that BOLT cloud-based
architecture uses are located in the United
States.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Opera Mobile - History
1
* Version 6.10, released on October 27,
2003, introduced several user interface
and usability improvements, considerably
optimized performance, and slightly
improved page rendering. It was also the
first version to support proxy servers,
Wireless Application Protocol|WAP pages,
and the first one to be released in
localized versions for 9 different
languages.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Opera Mini - Functionality
By default, Opera Mini opens one
connection to the proxy servers, which
it keeps open and re-uses as required.
This improves transfer speed and
enables the servers to quickly
synchronize changes to bookmarks
stored in Opera Link.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Opera Mini - Functionality
The Opera Software company
maintains over 100 proxy servers to
handle Opera Mini traffic. They run
Linux and are massively parallel and
massively redundancy
(engineering)|redundant.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Series 40 - Web browser
1
The latest feature phones from the Asha
lineup come with the Nokia Xpress
Browser which uses proxy servers to
compress and optimize web pages in a
similar fashion as Opera Mini.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Web access management - Architectures
1
Proxy-based architectures differ in that
all web requests are routed through the
proxy server to the back-end
web/application servers. This can
provide a more universal integration
with web servers since the common
standard protocol, HTTP, is used
instead of vendor-specific application
programming interfaces (APIs). One of
the drawbacks is that additional
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Stop Online Piracy Act - Autocratic countries
1
According to the Electronic Frontier
Foundation, Proxy server#Bypassing
filters and censorship|proxy servers,
such as those used during the Arab
Spring, can also be used to Proxy
server#Accessing services
anonymously|thwart copyright
enforcement and therefore may be
regulated by the act.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in the People's Republic of China - Current methods
1
It consists of standard firewalls and proxy
servers at the Internet gateway
(telecommunications)|gateways
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in the People's Republic of China - Evasion
Internet censorship in China is
circumvented by determined parties
by using proxy servers outside the
firewall
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in the People's Republic of China - Evasion
Some well-known
proxy servers have
also been blocked
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Susning.nu - Issues with vandalism
1
In summer 2008, the website was affected
by a persistent spam (electronic)|spammer
who used proxy servers to spam different
articles with English advertisement links
https://store.theartofservice.com/the-proxy-servers-toolkit.html
NetWare - Strategic mistakes
As Novell used IPX/SPX instead of
TCP/IP, they were poorly positioned to
take advantage of the Internet in 1995.
This resulted in Novell servers being
bypassed for routing and Internet
access in favor of hardware routers,
Unix-based operating systems such as
FreeBSD, and SOCKS and HTTP Proxy
server|Proxy Servers on Windows and
other operating systems.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
BorderManager - History
Aside from the more easily copied
Firewall (networking)|firewall and
VPN|VPN access point services, Novell
designed the proxy services to retrieve
web data with a server to server
connection rather than a client to
server connection as all of the prior
proxy servers on the market had done
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Freedom of expression - Internet censorship
1
The system blocks content by preventing
IP addresses from being routed through
and consists of standard firewall and proxy
servers at the Internet gateway
(telecommunications)|gateways
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Networking equipment - Range
But it also includes hybrid network
devices such as multilayer switches,
protocol converters, bridge routers, proxy
servers, firewall (networking)|firewalls,
network address translators, multiplexers,
network interface controllers, wireless
network interface controllers, modems,
ISDN terminal adapters, line drivers,
wireless access points, networking cables
and other related hardware.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet socket - Sockets in network equipment
However, stateful network firewalls,
network address translators, and proxy
servers keep track of active socket pairs
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Antispam - Lists of sites
The most popular DNSBLs (DNS
Blacklists) are lists of domain names of
known spammers, known open relays,
known proxy servers, compromised
“zombie” spammers, as well as hosts on
the internet that shouldn’t be sending
external emails, such as the end-user
address space of a consumer ISP. These
are known as “Dial Up Lists”, from the
time when end users whose computers
were zombieing spam were connected to
the internet with a modem and a phone
line.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Information security audit - Specific tools used in network security
1
Network security is achieved by various
tools including firewall
(networking)|firewalls and proxy servers,
encryption, logical security and access
controls, anti-virus software, and auditing
systems such as log management.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Information security audit - Specific tools used in network security
1
Proxy servers hide the true address of
the client workstation and can also act
as a firewall. Proxy server firewalls
have special software to enforce
authentication. Proxy server firewalls
