Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Module Flow

Discuss Essential Network Understand Different Types of
Security Protocols Proxy Servers and their Benefits

Discuss Fundamentals of VPN
Discuss Security Benefits 7 an and its importance in Network
of Network Segmentation - T
¢ Security
&0
B
Understand Different Types @ \ Discuss Other Network Security
of Firewalls and their Role Controls

|

Understand Different Types Discuss Importance of Load
of IDS/IPS and their Role E\ Balancing in Network Security

Understand Different Types Understand Various
of Honeypots Antivirus/Anti-malware Software

Copyright © by L All Rights Reserved. ReproductionIs Strictly Prohibited.

Understand Different Types of Proxy Sexvers and their Benefits
Proxy servers play an important role in securing the servers connected to the Internet. They
provide an additional layer of the security to the servers and reduce the probability of an attack
on the servers. This section discusses proxy servers, their benefits, and types of proxy servers.

Module 07 Page 877 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

What are Proxy Servers?
01 I A proxy server is a dedicated computer, or a software system virtually located between a client and the actual
server

02 I It is a sentinel between an internal network and the open internet

03 It serves clients requests on behalf of actual severs, thereby preventing actual servers from exposing themselves
to the outside world

04 It provides an additional layer of defense to the network and can protect against certain operating system (OS)
and web server specific attacks

05 Security professionals should deploy a proxy server to intercept malicious, offensive web content, computer viruses,
etc., hidden in the client requests

E==r==n..III.II'Ill.ll.ll.l.l..l.’...l"""""‘..l..'l.." RR

Qo

User Proxy Server Server

Copyright © by EC-Councll. All Rights Reserved. Reproduction is Strictly Prohibited.

What are Proxy Servers?
A proxy server is an application that can serve as an intermediary when connecting with other
computers. Security professionals should deploy a proxy server to intercept malicious, offensive
web content, computer viruses, etc., hidden in the client requests.

A proxy server is used:

= As a firewall and to protect the local network from outside attacks.
= To anonymously surf the web (to some extent).
= To filter out unwanted content such as ads or “unsuitable” material (using specialized
proxy servers).
®= To provide some protection against hacking attacks.
How do proxy servers work?
When a user uses a proxy for requesting a particular web page on an actual server, the proxy
server receives it. It then sends this request to the actual server on behalf of the user’s
request—it mediates between the user and the actual server to send and respond to the
request.

User Proxy Server
Figure 7.86: Working of Proxy

Module 07 Page 878 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

A proxy server improves security, administrative control, and caching services. It is also used for
evaluating the network traffic and maintaining user confidentiality.
Proxy servers in an organization help in maintaining security and administrative controls.
However, attackers use proxy servers to hide their presence on the internet.

Module 07 Page 879 Certified Cybersecurity Technician Copyright © by EG-Gouncil
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Benefits of Proxy Server

1 2 3 4
Acts as a security Enhances the security Improves the Provides advanced
protector between the and privacy of client browsing speed logging capabilities for
user devices and a devices user activities
server

S 6 1 8
Controls access to Hides internal IP Reduces the chances Enables authentication
specific types of addresses and filters of modifying cookies for the proxy servers
restricted services requests from external in the browser before handling user
sites configuration requests

Benefits of Proxy Server
The following are the benefits of using a proxy server while accessing a network:
= |t acts as a security protector between the user devices and a server.
= |t enhances the security and privacy of client devices.
= |t improves the browsing speed.
= |t provides advanced logging capabilities for user activities.
= |tis used for controlling the access to specific types of restricted services.
= |t helps the organization to hide its internal IP address.
= |t reduces the chances of modifying cookies in the browser configuration and protects
from any kind of malware.
= |t filters requests from external sites.
= |timproves the delivery of the requested web pages to the users.
= |t enables authentication for the proxy servers before handling user requests and
services.

