Proxy servers initially developed to save web pages that are frequently accessed. At the beginning of the Internet, the connection is very slow, the Internet is still relatively small, and web pages are static. Overall Internet consists of only several thousand sites for most of the scientists and academics. Whenever there are important news on a website, many scientists from the same organization will be visiting the page (how many times you forward link in your company?).
Proxy and Web Caching
With save the page on the local server, the proxy can access the Internet to take the excess back the same page repeatedly. So, the proxy initially very effective for web caching. However, the Internet is now faster, web pages are dynamic and interests of users in one organization consisting of only hundreds of web pages. These factors cause the proxy caching does not become effective, except on a very large organizations or ISP. Although all browsers have the support of the standard proxy server, rarely used since 1996.
Proxy= HTTP ?
There are many alternative proxy services, from the filter function on Application layer to the firewall such as Checkpoint Firewall-1, to the general application of pure "only the proxy", such as Wingate and services such as a proxy for HTTP Jigsaw.
Proxy servers are often associated with the HTTP service as a proxy for the first time developed this service. Since that time, the proxy function has been applied to other Internet service with the most common. Examples in this article will use the HTTP service, but generally the same functionality with other services.
How to Work Proxy?
Proxy works with the client to listen to requests from internal and send the request to the external network as though the proxy server itself is a client. At the time the proxy server and the server receives a response to public, he responded to the original client that it seems the public servers.
Proxy and Security
Now that the Internet also has its own characteristics, and the proxy server shows the side effects that truly unexpected: they can all hide behind a user's machine, they can filter URLs, and they can remove the content of suspicious or illegal. So, although initially created as non-security cache, the main proxy server is now a firewalling.
Proxy server update service requests on the external network on behalf of their clients in the private network. This automatically hide the identity and number of clients on the internal network from the external network. Because of their position in between the client and the server's internal public, the proxy can also save frequently-accessed content from the network to reduce public access to the public network. Most of the implementation of the real proxy covers pemilteran security package and Network Address Translation to build a firewall intact. Technology can be combined with a proxy for the proxy attacks against the vulnerable.
The main features of the security proxy server is hiding a client. Such as Network Address Translation, proxy servers can make all the internal network appear as one engine from the Internet because only one machine that route requests to the Internet.
Such as Network Address Translatation, the proxy server to prevent the external host to access the service on the internal engine. In the proxy server, there is no routing to the client as a domain address internal and external network can not only compatible, and because the transport layer routing does not exist between the two networks.
Proxy features make this request with the update, not replace, and re-address headers. For example, at the time the client to make requests through proxy servers, proxy servers receive the request as if the purpose of the web server on the internal network. He then update the request to an external network as a normal web browser. At the time the proxy to receive a response from a web server that actually, he responded to the internal client. HTTP, which is passed only through the proxy, not the TCP or IP. TCP / IP (the protocol and other low-level) updated by proxy; they will not be missed by proxy.
Other aspects of concealment is the distribution of client connections; proxy servers can be used to share one Internet connection and the IP address to the entire network. Therefore, the Wingate proxy server, such as the environment is very popular in the home and small office where there is only one dial-up connection or a dedicated available.
URL blocking allows administrators to reject certain sites based on their URL. In theory, this will keep your employees from web sites that can not access them. This function is easily implemented. Proxy to check each request with a list of pages that he rejected before the update request. If the URL is blocked, the proxy will not ask or give the page.
However, blocking the URL easily fixed, because the web site can be written using the IP address or even address the overall number. Users can type in any Web browser to access the same page, the URL blocker, but you (may be) will only check the full URL address.
Another problem with the URL is required to update the blocked sites. Sites such as hacking, pornography, and gaming sites have a short lifetime, they can appear and disappear quickly. It seems difficult to block them with a database of blocking your URL. Most people will use search engines or Usenet news for the existence of the site.
Because the proxy update all cargo specific protocol and the protocol, the proxy can be used to search for suspicious cargo content. This means you can mengonfigurasi HTTP proxy service for mempreteli ActiveX controls, Java applets, or even a large picture if you think they could cause security problems. You can also use the SMTP proxy utuk mempreteli form of attachment files and executable files zip archive if you think they cause problems.
Content filtering can also be used to check the web page will be of a certain word or sentence, such as trademarks competitors or some news you warm. You have to filter ActiveX control, Java applets, and the executable files in e-mail because they can be used to install Trojan horse.