act as a middle man for user requests.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Myanmar Wide Web - Service providers, Internet cafés
Information Technology Central Services (ITCS),[
http://www.mmtimes.com/no370/b001.htm New consortium to
shake up IT sector], Ye Kaung Myint Maung, Myanmar Times,
vol.19, no.370 (11-17 June 2007) Red Link Communications, and the
state-owned Myanmar Post and Telecommunication (MPT),
Information Technology department, Ministry of Communications,
Posts and Telegraphs, accessed 10 June 2011 are the Internet service
providers in Myanmar.[
http://www.guideformyanmar.com/internet.html Myanmar
Internet Provider], Guide for Myanmar, 2007[
http://www.mizzima.com/news/inside-burma/1679-internetservice-hampered-as-myanmar-teleport-server-breaks-down.html
Internet service hampered as Myanmar Teleport server breaks
down], Mizzima News Agency, 10 February 2009 Internet cafés are
common in the country and most use different pieces of software to
bypass the government's proxy servers.[
http://www.irrawaddy.org/article.php?art_id=12370 No More
Proxies: Myanmar Teleport], Saw Yan Naing, The Irrawaddy
Publishing Group, 29 May 2008[
http://www.vpnhero.com/articles/buypass-internet-censorshipburma-myanmar/ Bypassing Internet Censorship in Burma /
Myanmar], VPNHero.com, 16 March 2011
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
2009–2010 Iranian election protests - Internet censorship
Iranian internet users used social
media to trade lists of open
proxy|open web proxy servers as
means to get around the restrictions,
but the Iranian authorities monitoring
these media gradually blocked these
proxies, so that after two weeks very
few proxies were still working in Iran
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Uzbekistan - Communications
1
Internet Censorship exists in Uzbekistan and in
October 2012 the government toughened internet
censorship by blocking access to proxy
servers.Uzbekistan Toughens Internet
Censorship,uznews.net, 11.10.12,
http://www.uznews.net/news_single.php?lng=enci
d=30nid=20980Reporters Without Borders has
named Uzbekistan's government an Enemy of the
Internet and government control over the internet
has increased dramatically since the start of the
Arab Spring.BBC, Uzbekistan profile,
http://www.bbc.co.uk/news/world-asia-16218808
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Geotargeting
1
Use of proxy servers and virtual
private networks may give a false
location.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
HTTP proxy - Forward proxies
The terms forward proxy and
forwarding proxy are a general
description of behavior (forwarding
traffic) and thus ambiguous. Except
for Reverse proxy, the types of proxies
described in this article are more
specialized sub-types of the general
forward proxy servers.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
HTTP proxy - Accessing services anonymously
'Access control': Some proxy servers
implement a logon requirement. In large
organizations, authorized users must log
on to gain access to the World Wide
Web|web. The organization can thereby
track usage to individuals.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
HTTP proxy - Web proxy servers
1
Examples of web proxy servers include
Apache HTTP Server|Apache (with
mod_proxy or Traffic Server), HAProxy,
Internet Information Services|IIS
configured as proxy (e.g., with Application
Request Routing), Nginx, Privoxy, Squid
(software)|Squid, Varnish
(software)|Varnish (reverse proxy only)
and WinGate.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
HTTP proxy - Suffix proxy
1
A suffix proxy allows a user to access
web content by appending the name of
the proxy server to the URL of the
requested content (e.g.
en.wikipedia.org.SuffixProxy.com).
Suffix proxy servers are easier to use
than regular proxy servers but they do
not offer high levels of anonymity and
their primary use is for bypassing web
filters. However, this is rarely used due
https://store.theartofservice.com/the-proxy-servers-toolkit.html
X-Forwarded-For
In this context, the caching servers are
most often those of large ISPs who either
encourage or force their users to use
proxy servers for access to the World
Wide Web, something which is often done
to reduce external bandwidth through
caching. In some cases, these proxy
servers are transparent proxies, and the
user may be unaware that they are using
them.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
X-Forwarded-For - Proxy servers and caching engines
The X-Forwarded-For field is
supported by most proxy servers,
including Squid
(software)|Squid,[http://wiki.squidcache.org/SquidFaq/ConfiguringSqui
d#head3518b69c63e221cc3cd7885415e365ffaf
3dd27f SquidFaq/ConfiguringSquid –
Squid Web Proxy Wiki]
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
HTTP 404 - Soft 404
1
Some proxy servers generate a 404 error
when the remote host is not present,
rather than returning the correct 500range code when errors such as
hostname resolution failures or refused
TCP connections prevent the proxy
server from satisfying the request. This
can confuse programs that expect and
act on specific responses, as they can no
longer easily distinguish between an
absent web server and a missing web
page on a web server that is present.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Cyberslacking
Other methods used to reduce
goldbricking include installation of proxy
servers to prevent programs from
accessing resources like Internet Relay
Chat, AOL Instant Messenger, or some
online gambling services, strict disciplinary
measures for employees found
goldbricking, and carrot and stick
measures like providing free or subsidized
Internet access for employees outside of
working hours.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Post/Redirect/Get - Proxy servers
1
Since redirects are using absolute URIs,
one has to take care about proxy servers
(HTTPsic|hide=y|refer|ersic|hide=y|Refer|er
header to discover the domain and port
the user is actually entering.)
