Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 02_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 Proxy Servers vs Packet Filters QO Proxy server examines the data payload of the packet Q Packet filters examine the routing information of the packet Q Creates detailed log file listings, since they scan the entire data of IP packets Q Logs only the header information of the IP packets QO Restructures the packet with new source |P data Q Allows or blocks the data depending on the packet filter rules Q In the case of failure of a proxy server, all network communications would O In the case of failure of a packet filter, all packets may be allowed to pass through cease | R4 { the internal network B Copyright © by EC-{ All Rights Reserved. ReproductionIs Strictly Prohibited Proxy Servers vs Packet Filters Proxy servers and packet filters are used together in a firewall and work in the application layer of the OSI model. They mainly differ in terms of the inspection of different parts of IP packets and the way they act on them. = A proxy server creates detailed log file listings because they scan the entire data part of the IP packets, whereas a packet filter logs only header information of the IP packets. = A packet filter simply allows the data packet to pass through to the destination if it matches the packet filter rules. On the other hand, a proxy server restructures the packet with new source IP data. = In the case of failure of a proxy server, all network communications would cease, whereas in the case of packet filter failure, all packets may be allowed to pass through to the internal network. Module 07 Page 883 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 Types of Proxy Servers T Transparent Proxy = Non Transparent Proxy © SOCKS Proxy (AE) Anonymous Proxy Reverse Proxy Copyright © by & Al Rights Reserved. Reproductionis Strictly Prohibited Types of Proxy Servers Discussed below are various types of proxy servers. Module 07 Page 884 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Network Security Controls - Technical Controls Exam 212-82 Transparent Proxy Q A transparent proxy is a proxy through which a client system connects to a server without its knowledge It is configured to be entirely invisible to an end user With a transparent proxy, all the web clients must be configured manually Copyright © by Al Rights Reserved, ReproductionIs Strictly Prohibited. Transparent Proxy A transparent proxy is a proxy through which a client system connects to a server without its knowledge. It is configured to be entirely invisible to an end user. It is placed between two networks, similar to a router. A firewall tracks the outgoing traffic and directs it to a specific computer, such as a proxy server. Network administrators need not configure the client’s software with transparent proxies. With a transparent proxy, all the web clients must be configured manually. Module 07 Page 885 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 Non-transparent Proxy O g Require client software to be configured to use the proxy server QO The client is made aware of the proxy’s existence QO They are difficult to configure, as each client program must be set up to route all requests to a single port 01 Group An.notatxon Sexrvices 02 Media Typfe Transformation 03 BYAIEEIiR o duction A.n.onyx.mty Filtering Non-transparent Proxy Non-transparent proxies are also known as explicit proxies and require client software to be configured to use the proxy server. Non-transparent proxies are difficult to configure, as each client program must be set up to route all requests to a single port. However, these proxies provide a greater level of security than other types. A non-transparent proxy is one that modifies a request or response, and the client is made aware of the proxy’s existence. The entire requested URL is sent to the proxy that has the host name. It provides added services to the user agent such as group annotation services, media-type transformation, protocol reduction, and anonymity filtering. Module 07 Page 886 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 —— SOCKS Proxy O The SOCKS is an Internet Engineering Task Force (IETF) standard O Itis a proxy server that does not have the special caching abilities of a caching HTTP proxy server O The SOCKS proxy server does not allow external network components to collect information on the client that generated the request The SOCKS package includes i comainst:he foll —] = E N 2 g “L A SOCK server for SOIIpOOL \ Q A client program the specified such as FTP, Telnet, (0s) browser operating system e Q A client library for SOCKS or an Internet Copyright © by. All Rights Reserved. ReproductionIs Strictly Prohibited SOCKS Proxy SOCKS, an Internet Engineering Task Force (IETF) standard, is a proxy server that does not have the special caching abilities of a caching HTTP proxy server. The SOCKS protocol internally uses “sockets,” which server help track all the individual connections of clients. The function of a SOCKS is to handle all clients’ requests inside the organization’s firewall; based on the requested Internet destination or user identification, it allows or rejects connection requests. If the requested connection is valid, then it “binds” the request, and information is exchanged with the usual protocol (e.g., HTTP). The SOCKS proxy server does not allow external network components to collect information on the client that generated the request. The SOCKS package contains the following components: = A SOCK server for the specified operating system (OS) = Aclient program such as FTP, Telnet, or an Internet browser = Aclient library for SOCKS Module 07 Page 887 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 Anonymous Proxy O An anonymous proxy does not transfer information about the IP address of its user, thereby hiding information about the user and their surfing interests Pros e O ——— A user can surf the Internet with the help of an user can access even censored websites ~— e Cons QO Using this type of proxy server may decrease the speed of anonymous proxy anonymous proxy server, a & ————— privately by using an Q A~ loading a web page on to the Q browser Using anonymous proxy servers to bypass Internet censorship is illegal in some countries Anonymous Proxy An anonymous proxy does not transfer information about the IP address of its user, thereby hiding information about the user and their surfing interests. A user can surf the Internet privately by using an anonymous proxy. With the help of an anonymous proxy server, a user can access even censored websites. The use of this type of proxy server may decrease the speed of loading a web page on to the browser. Further, the use of anonymous proxy servers to bypass Internet censorship is illegal in some countries. Module 07 Page 888 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 Reverse Proxy A reverse proxy is usually situated closer to the server(s) and will only return a configured set of resources It can optimize content by compressing it to speed up loading The client is unaware of the presence of a reverse proxy A reverse proxy server is an intermediate server that is located between a client and the actual web server Copyright © by k l. All Rights Reserved. Reproductionis Strictly Prohibited. Reverse Proxy A reverse proxy resources. It can of the presence located between is usually situated closer to the server(s) and will only return a configured set of optimize content by compressing it to speed up loading. The client is unaware of a reverse proxy. A reverse proxy server is an intermediate server that is a client and the actual web server. Note: Transparent proxy and anonymous proxy are open proxies also known as forwarding proxies. Module 07 Page 889 Certified Cybersecurity Technician Copyright © by EG-Council