the basics of using a proxy server for privacy and security
TRANSCRIPT
• IF YOU WORK REMOTELY, OR HAVE TO HANDLE CORPORATE FILES ON THE
ROAD, THEN CHANCES ARE YOU'VE USED A SPECIFIC TYPE OF PROXY AND
MAY NOT EVEN BE AWARE OF IT.
• IN FACT, PROXIES ARE USED BY WORKERS ALL OVER THE WORLD IN THE
FORM OF A VPN.
• A VIRTUAL PRIVATE NETWORK IS ONE SPECIFIC TYPE OF PROXY WHICH
PROVIDES YOU WITH THE ABILITY TO WORK REMOTELY AND SECURELY.
FireIP
BUT WHAT IS A PROXY EXACTLY, HOW DOES IT WORK, AND WHAT ARE SOME OF THE ADVANTAGES IT CAN GIVE NOT ONLY A
REMOTE WORKER, BUT ANYONE WHO WANTS AN EXTRA LAYER OF PRIVACY?
HERE'S A LOOK AT THE VARIOUS TYPES OF PROXIES AND A REVIEW OF ONE
PARTICULAR SERVICE WHICH PROVIDES YOU WITH PROXIES ON STEROIDS.
FireIP
• IF YOU'RE IN A HOTEL IN SEATTLE AND
YOU WORK FOR A LARGE CORPORATION
DOWN IN DALLAS, THEN OPENING A VPN
TO YOUR CORPORATE OFFICE MEANS YOUR
COMPUTER WILL CREATE A PERMANENT
CONNECTION BETWEEN YOUR OWN
SYSTEM AND A DEDICATED DEVICE AT
THE CORPORATE OFFICE CALLED THE VPN
SERVER.
• BASICALLY, A PROXY IS A
POINT TO POINT
CONNECTION BETWEEN YOU
AND A REMOTE LOCATION ON
THE INTERNET.
FireIP
• THIS CONNECTION PROVIDES YOU WITH A TUNNEL THROUGH WHICH ALL FURTHER
COMMUNICATION WILL PASS.
• THIS IS THE FIRST AND MOST WELL KNOWN QUALITY OF A VPN. ALL OF YOUR
TRAFFIC,
• WHATEVER IT IS, WILL BE ENCRYPTED INSIDE THAT TUNNEL, GOING FROM YOUR
CURRENT LOCATION TO THE VPN SERVER, AND THEN BE RESENT ON YOUR BEHALF
TO THE WIDER INTERNET.
FireIP
•WHAT THIS MEANS IS THAT ANYONE LISTENING NEARBY, OR
TRYING TO SEE THE PACKETS GOING FROM YOUR OWN
SYSTEM, WILL SEE NOTHING BUT STATIC.
• IN FACT, THEY WON'T EVEN KNOW WHICH WEBSITES YOU
VISIT, BECAUSE EVERYTHING IS ENCRYPTED.
•THIS IS AN EVEN STRONGER SECURITY MECHANISM THAN
SSL, SINCE WITH SSL PEOPLE CAN STILL SEE THE HEADERS
AND KNOW WHICH SITES YOU SURF TO.
FireIP
• THE BASIC PRINCIPLE IS THAT THE SERVER IS RELAYING THOSE PACKETS
FOR YOU, AND STRIPPING THE ORIGINATING ADDRESS.
• INSTEAD OF YOUR OWN IP ADDRESS, THEY ONLY SEE THE PROXY SERVER'S.
• THAT ALSO MEANS IF YOU CONNECT USING THE PREVIOUS EXAMPLE,
INSTEAD OF THINKING YOU'RE IN SEATTLE, EVERY SITE YOU CONNECT TO
WILL THINK YOU'RE SITTING RIGHT THERE IN THE CORPORATE OFFICE.
FireIP
“
”
OF COURSE, PEOPLE USE PROXIES FOR OTHER REASONS AS WELL. ONE EXAMPLE
IS TRYING TO ACCESS REGION-RESTRICTED CONTENT.
FireIP
• CRIMINALS ALSO MAKE HEAVY USE OF SOCKS PROXIES TO
OBSCURE THEIR ACTUAL LOCATIONS. THEY CAN EVEN CHAIN
PROXY SERVERS TOGETHER TO INCREASE THE DIFFICULTY OF
BEING TRACKED.
• BUT PROXIES ARE USED FOR A LOT MORE THAN JUST TO
WATCH THE LATEST FAMILY GUY, OR COMMIT CRIMES.
FireIP
A LOT OF PEOPLE USE THEM SIMPLY FOR SAFETY. IF YOU HAVE A SLOW
INTERNET CONNECTION, YOU COULD USE A PROXY SERVER WITH A LOT OF
BANDWIDTH, AND MALWARE THREATS ROAMING THE NET TRYING TO FIND
UNPATCHED SYSTEMS, OR LAUNCH POTENTIAL DENIAL OF SERVICE ATTACKS,
WOULD FIND ONLY THE PROXY. SECURITY RESEARCHERS ALSO LOVE
PROXIES.
FireIP