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Referer spoofing - Tools
1
Other tools include proxy servers, to
which an individual configures their
browser to send all HTTP requests.
The proxy then forwards different
headers to the intended website,
usually removing or modifying the
referer header. Such proxies may also
present privacy issues for users, as
they may Server log|log the user's
activity.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Opera 7 - Version 10
Opera Turbo, a mode which uses
Opera's servers as proxy servers with
data compression, reducing volume of
data transferred by up to 80%
(depending upon content), and thus
increasing speed, was introduced.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
IP blocking
1
Proxy servers can be used to bypass an
IP address ban unless the site being
accessed has an effective anti-proxy
script.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Everybody Draw Mohammed Day - Pakistan Internet block
A representative of the Karachi-based
Internet company Creative Chaos named
Shakir Husain told The Guardian that a
ban of Facebook would not be easy to
carry out due to the ability to circumvent it
using tactics such as proxy servers
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Great Firewall - History
A major part of the project includes
the ability to block content by
preventing IP addresses from being
routed through and consists of
standard firewalls and proxy servers
at the
sixhttp://www.nbcnews.com/technolo
gy/welcome-wyoming-how-chinasgreat-firewall-could-have-sent-web2D11970733 Internet gateway
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Supernode (networking)
1
In peer-to-peer networking, a 'supernode' is
any node (networking)|node that also serves
as one of that network's relayers and proxy
servers, handling data flow and connections
for other users. This semi-distributed
architecture allows data to be decentralized
without requiring excessive overhead at
every node. However, the increased
workload of supernodes generally requires
additional network bandwidth
(computing)|bandwidth and Central
processing unit|CPU time.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Parental controls - Overview
1
Proxy servers themselves may be
used to circumvent parental
controls
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Parental controls - Methods to bypass parental controls
1
Additionally, filtering systems which only
permit access to a set of allowed URLs
(whitelisting) will not permit access
anything outside this list, including proxy
servers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Anonymous web browsing - Limitations to Proxy Servers
1
Proxy servers can even become more of a
security hazard than browsing the web,
since personal information such as credit
card numbers and passwords are passed
through an external server that could be
accessed by someone else (if not on an
encrypted channel (HTTPS)).Roos, D
https://store.theartofservice.com/the-proxy-servers-toolkit.html
IP address location - Privacy
Technical measures for ensuring
anonymity, such as proxy servers, can
be used to circumvent restrictions
imposed by geolocation software.
Some sites detect the use of proxies
and anonymizers, and may either
block service or provide non-localized
content in response.RealNetworks
detects proxies and anonymizers;
Google serves non-localized content if
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Features of the Opera web browser - Privacy and security
1
Opera can be configured to use proxy
servers. It has a built-in HTTP
cookie|cookie editor and web cache
viewer.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Anonymous bloggers - Techniques to stay anonymous
1
#Using the incognito mode on the browser
can help maintain firewalls and proxy
servers and also deletes the browsing
history by disabling cookies
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Transparent SMTP proxy
1
'SMTP proxies' are specialized Mail
Transfer Agents (MTAs) that, similar
to other types of proxy servers, pass
SMTP sessions through to other MTAs
without using the store-and-forward
approach of a typical MTA. When an
SMTP proxy receives a connection, it
initiates another SMTP session to a
destination MTA. Any errors or status
information from the destination MTA
will be passed back to the sending
MTA through the proxy.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Proxy list
1
Proxy lists include the IP addresses of
computers hosting open proxy servers,
meaning that these proxy servers are
available to anyone on the internet
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Varnish (software)
1
'Varnish' is an HTTP accelerator designed
for content-heavy dynamic web sites. In
contrast to other web accelerators, such
as Squid (software)|Squid, which began
life as a client-side cache, or Apache
HTTP server|Apache and nginx, which are
primarily origin servers, Varnish was
designed as an HTTP accelerator. Varnish
is focused exclusively on HTTP, unlike
other proxy servers that often support FTP,
SMTP and other network protocols.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet Watch Foundation - Of proxy server used by ISPs
The use of proxy servers is also
reported to have caused
#Wikipedia|the problem with editing
Wikipedia (but not the blocking of the
actual offending web page) reported
above.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet Content Adaptation Protocol
The 'Internet Content Adaptation
Protocol' (ICAP) is a lightweight
Hypertext Transfer Protocol|HTTPlike protocol specified in RFC 3507
which is used to extend transparent
proxy servers, thereby freeing up
resources and standardizing the way
in which new features are
implemented
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet Watch Foundation and Wikipedia - Effects on Wikipedia
1
However, as a result of ISPs using the
IWF blacklist implemented through
Cleanfeed (content blocking
system)|Cleanfeed technology, traffic to
Wikipedia via those affected ISPs was
then routed through a small number of
proxy servers
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in India
1
However, websites blocked either by the
government or Internet service providers
can often be accessed through proxy
servers (see Internet censorship
circumvention).
