Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 01_ocred.pdf
- Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 02_ocred.pdf
- Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 04_ocred.pdf
- Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 01_ocred_fax_ocred.pdf
- Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 03_ocred_fax_ocred.pdf
- Chapter 7 - 06 - Understand Different Types of Proxy Servers and their Benefits - 04_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Module Flow Discuss Essential N...
Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Module Flow Discuss Essential Network Understand Different Types of Security Protocols Proxy Servers and their Benefits Discuss Fundamentals of VPN Discuss Security Benefits 7 an and its importance in Network of Network Segmentation - T ¢ Security &0 B Understand Different Types @ \ Discuss Other Network Security of Firewalls and their Role Controls | Understand Different Types Discuss Importance of Load of IDS/IPS and their Role E\ Balancing in Network Security Understand Different Types Understand Various of Honeypots Antivirus/Anti-malware Software Copyright © by L All Rights Reserved. ReproductionIs Strictly Prohibited. Understand Different Types of Proxy Sexvers and their Benefits Proxy servers play an important role in securing the servers connected to the Internet. They provide an additional layer of the security to the servers and reduce the probability of an attack on the servers. This section discusses proxy servers, their benefits, and types of proxy servers. Module 07 Page 877 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls What are Proxy Servers? 01 I A proxy server is a dedicated computer, or a software system virtually located between a client and the actual server 02 I It is a sentinel between an internal network and the open internet 03 It serves clients requests on behalf of actual severs, thereby preventing actual servers from exposing themselves to the outside world 04 It provides an additional layer of defense to the network and can protect against certain operating system (OS) and web server specific attacks 05 Security professionals should deploy a proxy server to intercept malicious, offensive web content, computer viruses, etc., hidden in the client requests E==r==n..III.II'Ill.ll.ll.l.l..l.’...l"""""‘..l..'l.." RR Qo User Proxy Server Server Copyright © by EC-Councll. All Rights Reserved. Reproduction is Strictly Prohibited. What are Proxy Servers? A proxy server is an application that can serve as an intermediary when connecting with other computers. Security professionals should deploy a proxy server to intercept malicious, offensive web content, computer viruses, etc., hidden in the client requests. A proxy server is used: = As a firewall and to protect the local network from outside attacks. = To anonymously surf the web (to some extent). = To filter out unwanted content such as ads or “unsuitable” material (using specialized proxy servers). ®= To provide some protection against hacking attacks. How do proxy servers work? When a user uses a proxy for requesting a particular web page on an actual server, the proxy server receives it. It then sends this request to the actual server on behalf of the user’s request—it mediates between the user and the actual server to send and respond to the request. User Proxy Server Figure 7.86: Working of Proxy Module 07 Page 878 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls A proxy server improves security, administrative control, and caching services. It is also used for evaluating the network traffic and maintaining user confidentiality. Proxy servers in an organization help in maintaining security and administrative controls. However, attackers use proxy servers to hide their presence on the internet. Module 07 Page 879 Certified Cybersecurity Technician Copyright © by EG-Gouncil Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Benefits of Proxy Server 1 2 3 4 Acts as a security Enhances the security Improves the Provides advanced protector between the and privacy of client browsing speed logging capabilities for user devices and a devices user activities server S 6 1 8 Controls access to Hides internal IP Reduces the chances Enables authentication specific types of addresses and filters of modifying cookies for the proxy servers restricted services requests from external in the browser before handling user sites configuration requests Benefits of Proxy Server The following are the benefits of using a proxy server while accessing a network: = |t acts as a security protector between the user devices and a server. = |t enhances the security and privacy of client devices. = |t improves the browsing speed. = |t provides advanced logging capabilities for user activities. = |tis used for controlling the access to specific types of restricted services. = |t helps the organization to hide its internal IP address. = |t reduces the chances of modifying cookies in the browser configuration and protects from any kind of malware. = |t filters requests from external sites. = |timproves the delivery of the requested web pages to the users. = |t enables authentication for the proxy servers before handling user requests and services. Module 07 Page 880 Certified Cybersecurity Technician Copyright © by EG-Gouncil Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Functioning of a Proxy Sexver Q—‘ Internal host requests to access a web site o ee __, Therequest enters the proxy server which examines the header and packet content based on the rule base “J —= Server reconstructs the data packet with a different source IP address __, Proxy server transmits the packet to target address that conceals the actual end user who made the request If the data packet is returned, it is again sent to the proxy server to check with the rule base The returned packet is reconstructed by the proxy server and is sent to the source computer Copyright © by EC-: I. All Rights Reserved. Repr n Is Strictly Prohibited. Systems on internal network use a private address range Proxy Server B ’J £ i -. 