Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 04_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Limitations of Proxy Server

If proxy is not properly secured, then it may become point of failure in an event
of attack

‘ Increase in workload since proxy must be configured for each and every service it
provides

/ If we attempt to change the default settings, the proxy server might not function
properly

Proxy servers have to reroute information, thus web pages can sometimes load
slowly

If the proxy server is attempting to bypass suspicious software, some elements of
a page may not load

Copyright © by EC-Councll. All Rights Reserved. Reproductionis Strictly Prohibited.

Limitations of Proxy Server
The following are some of the limitations of proxy servers.
= Single Point of Failure
An issue with a proxy server is the creation of a single point of failure. If the entire
organization uses the same proxy, that machine is quite critical and should be
configured properly. A common mistake is forgetting that a proxy is insecure. Although
a proxy server protects the internal network, any interface directly connected to the
Internet is wide open to attack. Organizations should ensure that the proxy is used in
conjunction with other security mechanisms, such as a packet filter, to decrease the
possibility of a direct intrusion attack on the proxy.
= A Proxy for Each Service
The proxy must be configured for each service. A network that allows numerous types
of services in both directions can create considerable work. For supplementary services,
it is important that the proxy server remains securely configured. The workload is high
because the proxy must be configured for each and every service it provides.
= Default Configurations
When implementing a proxy, it is recommended to avoid the use of the default
configurations. Take time to follow the rules and restrictions. If some default settings
are changed, the proxy server might not function properly.
= Proxy servers have to reroute information; thus, web pages can occasionally load slowly.
= |f the proxy server is attempting to bypass suspicious software, some elements of a page
may not load.

Module 07 Page 899 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls —— Technical Controls

= As personal information is passed through an external server that could be accessed by
intruders, data security can be compromised.

Module 900
Module 07 Page 900 Certified Cybersecurity Technician
Certified Cybersecurity Technician Copyright
Copyright ©© by EG-Gouncil
EG-Gounell
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Example of a Proxy Server: Squid Proxy

Risense
isense
COww i : N\
\

Ao Condig Backp Q Squid is a caching proxy for the web and
Setings|
Package / Proxy Server. General Settings captve portsl supports HTTP, HTTPS,
supports HTTP, HTTPS, FTP,
FTP, and
and more
more
DHCP Relay

Qenersl
Ganeral Hemate Ca che
MemsteCache LocaiCoshe Awihus | OHCPSorve Asherticonon Users.R Q It reduces the bandwidth and improves
— the response time by caching and reusing
Squid General Settings - frequently-requested web
frequently-requested pages
web pages
Cnable Squd
Enable SquidPrexy
Prory
J
@@ Check s1o snsble the Squidd
Check prowy,
prowy D5 1™
Important: Mi unchacked, ALL Squid DNS Resclver Mopped /
Dyrnamuc ONS -
Keep Settings
Keep Settings Dats
Dats @ M erubied the settings, logs, Cad p— be presetvedof -
important: dissbled, oll settingsa | spe unimisitrel Package
Package / SquidGuard
SquidGuard / Blacklists
Load Balarvce

Prowy Interlacels)
Prowy Interlacels) u.‘f NP Covar
olo settongs
Covar Common ACL
Cemmmaon Gronps A
Grongps catogores
Target Categras Tomes Few tos Loy
“.". PPPol Server

aup Blackiist Update
Blacklist Update
v vy server will lect mednpleof

Prony Port
Provy Port.
,~{|-_. werw Shallabst o Do ]

ICP Port

Example of a Proxy Server: Squid Proxy
Source: http.//www.squid-cache.org
http://www.squid-cache.org
Squid is a caching proxy for the web and supports HTTP, HTTPS, FTP, and more. It reduces the
bandwidth and improves the response times by caching and reusing frequently-requested web
pages. Squid has extensive access controls and is a great server accelerator. It runs on most
available operating systems, including Windows and is licensed under the GNU general public
license (GNU GPL).

