January 14, 2012

1.1.5 Proxies

A proxy server works by intercepting connections between sender and receiver. All incoming data enters through one port and is forwarded to the rest of the network via another port. By blocking direct access between two networks, proxy servers make it much more difficult for hackers to get internal addresses and details of a private network.

The proxy is typically situated between the clients and the Internet, and it can be used to forward requests for many types of traffic and data transfers such as web and FTP. An HTTP proxy intercepts web access, and an SMTP proxy intercepts email. This protects the specific addresses of internal clients from being revealed to external servers and allows the proxy server to filter incoming and outgoing requests to prevent attacks and malware from reaching the client systems.

A proxy server uses a network addressing scheme to present one organization-wide IP address to the Internet. The server funnels all user requests to the Internet and returns responses to the appropriate users. In addition to restricting access from outside, this mechanism can prevent inside users from reaching specific Internet resources (e.g., certain web sites). A proxy server can also be one of the components of a firewall.

Proxies may also cache web pages. Each time an internal user requests a URL from outside, a temporary copy is stored locally. The next time an internal user requests the same URL, the proxy can serve the local copy instead of retrieving the original across the network, improving performance.

Proxy servers:
Act as a firewall and content filter
Improve performance

Mike Meyers' CompTIA Security+ Certification Passport, Second Edition by T. J. Samuelle

No comments:

Post a Comment