Module 07 Page 880 Certified Cybersecurity Technician Copyright © by EG-Gouncil
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Functioning of a Proxy Sexver
Q—‘ Internal host requests to access a web site

o ee __, Therequest enters the proxy server which examines the header and
packet content based on the rule base

“J —= Server reconstructs the data packet with a different source IP address

__, Proxy server transmits the packet to target address that conceals the
actual end user who made the request

If the data packet is returned, it is again sent to the proxy server to check
with the rule base

The returned packet is reconstructed by the proxy server and is sent to
the source computer

Copyright © by EC-: I. All Rights Reserved. Repr n Is Strictly Prohibited.

Systems on internal
network use a private
address range

Proxy Server B ’J
£ i -. 192.168.2.3
3. External Interface 4. Reply is forwarded :
with registered IP ‘ by the proxytothe :
address 24.67.233.7. requesting client

=]
et
L 1. Request for a Web Page
" 192.168.2.4.
forwardedby Firewall
Internet the proxy
server

192.168.2.5

Copyright © by £ I. All Rights Reserv

Functioning of a Proxy Server
= The client first requests a web page and recognizes the server that contains the web
page.
* The request for the web page is passed on to the proxy server, which checks the packet
with its set of conventions for this service and decides whether the request is to be
granted.

Module 07 Page 881 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

= Once the proxy has made the decision to allow the request, a new packet is created
with the source IP address of the proxy server.
= This new packet is the request for the web page from the proxy server. The web server
receives the request and returns the web page to the requesting host.
= When the proxy receives the web page, it verifies its rules to determine whether this
page is to be allowed.
= Once the decision is made to proceed, the proxy creates a new packet with the web
page as the payload and sends it to the original client.
= This type of service significantly increases the security of the network, as no packets can
travel directly from the client to the server.
Systems on internal
network use a private
address range

i -
Proxy Server : B \J
H T — L
= = -
e.
=S 192.168.2.3
3. External Interface 4. Reply Is forwarded
with registered IP e by the proxy to the
address 24.67.233.7 H requesting client.............................................................. AR
vop [EESImEmEE cecesccsscssscnsasuns E...................................-:.....y ,............ T LT I v_—‘._w_( y
2. Request Is 1. Request for a Web Page
forwarded by Firewall 192.10824
Internet the proxy
server

192.168.2.5

Figure 7.87: Functioning of a Proxy Server

Module 07 Page 882 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Proxy Servers vs Packet Filters

QO Proxy server examines the data payload Q Packet filters examine the routing
of the packet information of the packet

Q Creates detailed log file listings, since Q Logs only the header information of the |
they scan the entire data of IP packets IP packets

QO Restructures the packet with new Q Allows or blocks the data depending on

R4
source |P data the packet filter rules

Q In the case of failure of a proxy server, O In the case of failure of a packet filter, all {
all network communications would packets may be allowed to pass through
cease the internal network

B

Copyright © by EC-{ All Rights Reserved. ReproductionIs Strictly Prohibited

Proxy Servers vs Packet Filters
Proxy servers and packet filters are used together in a firewall and work in the application layer
of the OSI model. They mainly differ in terms of the inspection of different parts of IP packets
and the way they act on them.
= A proxy server creates detailed log file listings because they scan the entire data part of
the IP packets, whereas a packet filter logs only header information of the IP packets.
= A packet filter simply allows the data packet to pass through to the destination if it
matches the packet filter rules. On the other hand, a proxy server restructures the
packet with new source IP data.
= In the case of failure of a proxy server, all network communications would cease,
whereas in the case of packet filter failure, all packets may be allowed to pass through
to the internal network.

Module 07 Page 883 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Types of Proxy Servers

T
Transparent
Proxy
=
Non Transparent
Proxy
©
SOCKS Proxy

(AE)

Anonymous Proxy Reverse Proxy

Copyright © by & Al Rights Reserved. Reproductionis Strictly Prohibited

Types of Proxy Servers
Discussed below are various types of proxy servers.