Module 07 Page 901 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls —— Technical Controls

msense $ o tot{oces Fieowall Servicos
Servicon ~
COMMUNITY LDITION

Auto
Auto Config
Config Backup
Backip

Package / Proxy Server: General Settings
Settings| captive Portal
DHCP Refay
DHCP Reday

General
Gereral Hemate Cache
Remote Local Cache Artivirus DHCP Serves
Server Authentication
Authantication Users FaH
— DHCPVE Relay

Squid General Settings DHCPVG Server & RA
DHCPVE _
DNS Foewarder
Forwarde
Enable Squid Proxy ¢# Check 101 enable the Squid praxy
prary N
DNS Resalver
Important: Ii unchacked, ALL Squid DNS Resalver slopped
stopped

Dymamic
Dyramic DNS
DNS
Keep Settings/Dats ¢o IIf enabled the sethings,
sethngs, logs, cac \OMP
1GMP S be preserved atroas package
pacvage renistala
renstaly
QA
GMS Frox
Prox
Impoantant:
Impartant: Mi disabled, #ll sattings
settings a 'y ago
sge uninstail reinstall'upgrade
uninstall/reinstall/upgrade
Load Balancer

Proxy Interface(s) LAN NTP
WAN
phack
sk PPPOE Server

SNMP
“..‘.‘.("'

1H {g | slect imvtinle
elocty 1inle intes!
Inted!f

Squd Prasy Server
Server
Proxy Port
Squd Reverse Proxy

ICP Port

1 the proxy
’ Var W WakeonLAN
‘I.i.."'
N l ‘.‘rl ' it !
et ank o y ] RTRTTS—, (™ ) [ cp

Figure 7.100: Screenshot of Squid Proxy

Package / SquidGuard / Blacklists

Genweral
General settngs Common ACL Groups
Geoups ACL Target categones Times Rew'ites
Rewn'ites Olackhat
Dlackiat Log XMLARPC Syn
Syne

Blacklist Update

0 {' tps Vwew shallalist de/Downloads/ shall ahist 1ar g2 ]

=Enter
e
FTP oro MTTP path 10to the Blacklist archive here

Figure 7.101: Screenshot of Squid Proxy

Module 07 Page 902 EC-Council
Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls —— Technical Controls

List of Proxy Tools
L]

[ [[ ]
Whonix [z
@ Proxify ProxyCap
https://www.whonix.org https://proxify.com
https://proxify.com https://www.proxycap.com
https://www.proxycop.com

Psiphon Guardster CCProxy
https://psiphon.ca http://www.guardster.com https://www.youngzsoft.net

FoxyProxy @9
s“é"lD Global Proxy Network Fiddler
https://getfoxyproxy.org
https://getfoxyproxy.org S:\_;f
D https://infatica.lo https://www.telerik.com

GeoSurf Anonym8 BlackArch Proxy
https://www.geosurf.com
https://www.geosurf.com https://github.com
https://github.com https://blackarch.org

JonDo ProxySite Artica Proxy
https://onony
https:// -proxy
proxy net
net https://www.proxysite.com https://ortica-proxy.com
https://ortica-proxy.com

Copyright
Copyright © by EC-Counchl.
EC- ouncl. All Rights Reserved. Reproduction iss Strictly Prohibited
Reserved. Reproduction

List of Pxroxy Tools
Some of proxy tools are listed below:
* Whonix
Whonix (https://www.whonix.org)
= Psiphon (https://psiphon.ca)
* FoxyProxy (https://getfoxyproxy.org)
» GeoSurf
GeoSurf (https://www.geosurf.com)
* JonDo (https://anonymous-proxy-servers.net)
= Proxify (https://proxify.com)
» Guardster (http://www.guardster.com)
* Global Proxy Network (https://infatica.io)
* Anonym8 (https://github.com)
(https.//github.com)
» ProxysSite
ProxySite (https.//www.proxysite.com)
* ProxyCap (https://www.proxycap.com)
= CCProxy (https.//www.youngzsoft.net)
(https://www.youngzsoft.net)
» Fiddler (https://www.telerik.com)

= BlackArch Proxy (https://blackarch.org)
» Artica Proxy (https.//artica-proxy.com)
(https://artica-proxy.com)

Module 07 Page 903 EG-Council
Certified Cybersecurity Technician Copyright © by EC-Council