https://store.theartofservice.com/the-proxy-servers-toolkit.html
SoftEther VPN - Firewall, Proxy and NAT Transparency
1
One of the key features of SoftEther
VPN is the transparency for firewalls,
proxy servers and NATs (Network
Address Translators). To do this,
SoftEther VPN supports SSL-VPN and
NAT Traversal.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in Myanmar - Service providers, Internet cafés
Information Technology Central Services
(ITCS),[http://www.mmtimes.com/no370/b001.htm New consortium to shake
up IT sector], Ye Kaung Myint Maung, Myanmar Times, vol.19, no.370 (1117 June 2007) Red Link Communications, and the state-owned Myanmar
Post and Telecommunication (MPT), Information Technology department,
Ministry of Communications, Posts and Telegraphs, accessed 10 June 2011
are the Internet service providers in
Myanmar.[http://www.guideformyanmar.com/internet.html Myanmar Internet
Provider], Guide for Myanmar, 2007[http://www.mizzima.com/news/insideburma/1679-internet-service-hampered-as-myanmar-teleport-server-breaksdown.html Internet service hampered as Myanmar Teleport server breaks
down], Mizzima News Agency, 10 February 2009 Internet cafés are
common in the country and most use different pieces of software to bypass
the government's proxy
servers.[http://www.irrawaddy.org/article.php?art_id=12370 No More
Proxies: Myanmar Teleport], Saw Yan Naing, The Irrawaddy Publishing
Group, 29 May 2008[http://www.vpnhero.com/articles/buypass-internetcensorship-burma-myanmar/ Bypassing Internet Censorship in Burma /
Myanmar], VPNHero.com, 16 March 2011
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in Pakistan - Pakistan Telecommunication Company
Criticism of Islam|Anti-Islamic and
Blasphemy|blasphemous sites were also
monitored.[http://archives.dawn.com/2003/
07/28/local7.htm KARACHI: PTCL begins
blocking proxy servers: Proscribed sites],
Bahzad Alam , Dawn, 28 July 2003Khan In
early March 2004, the Federal
Investigation Agency (FIA) ordered
Internet service providers (ISPs) to
monitor access to all pornographic content
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in Iran - American proxy server
1
Iranians can sometimes access 'forbidden'
sites through proxy servers, although
these machines can be blocked as well.
In 2003, the United States began providing
a free proxy server to Iranian citizens
through its International Broadcasting
Bureau|IBB service Voice of America with
Internet privacy company
Anonymizer|Anonymizer, Inc. The proxy
website changes whenever the Iranian
government blocks it.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Internet censorship in Australia - Notable examples
Euthanasia groups will hold seminars
around Australia teaching how to evade
the proposed filter using proxy servers and
virtual private network|virtual networks
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Transparent proxy - Reverse proxies
1
A 'reverse proxy' (or surrogate) is a proxy
server that appears to clients to be an
ordinary server. Requests are forwarded to
one or more proxy servers which handle
the request. The response from the proxy
server is returned as if it came directly
from the origin server, leaving the client no
knowledge of the origin servers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Transparent proxy - QA geotargeted advertising
Advertisers use proxy servers for
validating, checking and quality assurance
of geotargeting|geotargeted ads. A
geotargeting ad server checks the request
source IP address and uses a Country ip
database|geo-IP database to determine
the geographic source of requests. Using
a proxy server that is physically located
inside a specific country or a city gives
advertisers the ability test geotargeted
ads.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
IP PBX - Function
1
SIP (Session Initiation Protocol) enabled
PBX are used to make multimedia
communication (voice and video calls)
over IP network. It uses enhanced
encryption techniques and proxy servers
to form sessions of calls over internet.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Mix network
1
'Mix networks'Also known as digital mixes
are routing protocols that create hard-totrace communications by using a chain of
proxy servers known as mixes which take
in messages from multiple senders, shuffle
them, and send them back out in random
order to the next destination (possibly
another mix node)
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Mix network
1
Each message is encrypted to each proxy
using public key cryptography; the resulting
encryption is layered like a Russian doll
(except that each doll is of the same size)
with the message as the innermost layer.
