Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 04_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 Limitations of Proxy Server If proxy is not properly secured, then it may become point of failure in an event of attack ‘ Increase in workload since proxy must be configured for each and every service it provides / If we attempt to change the default settings, the proxy server might not function properly Proxy servers have to reroute information, thus web pages can sometimes load slowly If the proxy server is attempting to bypass suspicious software, some elements of a page may not load Copyright © by EC-Councll. All Rights Reserved. Reproductionis Strictly Prohibited. Limitations of Proxy Server The following are some of the limitations of proxy servers. = Single Point of Failure An issue with a proxy server is the creation of a single point of failure. If the entire organization uses the same proxy, that machine is quite critical and should be configured properly. A common mistake is forgetting that a proxy is insecure. Although a proxy server protects the internal network, any interface directly connected to the Internet is wide open to attack. Organizations should ensure that the proxy is used in conjunction with other security mechanisms, such possibility of a direct intrusion attack on the proxy. = as a packet filter, to decrease the A Proxy for Each Service The proxy must be configured for each service. A network that allows numerous types of services in both directions can create considerable work. For supplementary services, it is important that the proxy server remains securely configured. The workload is high because the proxy must be configured for each and every service it provides. = Default Configurations When implementing a proxy, it is recommended to avoid the use of the default configurations. Take time to follow the rules and restrictions. If some default settings are changed, the proxy server might not function properly. = Proxy servers have to reroute information; thus, web pages can occasionally load slowly. = |f the proxy server is attempting to bypass suspicious software, some elements of a page may not load. Module 07 Page 899 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls = Exam 212-82 As personal information is passed through an external server that could be accessed by intruders, data security can be compromised. Module 07 Page 900 Certified Cybersecurity Technician Copyright © by EG-Gouncil Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 Example of a Proxy Server: Squid Proxy Risense Package / Proxy Server. General Setings| Ao i Condig captve portsl : Backp Q Squid is a caching proxy for the web and N\ supports HTTP, HTTPS, FTP, and more DHCP Relay Qenersl MemsteCache LocaiCoshe Awihus | Cnable SquidPrexy @ Check 1o snsble the Squid prowy, Important: i unchacked, ALL Squid Keep @ OHCPSorve D5 1™ DNS Resclver Dyrnamuc Settings Dats M erubied important: Prowy Interlacels) the settings, Cad dissbled, oll settingsa Load NP “.". PPPol vy server will Users R Q It reduces the bandwidth and improves the response time by caching and reusing frequently-requested web pages Mopped / ONS p— u.‘f v Provy Port logs, Asherticonon — - be presetvedof | Balarvce spe unimisitrel - Package / SquidGuard / Blacklists Covar o settongs Common ACL Gronps A Target catogores Tomes Few tos Loy Server aup lect mednpleof Blackiist Update. ,~{|-_. werw Shallabst o Do ] Example of a Proxy Server: Squid Proxy Source: http://www.squid-cache.org Squid is a caching proxy for the web and supports HTTP, HTTPS, FTP, and more. It reduces the bandwidth and improves the response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and is a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU general public license (GNU GPL). Module 07 Page 901 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls msense COMMUNITY $ o Exam 212-82 tot{oces Fieowall Servicos ~ LDITION Auto Config Backup Package / Proxy Server: General Settings captive Portal DHCP General Hemate Cache Local Cache Artivirus Refay DHCP Serves — DHCPVE DHCPVE Server & RA Squid General Settings Enable Squid Proxy ¢ Check 10 enable the Squid praxy Important: I unchacked, ALL Squid ¢ If enabled Impoantant: Proxy Interface(s) the sethings, logs, cac i disabled, #ll sattings a LAN Users Fa _ DNS Foewarder DNS Resalver Dymamic Keep Settings/Dats Authentication Relay \OMP QA S slopped DNS be preserved atroas package renistala Frox ' Load Balancer ago uninstail reinstall'upgrade NTP WAN phack PPPOE Server “..‘.‘.("' 1 { elocty Squd Proxy Port 1inle Inted!f Prasy Server Squd Reverse Proxy ICP Port the et ank o y proxy ] Var W WakeonLAN RTRTTS—, (™ it ) [ cp Figure 7.100: Screenshot of Squid Proxy Package / SquidGuard / Blacklists Genweral settngs Common ACL Groups ACL Target categones Times Rew'ites Olackhat Log XMLARPC Syn Blacklist Update 0 {' tps Vwew shallalist de/Downloads/ shall = Enter e ahist 1ar g2 ] FTP or MTTP path to the Blacklist archive here Figure 7.101: Screenshot of Squid Proxy Module 07 Page 902 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Network Security Controls — Technical Controls Exam 212-82 List of Proxy Tools [ Whonix [ @ https://www.whonix.org Proxify ProxyCap https://proxify.com https://www.proxycap.com Psiphon Guardster CCProxy https://psiphon.ca http://www.guardster.com https://www.youngzsoft.net FoxyProxy s“é"lD Global Proxy Network Fiddler https://getfoxyproxy.org S:\_;f https://infatica.lo https://www.telerik.com GeoSurf Anonym8 BlackArch Proxy https://www.geosurf.com https://github.com https://blackarch.org ProxySite Artica Proxy https://www.proxysite.com https://ortica-proxy.com JonDo https://onony -proxy net Copyright © by EC-ouncl. All Rights Reserved. Reproduction is Strictly Prohibited List of Pxroxy Tools Some of proxy tools are listed below: * Whonix (https://www.whonix.org) = Psiphon (https://psiphon.ca) * FoxyProxy (https://getfoxyproxy.org) » GeoSurf (https://www.geosurf.com) * JonDo (https://anonymous-proxy-servers.net) = Proxify (https://proxify.com) » Guardster (http://www.guardster.com) * Global Proxy Network (https://infatica.io) * Anonym8 (https.//github.com) » ProxySite (https.//www.proxysite.com) * ProxyCap (https://www.proxycap.com) = CCProxy (https://www.youngzsoft.net) » Fiddler (https://www.telerik.com) = BlackArch Proxy (https://blackarch.org) » Artica Proxy (https://artica-proxy.com) Module 07 Page 903 Certified Cybersecurity Technician Copyright © by EG-Council