Proxy server Hide your identity

We continue with our tutorials of specific servers. Today we are going to focus on the proxy servers . Usually they are servers whose function is to interpose between the web page that we want to visit, or the server where we want to connect and we in such a way that the target server can never know that it is really us who are accessing the information.

Advantages of using a proxy server

The proxys servers are servers that fulfill a function that can come to us well in different situations. As always, the fact that we can win a major or minor match will always depend on our capacity for imagination. 

• For network administrators (especially in companies) this type of servers can be used so that employees' computers are not those that go directly to the Internet. With this they gain 2 things, on the one hand they can filter certain web pages and on the other hand they protect the users. To understand how these two functions are performed we will see the basic scheme of connection with a proxy server intermediando 
  
  As can be seen in the schema the proxy server is in the border between the internet and the local network. Clarify that proxies are not substitutes for firewalls, and although both are on the border, the proxy is usually placed just behind the firewall so that it is also protected. When a PC in the internal network wants to visit a page, what it actually does is ask the proxy server. Once the request is made, the proxy server will make two checks. The first will be to see if the requested web is in your list of allowed websites (if a restrictive proxy is configured) or it will look that it is not in your list of denied websites (if it is configured in permissive mode). In the event that the web is not restricted, the proxy server will serve it to the PC that requested it. To be able to serve it, the proxy will be the one who communicates with the web (located in the external network, internet), analyze it and serve it to the client.malicious code in javascript  and the proxy server detects it will delete it and protect the PC by serving the clean page of malicious code. 
• The proxies servers help decongest the network.  This is another advantage for network administrators since with the same bandwidth they can respond to a higher request demand. When a proxy server visits a web while serving it to the client who requested it, it can also be saved in its cache for a certain time if this option has been enabled in the configuration. In the affirmative case, the proxy server will store every web that is requested in its memory until it reaches the maximum limit. Then each time a new request is made, just after checking that the requested web is not restricted, it will check if it is stored in its cache, if so, it will not have to access the internet to download it again, it will be used directly from your cache memory. In this way, if 10 clients ask to visit a website, the proxy server will only have to make a request to satisfy the demand of 10, thus reducing 9 requests. This is especially useful in multimedia content that is usually quite heavy.
• As a direct consequence of the previous point, the loading speed of web pages improves significantly . By not having to request the web page from the server on the internet, it is as if the server were in the local network, with which the end user perceives an improvement in loading times on the pages that are visited the most.
• A proxy server removes restrictions by location . In many countries (especially in the East), the government imposes strong restrictions on access to information. Blocking all those websites that they consider should not be visited by their citizens. Regardless of whether this is good or bad, a citizen who lives in a place that has restrictions of this type can use a proxy server located in another country and thus skip this restriction. To achieve this, the only thing you should keep in mind is that from your PC you can connect to the IP of the foreign proxy server.
• A proxy server prevents you from being blocked by IP .  When we are forced to share a network (in hotels, cybercafés, public networks ...) we are sharing our public IP with all the users of the local network in which we are connected. Remember, in a local network each device has a private IP that identifies it within the network, but they all share the same public IP. If a user performs an action that involves a ban on a portal of the public IP that you share with that user if you have a proxy server located outside the network you can still access it since your proxy server will access the web portal for you with your public IP
• A proxy server HID YOUR IDENTITY . On the internet your identity is your IP, the moment you put a proxy server through your IP is the one that goes out to the world to give you the pages you request. Normally there is no need to hide your IP to the websites you visit, but in some cases you may not want to record that you have been there. In this case, a proxy server is just what you need. Maybe you can ask yourself that even if the final server does not know your IP, the proxy could keep a relation between your IP and what you have seen. This is true, the proxy server has the ability to store which web page has requested each IP. To solve this problem there are two ways. The first is to use proxies that are "anonymous". The most cautious even use several Chained proxies , and when I say several I mean 10 or 12 and also located in different countries. With only 1 of the chain does not have the log the tracking will be impossible. The other way, which is used by some crackers (hackers with bad ideas) is to access a user's PC, either looking for a security flaw or applying social engineering techniques  and install a proxy server on your computer without the user having constancy. In this way, the cracker uses his victim as a proxy server and everything he does will do so from his victim's public IP. 

Disadvantages of using a proxy server

Like any tool, computer or not, there is always a positive and a negative part. The servios proxies are not an exception and just as they give us a series of advantages like the ones we have seen there are also some risks involved in their use. In the following lines we will see the main problems and casuistics that have occurred by using proxies server:

• Interception of traffic.  If we have a network with 100 devices and someone intends to intercept the traffic of the 100 devices has several options. The first and most tedious to go looking for security failures device to device until having controlled 100. This is obviously a long task and with a high risk that an alarm goes off in a device and is discovered. Now, if all the traffic goes through the proxy server, the attacker should only focus on accessing the proxy server, if he succeeds he will have intercropped the traffic of all the devices at a stroke.
   
• Modification of information.  If someone with bad intentions gets access to the proxy server, you can see the pages that are cached in memory, or modify the rules by which the proxy server is governed, and manipulate the pages that are delivered to the end users. You have the system of passwords that you have with this method can access almost anyone. Let's put the case, the attacker creates a virtual machine  and installs a LAMP server(server to mount web pages). On that server LAMP mounts a replica of a page in which you have a username and password. Now, in the proxy server, when you ask for that page instead of the original one, it gives you the reply. As soon as you try to login to the fake website, what you will be doing is giving your user and password to the attacker.
   
• Problems of inconsistency.  If you have the page-frisking option enabled, it may be the case that a user is viewing content that has been modified, or even deleted, but that the proxy has not re-scaled it yet. For this reason it is more advisable to activate only the caching of multimedia content, images, videos, sound files ... that are not so prone to change over time.
   
• Denial of DOS service . If someone intentionally or not saturates the proxy server it would stop serving the requests of other users, thus making it impossible to access the internet.