Each proxy server strips off its own layer of
encryption to reveal where to send the
message next. If all but one of the proxy
servers are compromised by the tracer,
untraceability can still be achieved against
some weaker adversaries.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Transclusion - Client-side HTML
1
Proxy servers may employ transclusion to
reduce redundant transmissions of
commonly-requested resources.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Google Mail - Other privacy issues
1
Gmail now serves all
images through
Google’s own secure
proxy servers
https://store.theartofservice.com/the-proxy-servers-toolkit.html
HTTP/2 - Goals
1
* Support common existing use cases
of HTTP, such as desktop web
browsers, mobile web browsers, web
APIs, web servers at various scales,
proxy servers, reverse proxy servers,
Firewall (computing)|firewalls, and
content delivery networks
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Platform for Privacy Preferences Project - Purpose
1
Users who saw this as an invasion of
privacy would sometimes turn off HTTP
cookies or use anonymous proxy
server|proxy servers to keep their
personal information secure
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Platform for Privacy Preferences Project - Alternatives
1
P3P user agents are not the only option
available for Internet users that want to
ensure their Internet privacy|privacy.
Several of the main alternatives to P3P
include using web browsers' privacy
mode, Anonymous
remailer|anonymous e-mailers and
Anonymizer|anonymous proxy servers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
ART image file format - Usage by AOL
This conversion was done in the AOL proxy
servers and could be optionally disabled by the
user
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Super Bowl XXX - Television and entertainment
1
Some weeks before Super Bowl XXX, it
was found that some
censorware|proxy servers were
blocking the web site for the event.
The reason: The game's Roman
numeral (XXX) is usually associated
with pornography.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
NAT traversal - Techniques
* SOCKS|Socket Secure (SOCKS) is a
technology created in the early 1990s that
uses proxy servers to relay traffic between
networks or systems.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Demonoid - Legal issues
1
However, it was still possible for Canadians to
visit the website at that time using proxy servers
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Countries blocking access to The Pirate Bay - Ireland
As of 1 September 2009 Eircom
blocked access to The Pirate Bay,
though it is still accessible via proxy
servers, and still accessible in Ireland
to subscribers of other ISP companies.
1
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Nokia Asha series - Nokia Xpress Browser
1
Nokia Xpress Browser uses intermediate
Nokia proxy servers to optimize web
pages based on the capabilities and
screen size of the device. The proxy
servers also compress data to reduce data
transmission charges for the mobile
user.[http://www.nokia.com/global/privacy/
privacy/faqs/xpress-browser/ ]
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Online poker - Overview
1
Online poker rooms also check players' IP
addresses in order to prevent players at
the same household or at known open
proxy servers from playing on the same
tables.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Freemake Video Downloader - Features
1
It also supports using
proxy servers.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
EBay v. Bidder's Edge - IP address blocking and proxy
1
BE continued crawling eBay's site by using proxy
servers to evade eBay's IP address blocks
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Varnish cache
1
'Varnish' is an HTTP accelerator designed
for content-heavy dynamic web sites as well
as heavily consumed APIs. In contrast to
other web accelerators, such as Squid
(software)|Squid, which began life as a clientside cache, or Apache HTTP server|Apache
and nginx, which are primarily origin servers,
Varnish was designed as an HTTP
accelerator. Varnish is focused exclusively on
HTTP, unlike other proxy servers that often
support FTP, SMTP and other network
protocols.
https://store.theartofservice.com/the-proxy-servers-toolkit.html
Web blocking in the United Kingdom - Libraries and educational institutions
1
Many students often use proxy servers
to bypass
this.[http://www.bbc.co.uk/newsbeat
/10003579 BBC - Newsbeat - Pupils
'bypassing school internet security']
Schools often censor pupils' Internet
access in order to offer some
protection against various perceived
threats such as cyber-bullying and the
perceived risk of grooming by
https://store.theartofservice.com/the-proxy-servers-toolkit.html
For More Information, Visit:
• https://store.theartofservice.co
m/the-proxy-serverstoolkit.html
The Art of Service
https://store.theartofservice.com