Open Proxy Servers are widely prevalent on the internet and are being misused by malicious users to route traffic bypassing network controls. Open proxy servers are major sources of spam on the internet and are also used to launch attacks on other systems.
A malicious user can effectively hide his own IP address by using an open proxy server for illegal activities like hacking. Instead of the IP address of the attacker appearing in the log files of the attacked system, the IP address of the open proxy server shall appear. Malicious users routinely chain through several such open proxy servers making it difficult to trace back to the origin of the user.
What is an Open Proxy Server?
An open proxy is a proxy server which is accessible by any Internet user. Any proxy server that doesn’t restrict its client base to its own set of clients and allows any other client to connect to it, is known as an open proxy.
With an “Open Proxy”, however, any user on the Internet is able to use this forwarding service. An open proxy will accept client connections from any IP address and make connections to any Internet resource.
While proxy server acts as an intermediary between a client computer and the Internet serving as a buffer between the client computer and the Internet resources one is accessing. When a client makes a request for an Internet resource through a proxy server, the proxy makes a connection to the requested resource on the client’s behalf to get the resource and delivers it down to the client. By this process, it is able to hide the internal address of the client to the Internet and the IP address of the proxy only becomes visible on the Internet. A Proxy Server can be used to enforce security, administrative control, and caching. A normal Web browser must be configured to use the proxy either manually or with a configuration script.
Open Proxy Server Mechanism
An open proxy will accept client connections from any IP address and make connections to any Internet resource. Open Proxy Servers act as blind intermediary to any other network addresses without any authentication.
An Open Proxy Server commonly allows HTTP access but it can also be used for ftp, email (including spam), IRC/instant messaging or even launch a DoS attack.
Common mistakes making a Proxy Open
· Improperly configured Proxy Server
· Proxy administrator unaware of the dangers of leaving the proxy server ‘Open’.
· Inherent application deficiency.
· A conscious decision on the part of the party installing the proxy to run it opens (compromised systems etc.)
· Administrator is unaware that a proxy server has been installed on his server by default while installing some other software or application.
The Dangers of Open Proxy Servers
Be Warned – There are many dangers when using OPEN Proxy Servers.
· Open proxy servers are those that do not require a Password to logon or use.
· Proxy servers require high Internet resources and bandwidth in order to be able to provide a public service.
· If someone is offering a free proxy service, you will want to make sure that the person or company has nothing to gain and that you can trust the connection.
· If someone is offering a free proxy service, there is a catch somewhere. Considering the cost of bandwidth and machine maintenance, a free proxy service is simply not feasible.
· If you are using a free proxy service or one of the many open proxy lists, you could trust your data, email messages, passwords or other personal information to a teenager that setup a proxy on the local school network.
· While thinking that using such a service has made you more secure, you have probably already become a victim.
· If possible, always use a proxy server hosted by a company with some kind of security background.
Common Ways to Close a Proxy Server
There are two common ways to close a proxy server-
When a proxy server is closed it will either force you to connect from only one IP address or a range of IP addresses, or it will require you to use a user name and password to connect and use it.
If you do not need to type in a user name and password, it is virtually always an open proxy server.
If a system is found to be running an open proxy, it needs to be removed immediately. The Proxy should be configured so that the clients allowed to connect through it are restricted only to IP addresses of its own trusted set of clients. Authentication should also be used to avoid misuse of the Proxy.
Open Proxy Honeypot or Proxypot
Open Proxy servers are a big problem on the Internet. Not only can an improperly secured proxy server expose your internal network to attack but also these systems are used to obscure the true origin of attacks.
In order to gather data on types of attacks in the channels, the Honeypots are specially configured and deployed which is known as a honeypot open proxy server or Proxypot.
Instead of being the target of the attacks, you must opt to be used as a conduct the type of the attack data in order to gather your intelligence. You must aim to take a birds-eye look at the types of malicious traffic that traverse these systems. The honeypot systems will conduct real-time analysis on the network traffic. You can Open Proxy Honeypot sensor on your own network.
Related posts:
- Web Proxy List
- Download Windows Home Server Power Pack 1
- Firefox Tips – Automatically Close the Download Manager When Downloads Complete.
- Open docx, pptx, xlsx files using Microsoft Plugin – Microsoft Open XML Converter
- Download Mac OS X 10.6 Server build 10A403
- Send large size files with Fileai – Uploading file to server not Required
- Bug Fixed – Internet Explorer cannot open the Internet site Operation Aborted
- Firefox Extension to Open & Edit any Document or File Type
- Windows Half-Open Limit Fix v3.7 to Speed up BitTorrent Downloads
- Open Invitation for Guest Bloggers!!
|
|
Follow us on Twitter
Bookmark on del.icio.us
Become a Fan of Facebook
Add to Google Reader
Comments on this entry are closed.