Module 07 Page 884 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls - Technical Controls

Transparent Proxy

Q A transparent proxy is a proxy through
which a client system connects to a server
without its knowledge

It is configured to be entirely invisible to
an end user

With a transparent proxy, all the web
clients must be configured manually

Copyright © by Al Rights Reserved, ReproductionIs Strictly Prohibited.

Transparent Proxy
A transparent proxy is a proxy through which a client system connects to a server without its
knowledge. It is configured to be entirely invisible to an end user. It is placed between two
networks, similar to a router. A firewall tracks the outgoing traffic and directs it to a specific
computer, such as a proxy server. Network administrators need not configure the client’s
software with transparent proxies. With a transparent proxy, all the web clients must be
configured manually.

Module 07 Page 885 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Non-transparent Proxy

O Require client software to be configured to use the proxy server

g QO The client is made aware of the proxy’s existence

QO They are difficult to configure, as each client program must be set up to
route all requests to a single port

01 02 03
Group An.notatxon Media Typfe BYAIEEIiR o duction A.n.onyx.mty
Sexrvices Transformation Filtering

Non-transparent Proxy
Non-transparent proxies are also known as explicit proxies and require client software to be
configured to use the proxy server. Non-transparent proxies are difficult to configure, as each
client program must be set up to route all requests to a single port. However, these proxies
provide a greater level of security than other types. A non-transparent proxy is one that
modifies a request or response, and the client is made aware of the proxy’s existence. The
entire requested URL is sent to the proxy that has the host name. It provides added services to
the user agent such as group annotation services, media-type transformation, protocol
reduction, and anonymity filtering.

Module 07 Page 886 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

——

SOCKS Proxy

O The SOCKS is an Internet Engineering Task Force (IETF) standard
O Itis a proxy server that does not have the special caching abilities of a caching HTTP proxy server
O The SOCKS proxy server does not allow external network components to collect information on the client that
generated the request

—].
= E N \
The SOCKS package includes 2 “L e
i comainst:he foll g A SOCK server for Q A client program Q A client library for
SOIIpOOL the specified such as FTP, Telnet, SOCKS
operating system or an Internet
(0s) browser
Copyright © by All Rights Reserved. ReproductionIs Strictly Prohibited

SOCKS Proxy
SOCKS, an Internet Engineering Task Force (IETF) standard, is a proxy server that does not have
the special caching abilities of a caching HTTP proxy server. The SOCKS protocol internally uses
“sockets,” which help track all the individual connections of clients. The function of a SOCKS
server is to handle all clients’ requests inside the organization’s firewall; based on the
requested Internet destination or user identification, it allows or rejects connection requests. If
the requested connection is valid, then it “binds” the request, and information is exchanged
with the usual protocol (e.g., HTTP). The SOCKS proxy server does not allow external network
components to collect information on the client that generated the request.
The SOCKS package contains the following components:
= A SOCK server for the specified operating system (OS)
= Aclient program such as FTP, Telnet, or an Internet browser

= Aclient library for SOCKS

Module 07 Page 887 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Anonymous Proxy

O An anonymous proxy does not transfer information about the IP address of A~ ~—
its user, thereby hiding information about the user and their surfing interests & e

Pros Cons
e ——— —————

O A user can surf the Internet QO Using this type of proxy server
privately by using an may decrease the speed of
anonymous proxy loading a web page on to the
Q with the help of an browser
anonymous proxy server, a Q Using anonymous proxy
user can access even servers to bypass Internet
censored websites censorship is illegal in some
countries

Anonymous Proxy
An anonymous proxy does not transfer information about the IP address of its user, thereby
hiding information about the user and their surfing interests. A user can surf the Internet
privately by using an anonymous proxy. With the help of an anonymous proxy server, a user
can access even censored websites. The use of this type of proxy server may decrease the
speed of loading a web page on to the browser. Further, the use of anonymous proxy servers to
bypass Internet censorship is illegal in some countries.