192.168.2.3 3. External Interface 4. Reply is forwarded : with registered IP ‘ by the proxytothe : address 24.67.233.7. requesting client =] et L 1. Request for a Web Page " 192.168.2.4. forwardedby Firewall Internet the proxy server 192.168.2.5 Copyright © by £ I. All Rights Reserv Functioning of a Proxy Server = The client first requests a web page and recognizes the server that contains the web page. * The request for the web page is passed on to the proxy server, which checks the packet with its set of conventions for this service and decides whether the request is to be granted. Module 07 Page 881 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls = Once the proxy has made the decision to allow the request, a new packet is created with the source IP address of the proxy server. = This new packet is the request for the web page from the proxy server. The web server receives the request and returns the web page to the requesting host. = When the proxy receives the web page, it verifies its rules to determine whether this page is to be allowed. = Once the decision is made to proceed, the proxy creates a new packet with the web page as the payload and sends it to the original client. = This type of service significantly increases the security of the network, as no packets can travel directly from the client to the server. Systems on internal network use a private address range i - Proxy Server : B \J H T — L = = - e. =S 192.168.2.3 3. External Interface 4. Reply Is forwarded with registered IP e by the proxy to the address 24.67.233.7 H requesting client.............................................................. AR vop [EESImEmEE cecesccsscssscnsasuns E...................................-:.....y ,............ T LT I v_—‘._w_( y 2. Request Is 1. Request for a Web Page forwarded by Firewall 192.10824 Internet the proxy server 192.168.2.5 Figure 7.87: Functioning of a Proxy Server Module 07 Page 882 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Proxy Servers vs Packet Filters QO Proxy server examines the data payload Q Packet filters examine the routing of the packet information of the packet Q Creates detailed log file listings, since Q Logs only the header information of the | they scan the entire data of IP packets IP packets QO Restructures the packet with new Q Allows or blocks the data depending on R4 source |P data the packet filter rules Q In the case of failure of a proxy server, O In the case of failure of a packet filter, all { all network communications would packets may be allowed to pass through cease the internal network B Copyright © by EC-{ All Rights Reserved. ReproductionIs Strictly Prohibited Proxy Servers vs Packet Filters Proxy servers and packet filters are used together in a firewall and work in the application layer of the OSI model. They mainly differ in terms of the inspection of different parts of IP packets and the way they act on them. = A proxy server creates detailed log file listings because they scan the entire data part of the IP packets, whereas a packet filter logs only header information of the IP packets. = A packet filter simply allows the data packet to pass through to the destination if it matches the packet filter rules. On the other hand, a proxy server restructures the packet with new source IP data. = In the case of failure of a proxy server, all network communications would cease, whereas in the case of packet filter failure, all packets may be allowed to pass through to the internal network. Module 07 Page 883 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Types of Proxy Servers T Transparent Proxy = Non Transparent Proxy © SOCKS Proxy (AE) Anonymous Proxy Reverse Proxy Copyright © by & Al Rights Reserved. Reproductionis Strictly Prohibited Types of Proxy Servers Discussed below are various types of proxy servers. Module 07 Page 884 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls - Technical Controls Transparent Proxy Q A transparent proxy is a proxy through which a client system connects to a server without its knowledge It is configured to be entirely invisible to an end user With a transparent proxy, all the web clients must be configured manually Copyright © by Al Rights Reserved, ReproductionIs Strictly Prohibited. Transparent Proxy A transparent proxy is a proxy through which a client system connects to a server without its knowledge. It is configured to be entirely invisible to an end user. It is placed between two networks, similar to a router. A firewall tracks the outgoing traffic and directs it to a specific computer, such as a proxy server. Network administrators need not configure the client’s software with transparent proxies. With a transparent proxy, all the web clients must be configured manually. Module 07 Page 885 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Non-transparent Proxy O Require client software to be configured to use the proxy server