If there are users who need to transfer the executable file, ask them to transfer the zip file, or use the Encoder BinHex or transfer to another in text format. Will need to file in decodes, so pentransferan prevent viruses or Trojan horse.
Checks the consistency is the content checks to ensure that the protocol can be understood by the protocol. Consistency checks to ensure that certain types of content can not be used to exploit security weaknesses in the system your internal network.
For example, Unix sendmail daemon SMTP previously known sensitive buffer overflow. This occurs at the time of the e-mail sent and takes longer than that specified. Sendmail will allocate the memory of the requested by e-mail, but then check e-mail to arrive eventually at the end. If between the requested and the end contains executable code, hackers can gain root access to e-mail your server.
You never hear about the large number of buffer overflow exploitation done by hackers against IIS. By using the URL that is longer than that can be handled by IIS exploitation and against the supporting DLL, hackers can create automated attack against IIS, which works as a worm on the Internet and causing damage widely. Microsoft has launched a security improvement to overcome this problem.
Checks the consistency with the proxy can ensure that these problems can be removed in the proxy that they will not affect the internal engine. Unfortunately, the problem should be checked often not known to hackers exploit them, so only the most consistency checks done after the exploitation found.
Package Transport layer needs to be directed as much updated everything. This exploitation of the Transport layer, such as routing, fragmentation, and various denialof-service attacks. With the routing, you can also ensure that all the protocols that you have not specified will not be missed to the public network. Finally routing may benefit the proxy server is the most important. Because the package TCP / IP network between the actual through internal and external, many attacks denial-of-service and exploitation that can be prevented.
Unfortunately, blocking the routing is not often used because many existing protocols. The package may not allow low-level pass through our proxy server. Most proxy servers allow you to create a proxy for all generic TCP port that enggunakan Socks proxy utiiliti redir generic or Unix. This generic proxy, although they can not do pemfilteran content, but allows you to prevent packet TCP / IP pass-thatch antarjaringan you.
Logging and Alerting
Benefits from the last security facility is a proxy logging and alerting that they provide. Proxy to ensure that all content flowing through one point, which can
a review of data network. Most proxy servers will use the proxy by the user and can be configured to record the sites they visit. This will allow you to rearrange the way of browsing the user if you are suspicious of the activities of illegal or inappropriate.
Facilities alerts provided by several proxy to warn you of the attacks occurred, although generally not the targets of the proxy attack. However, this facility can be used to increase vigilance on your external interface, which often tried to dieksplotiasi by hackers.
Proxy and Performance
Besides the security aspect, the proxy server can also provide a significant performance improvement. First, the proxy can store data that often direquest to improve performance with the excess access to the external network (a slower speed). Second, the proxy can balance the burden of service to a number of internal servers.
As was mentioned at the beginning of this article, the proxy initially developed as a performance enhancing, not as a security device. At the beginning of the Internet, there are only thousands of Web sites. They are most often not scientific and changed. Because of slow connection to the Internet, the proxy can be used to save most of the local Internet, so that internal users simply browse to the local proxy. Content is not changed very quickly, so this is still reasonable.
Now caching only makes sense if there is a large number of users in accessing the web page the same repeatedly. Patterns such as the use of this now rare, so the aspect of caching proxy server is outdated start.
With e-commerce is increasingly common, caching will again become an important function because many people will do their job with some of the sites that are frequently accessed. For example, take a travel agent using the Expedia.com and Travelocity.com to do their job. Many agents will access the same two sites that repeatedly, so save the main elements of the site, images, and applets are reasonable.
Reverse Proxy Load Balancing
Proxy servers can now be used to "reverse proxy," or providing services to the proxy server to the client's internal external. This function is used to balance the burden of a number of clients to a web server. Many web sites that use high fungsionalitasnya complex applications such as ISAPI, Active Server Pages, Java servlet, or CGI. This application is running on the server, so that they are reducing the number of clients who are able handled by a single server. For example, Windows 2000 server running IIS, which can handle up to 100,000 browser to the standard HTML pages can only handle 5,000 pages ASP browser.
This means that most functions of e-commerce can not be handled by a single server, so the site must be run in parallel to a number of machines. For example, http://www.microsoft.com/ run on 30 DNS server is identical. DNS scheme to provide basic load-sharing in which access to the DNS name will get one IP address, but this is not really balance the load.
Proxy servers can be used to respond to a single IP address and then direct connection to one of the client server in the back. Proxy servers can use some benchmark provided by the web server to server mengtahui which has the remaining capacity at the most. Each client is connected and can be directed to any web server that has enough capacity to handle.