Module 07 Page 888 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Reverse Proxy

A reverse proxy is usually situated closer to the server(s) and
will only return a configured set of resources

It can optimize content by compressing it to speed up loading

The client is unaware of the presence of a reverse proxy

A reverse proxy server is an intermediate server that is located
between a client and the actual web server

Copyright © by k l. All Rights Reserved. Reproductionis Strictly Prohibited.

Reverse Proxy
A reverse proxy is usually situated closer to the server(s) and will only return a configured set of
resources. It can optimize content by compressing it to speed up loading. The client is unaware
of the presence of a reverse proxy. A reverse proxy server is an intermediate server that is
located between a client and the actual web server.
Note: Transparent proxy and anonymous proxy are open proxies also known as forwarding
proxies.

Module 07 Page 889 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

How to Configure Proxy Server.

Configuring Automatic Proxy Setup in Windows 10

Step 1 Open Windows Settings by pressing € Settings - 0 X
P the Windows key and | together
@ Home Pri Ooxy

Step 2 Click Network & Internet = Proxy Find a satting 7| Automatic proxy setup
Network & Internet Uu‘a proxy server for Ethernet or Wi-Fi coanections, These settings

Sten 3 Check if the “Automatically detect o PyoV comnecton.
ep. senln's" toggle button is On Automatically detect settings
“ Dalup @ o

St ‘ Windows runs an automatic check by @ VPN Use setup script
L default @ o
& N Seript address
Step § If Windows detects PAC file, set the 4
o “Use Setup Script” toggle button to On U0 Mobile hotspot { |

Step 6 Type proxy.certifiedhacker.com in the i Save
) “Script Address” field

Step 7 Click Save to implement the changes = <
L and use the Internet through the proxy

Copyright © by All Rights Reserved. Reproduction is Strictly Prohibited.

How to Configure Proxy Server (Cont’d)
Open the Windows settings menu by pressing
Step 1 Configuring Manual Proxy Setup in Windows 10
the Windows key and | together
¢ Sattegn = [8) x

Step 2 Click Network & Internet Proxy @ Home Proxy
F.m a tetting
| Manual proxy setup
Automatic proxy setup window opens. Scroll Network & Internet Use a proxy server for Ethermaet or Wi-Fi connections. These settngs
don't apply to VPN connections.
Step 3 down to “Manual proxy setup” and set the
“Use a Proxy Server” toggle button to On & Use a proxy server

@&
@ o
Address Port
Type proxy.certifiedhacker.com in the address
Step 4 T Ethemet l :\roxy:cvtflnflh&lfltm\] [ 8838 ]
field and 8888 in the port field
* Ve the proxy server except for addresses that start with the follewing
entres, Use semicolens () to separate entres.

Type *.local in the field below the address and L *local
Step 5
port fields to exempt the use of a proxy server P
D Don't use the proxy server for local (intranet) sddresses

Click Save to implement the changes and
Step 6
use the proxy in Windows 10

Copyright © by All Rights Reserved. Reproductionis Strictly Prohibited.

Module 07 Page 890 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

How to Configure Proxy Server (Cont’d)
Configuring Proxy Setup in Google Chrome

Step 1 e System

Step 3

0O
¢
0

The System window opens. Click “Open your
i
z
:
computer’s proxy settings” - &

[
Step 4 3
=+
©C

The proxy server settings window opens.
F

Follow the instructions to configure the
o

proxy
Copyright © by All Rights Reserved. Reproduction Is Strictly Prohibited

How to Configure Proxy Server (Cont’d)

Step 1 Step 2
Open the Microsoft Edge browser and click “Settings” Scroll down on the page and click “System”
Configuring from the menu displayed on the top-right corner
Proxy Setup in
Microsoft Edge Step 3 Step 4
The System window opens. Click “Open your The proxy server setup window opens. Follow the
computer’s proxy settings” instructions to configure the proxy server

B | @ s x|+ :
[ O @ Edge | edgey/settings/system v 0% 3§
R
& samilysafety
B Ingan System

O Frinters Contrue running background 3pps when Micrasoft Edga s closed @

O Reet setrngs
(i
bt sl
O Phoneand oter devices |09«\ywmwm'ww-wwx [ |

@ Abeut Mirosoht Edge

Copyright © by All Rights Reserved. Rej is Strictly Prohibited

How to Configure Proxy Server
A proxy server acts as a gateway between a user and the Internet and can perform many
functions such as virus scanning, secure communication, and fast data transmission; further, it
maintains the privacy of online identity.
The following are the different ways to set up a proxy server in Windows 10, Google Chrome,
and Microsoft Edge.

Module 07 Page 891 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Configuring Automatic Proxy Setup in Windows 10
= Step 1: Open Windows Settings by pressing the Windows key and | together.

Settings

Windows Settings

Efi Devices
Bluetooth prnter

@ Network & Internet
Wi-Fi arplane mode. VPN

@ Personalization — Apps

AF o rogondom
R Accounts Q) Time
& Language
Your accounts emasl syng

Figure 7.88: Screenshot showing Windows Settings in Windows 10

= Step 2: The Windows Settings box appears. Click Network & Internet = Proxy.

<
@ Home Proxy
I Find a setting Automatic proxy setup

Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don't apply to VPN connections.
Leod CuerneL

Automatically detect settings
Dial-up
@ o
Use setup script
VPN
@ of
Airplane mode
Script address

[0} Mobile hotspot

Proxy Save

Figure 7.89: Screenshot displaying proxy settings in Windows 10

= Step 3: An automatic proxy setup window opens. Ensure that the “Automatically detect
settings” toggle button is On.

Module 07 Page 892 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

= Step 4: Windows runs an automatic check by default to check whether an automatic
proxy server setup has been implemented previously on the network and provides the
name and instructions to follow.

= Step 5: If Windows detects the Proxy Auto-Configuration (PAC) file, set the “Use Setup
Script” toggle button to On.

= Settings

(A Home Proxy
Find a setting Automatic proxy setup

Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don't apply to VPN connections.
=t CAnerne

Automatically detect settings
2 Dial-up o e

% VPN Use setup script

@ on
l%:’ Airplane mode
Script address

) Mobile hotspot

@ Proxy

Figure 7.90: Screenshot displaying automatic proxy setup in Windows 10

Step 6: Type proxy.certifiedhacker.com in the “Script Address” field.
Step 7: Click Save to implement the changes and use the Internet through the proxy.

\ T Settings - O

(A Home Proxy

Find a setting Automatic proxy setup

Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don't apply to VPN connections.
= CueimneL

Automatically detect settings
2 Dial-up 0 on

% VPN Use setup script

@ on
Ly Airplane mode
Script address

I proxy.certifiedhacker.com
) Mobile hotspot

@ Proxy

Figure 7.91: Screenshot showing the configuration of automatic proxy setup

Module 07 Page 893 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Configuring Manual Proxy Setup in Windows 10
= Step 1: Open Windows Settings by pressing the Windows key and | together.
» Step 2: The Windows Settings box appears. Click Network & Internet = Proxy.

¢« Settings

(A Home Proxy
[ Find a setting
Manual proxy setup
Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don’t apply to VPN connections.

@ Status Use a proxy server ‘

i Wi-Ri
@D o \
Address Port ‘

2 Ethernet
\
\
Dial-up Use the proxy server except for addresses that start with the following
entries. Use semicolons (;) to separate entries,

% VPN

g5 Airplane mode

“? Mobile hotspot

Save
@ Proxy

Figure 7.92: Screenshot showing manual proxy setup

= Step 3: Automatic proxy setup window opens. Scroll down to “Manual proxy setup” and
set the “Use a Proxy Server” toggle button to On.

- Settings

(N Home Proxy
I Find a setting
Manual proxy setup
Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don't apply to VPN connections.

M Status
Use a proxy server

A WiFi @ o
Address Port
¥ Ethernet

Dial-up Use the proxy server except for addresses that start with the following
entries. Use semicolons () to separate entries.

% VPN

g» Airplane mode
[] pon't use the proxy server for local (intranet) addresses
() Mobile hotspot

Save
| & Proxy

Figure 7.93: Screenshot showing the configuration of manual proxy setup

Module 07 Page 894 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

= Step 4: Type proxy.certifiedhacker.com in the address field and 8888 in the port field.

&« Settings

(o] Home Proxy
I Find a setting
Manual proxy setup
Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don’t apply to VPN connections,

8 Status
Use a proxy server

I3 Wi-Fi
@D on
Address Port
Ethernet { :)roxy.certifiedhacker.com‘ I 8888 |

Dial-up Use the proxy server except for addresses that start with the following
entries. Use semicolons (;) to separate entries.

VPN *local

Airplane mode

I:I Don't use the proxy server for local (intranet) addresses
«» Mobile hotspot

| ® Proxy

Figure 7.94: Screenshot showing the text to be entered in the address and port field for configuring manual proxy setup

= Step 5: Type *.local in the field below the address and port fields to exempt the use of a
proxy server.
= Step 6: Click Save to implement the changes and use the proxy in Windows 10.
Configuring Proxy Setup in Google Chrome
= Step 1: Open the Google Chrome browser and select Settings in the toolbar.
= Step 2: Scroll down on the page and Click Advanced = System.

Module 07 Page 895 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

8 Settings X +

& > C @ Chrome | chrome://settings/system

Settings Q,_ Search settings

- Youand Google
System
B Auofil
Continue running background apps when Google Chrome is closed
@ safetycheck

L
when availsbl
Use e
Q@ Privacy and security

@ Appearance Open your computer's proxy settings

Q, Search engine
Reset and clean up
9 Default browser

() Onstartup Restore settings to their original defaults

Advanced - Clean up computer

@ Languages

$ Downloads

T Accessibility

9, system

£ Resetand clean up

Figure 7.95: Screenshot displaying proxy setup in Google Chrome

= Step 3: The System window opens. Click “Open your computer’s proxy settings.”

Q Setings X +

& > C ® Chrome | chromey//settings/system

Settings

You and Google
System
Autofill
Continue running background apps when Google Chrome Is closed @
Safety check
&

Use hard when availab N )
Privacy and security
&

Appearance Open your computer's proxy settings @A
%

Search engine
°o

Reset and clean up
Default browser
0

() Onstartup Rastere settings to their original defaults

Advanced - Clean up computer

@ Languages

s Downloads

T Accessibility

\\ System

£) Resetand clean up

Figure 7.96: Screenshot displaying the option to open the computer’s proxy settings in Google Chrome

Module 07 Page 896 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Step 4: The proxy server settings window opens. Follow the instructions to configure the
Proxy.

< Settings

(N Home Proxy
Find a setting / Automatic proxy setup

Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don't apply to VPN connections.
= Culernmet

Automatically detect settings
Dial-up
@ on
°%® VPN Use setup script

@ o
e Airplane mode
Script address

) Mobile hotspot proxy.certifiedhacker.com

@ Proxy Save

Figure 7.97: Screenshot displaying proxy setup in Windows opened through Google Chrome

Configuring Proxy Setup in Microsoft Edge
Step 1: Open the Microsoft Edge browser and click Settings from the menu displayed on
the top-right corner.
Step 2: Scroll down on the page and click System.
Step 3: The System window opens. Click “Open your computer’s proxy settings.”

(G i@) Settings x |+

& C @ tdge | edge:/settings/system 7o 1= ¢ 4

?g; Family safety
- System
Al Languages

@ Printers Continue running background apps when Microsoft Edge is closed @

= et | Use hardware acceleration when available Q
) Reset settings. : 2
D Bhons ad other devices |Open your computer’s proxy settings ] l

@@ About Microsoft Edge

Figure 7.98: Screenshot displaying proxy setup in Microsoft Edge

Module 07 Page 897 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

= Step 4: The proxy server setup window opens. Follow the instructions to configure the
proxy server either automatically or manually.

@ Home Proxy
? Find a setting o) I
Manual proxy setup

&Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings
don’t apply to VPN connections.

Status Use a proxy server

& wir @ (e} on
p Address Port
¥ Ethernet l oroxy.certifiedhacker.com l I 8888 l

2 Dial-up Use the proxy server except for addresses that start with the following
‘ entries. Use semicolons () to separate entries.

*local

D Don't use the proxy server for local (intranet) addresses

Figure 7.99: Screenshot displaying proxy setup in Windows opened through Microsoft Edge

Module 07 Page 898 Certified Cybersecurity Technician Copyright © by EC-Gouncil
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Limitations of Proxy Server

If proxy is not properly secured, then it may become point of failure in an event
of attack

‘ Increase in workload since proxy must be configured for each and every service it
provides

/ If we attempt to change the default settings, the proxy server might not function
properly

Proxy servers have to reroute information, thus web pages can sometimes load
slowly

If the proxy server is attempting to bypass suspicious software, some elements of
a page may not load

Copyright © by EC-Councll. All Rights Reserved. Reproductionis Strictly Prohibited.

Limitations of Proxy Server
The following are some of the limitations of proxy servers.
= Single Point of Failure
An issue with a proxy server is the creation of a single point of failure. If the entire
organization uses the same proxy, that machine is quite critical and should be
configured properly. A common mistake is forgetting that a proxy is insecure. Although
a proxy server protects the internal network, any interface directly connected to the
Internet is wide open to attack. Organizations should ensure that the proxy is used in
conjunction with other security mechanisms, such as a packet filter, to decrease the
possibility of a direct intrusion attack on the proxy.
= A Proxy for Each Service
The proxy must be configured for each service. A network that allows numerous types
of services in both directions can create considerable work. For supplementary services,
it is important that the proxy server remains securely configured. The workload is high
because the proxy must be configured for each and every service it provides.
= Default Configurations
When implementing a proxy, it is recommended to avoid the use of the default
configurations. Take time to follow the rules and restrictions. If some default settings
are changed, the proxy server might not function properly.
= Proxy servers have to reroute information; thus, web pages can occasionally load slowly.
= |f the proxy server is attempting to bypass suspicious software, some elements of a page
may not load.

Module 07 Page 899 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

= As personal information is passed through an external server that could be accessed by
intruders, data security can be compromised.

Module 07 Page 900 Certified Cybersecurity Technician Copyright © by EG-Gouncil
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

Example of a Proxy Server: Squid Proxy

Risense i : N\
Ao Condig Backp Q Squid is a caching proxy for the web and
Package / Proxy Server. General Setings| captve portsl supports HTTP, HTTPS, FTP, and more
DHCP Relay

Qenersl MemsteCache LocaiCoshe Awihus | OHCPSorve Asherticonon Users R Q It reduces the bandwidth and improves
— the response time by caching and reusing
- frequently-requested web pages
Cnable SquidPrexy @ Check 1o snsble the Squid prowy, D5 1™
Important: i unchacked, ALL Squid DNS Resclver Mopped /
Dyrnamuc ONS

Keep Settings Dats @ M erubied the settings, logs, Cad p— be presetvedof -
important: dissbled, oll settingsa | spe unimisitrel Package / SquidGuard / Blacklists
Load Balarvce

Prowy Interlacels) u.‘f NP Covar
o settongs Common ACL Gronps A Target catogores Tomes Few tos Loy
“.". PPPol Server

aup Blackiist Update
v vy server will lect mednpleof

Provy Port.
,~{|-_. werw Shallabst o Do ]

Example of a Proxy Server: Squid Proxy
Source: http://www.squid-cache.org
Squid is a caching proxy for the web and supports HTTP, HTTPS, FTP, and more. It reduces the
bandwidth and improves the response times by caching and reusing frequently-requested web
pages. Squid has extensive access controls and is a great server accelerator. It runs on most
available operating systems, including Windows and is licensed under the GNU general public
license (GNU GPL).

Module 07 Page 901 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

msense $ o tot{oces Fieowall Servicos ~
COMMUNITY LDITION

Auto Config Backup

Package / Proxy Server: General Settings captive Portal
DHCP Refay

General Hemate Cache Local Cache Artivirus DHCP Serves Authentication Users Fa
— DHCPVE Relay

Squid General Settings DHCPVE Server & RA _
DNS Foewarder
Enable Squid Proxy ¢ Check 10 enable the Squid praxy
DNS Resalver
Important: I unchacked, ALL Squid slopped

Dymamic DNS
Keep Settings/Dats ¢ If enabled the sethings, logs, cac \OMP S be preserved atroas package renistala
QA Frox
Impoantant: i disabled, #ll sattings a ' ago uninstail reinstall'upgrade
Load Balancer

Proxy Interface(s) LAN NTP
WAN
phack PPPOE Server

“..‘.‘.("'

1 { elocty 1inle Inted!f

Squd Prasy Server
Proxy Port
Squd Reverse Proxy

ICP Port

the proxy Var W WakeonLAN it
et ank o y ] RTRTTS—, (™ ) [ cp

Figure 7.100: Screenshot of Squid Proxy

Package / SquidGuard / Blacklists

Genweral settngs Common ACL Groups ACL Target categones Times Rew'ites Olackhat Log XMLARPC Syn

Blacklist Update

0 {' tps Vwew shallalist de/Downloads/ shall ahist 1ar g2 ]

=
Enter
e
FTP or MTTP path to the Blacklist archive here

Figure 7.101: Screenshot of Squid Proxy

Module 07 Page 902 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

List of Proxy Tools
[ [
Whonix @ Proxify ProxyCap
https://www.whonix.org https://proxify.com https://www.proxycap.com

Psiphon Guardster CCProxy
https://psiphon.ca http://www.guardster.com https://www.youngzsoft.net

FoxyProxy s“é"lD Global Proxy Network Fiddler
https://getfoxyproxy.org S:\_;f https://infatica.lo https://www.telerik.com

GeoSurf Anonym8 BlackArch Proxy
https://www.geosurf.com https://github.com https://blackarch.org

JonDo ProxySite Artica Proxy
https://onony -proxy net https://www.proxysite.com https://ortica-proxy.com

Copyright
© by EC-ouncl. All Rights Reserved. Reproduction is Strictly Prohibited

List of Pxroxy Tools
Some of proxy tools are listed below:
* Whonix (https://www.whonix.org)
= Psiphon (https://psiphon.ca)
* FoxyProxy (https://getfoxyproxy.org)
» GeoSurf (https://www.geosurf.com)
* JonDo (https://anonymous-proxy-servers.net)
= Proxify (https://proxify.com)
» Guardster (http://www.guardster.com)
* Global Proxy Network (https://infatica.io)
* Anonym8 (https.//github.com)
» ProxySite (https.//www.proxysite.com)
* ProxyCap (https://www.proxycap.com)
= CCProxy (https://www.youngzsoft.net)
» Fiddler (https://www.telerik.com)
= BlackArch Proxy (https://blackarch.org)
» Artica Proxy (https://artica-proxy.com)

Module 07 Page 903 Certified Cybersecurity Technician Copyright © by EG-Council