g QO The client is made aware of the proxy’s existence QO They are difficult to configure, as each client program must be set up to route all requests to a single port 01 02 03 Group An.notatxon Media Typfe BYAIEEIiR o duction A.n.onyx.mty Sexrvices Transformation Filtering Non-transparent Proxy Non-transparent proxies are also known as explicit proxies and require client software to be configured to use the proxy server. Non-transparent proxies are difficult to configure, as each client program must be set up to route all requests to a single port. However, these proxies provide a greater level of security than other types. A non-transparent proxy is one that modifies a request or response, and the client is made aware of the proxy’s existence. The entire requested URL is sent to the proxy that has the host name. It provides added services to the user agent such as group annotation services, media-type transformation, protocol reduction, and anonymity filtering. Module 07 Page 886 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls —— SOCKS Proxy O The SOCKS is an Internet Engineering Task Force (IETF) standard O Itis a proxy server that does not have the special caching abilities of a caching HTTP proxy server O The SOCKS proxy server does not allow external network components to collect information on the client that generated the request —]. = E N \ The SOCKS package includes 2 “L e i comainst:he foll g A SOCK server for Q A client program Q A client library for SOIIpOOL the specified such as FTP, Telnet, SOCKS operating system or an Internet (0s) browser Copyright © by All Rights Reserved. ReproductionIs Strictly Prohibited SOCKS Proxy SOCKS, an Internet Engineering Task Force (IETF) standard, is a proxy server that does not have the special caching abilities of a caching HTTP proxy server. The SOCKS protocol internally uses “sockets,” which help track all the individual connections of clients. The function of a SOCKS server is to handle all clients’ requests inside the organization’s firewall; based on the requested Internet destination or user identification, it allows or rejects connection requests. If the requested connection is valid, then it “binds” the request, and information is exchanged with the usual protocol (e.g., HTTP). The SOCKS proxy server does not allow external network components to collect information on the client that generated the request. The SOCKS package contains the following components: = A SOCK server for the specified operating system (OS) = Aclient program such as FTP, Telnet, or an Internet browser = Aclient library for SOCKS Module 07 Page 887 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Anonymous Proxy O An anonymous proxy does not transfer information about the IP address of A~ ~— its user, thereby hiding information about the user and their surfing interests & e Pros Cons e ——— ————— O A user can surf the Internet QO Using this type of proxy server privately by using an may decrease the speed of anonymous proxy loading a web page on to the Q with the help of an browser anonymous proxy server, a Q Using anonymous proxy user can access even servers to bypass Internet censored websites censorship is illegal in some countries Anonymous Proxy An anonymous proxy does not transfer information about the IP address of its user, thereby hiding information about the user and their surfing interests. A user can surf the Internet privately by using an anonymous proxy. With the help of an anonymous proxy server, a user can access even censored websites. The use of this type of proxy server may decrease the speed of loading a web page on to the browser. Further, the use of anonymous proxy servers to bypass Internet censorship is illegal in some countries. Module 07 Page 888 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Reverse Proxy A reverse proxy is usually situated closer to the server(s) and will only return a configured set of resources It can optimize content by compressing it to speed up loading The client is unaware of the presence of a reverse proxy A reverse proxy server is an intermediate server that is located between a client and the actual web server Copyright © by k l. All Rights Reserved. Reproductionis Strictly Prohibited. Reverse Proxy A reverse proxy is usually situated closer to the server(s) and will only return a configured set of resources. It can optimize content by compressing it to speed up loading. The client is unaware of the presence of a reverse proxy. A reverse proxy server is an intermediate server that is located between a client and the actual web server. Note: Transparent proxy and anonymous proxy are open proxies also known as forwarding proxies. Module 07 Page 889 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls How to Configure Proxy Server. Configuring Automatic Proxy Setup in Windows 10 Step 1 Open Windows Settings by pressing € Settings - 0 X P the Windows key and | together @ Home Pri Ooxy Step 2 Click Network & Internet = Proxy Find a satting 7| Automatic proxy setup Network & Internet Uu‘a proxy server for Ethernet or Wi-Fi coanections, These settings Sten 3 Check if the “Automatically detect o PyoV comnecton. ep. senln's" toggle button is On Automatically detect settings “ Dalup @ o St ‘ Windows runs an automatic check by @ VPN Use setup script L default @ o & N Seript address Step § If Windows detects PAC file, set the 4 o “Use Setup Script” toggle button to On U0 Mobile hotspot { | Step 6 Type proxy.certifiedhacker.com in the i Save ) “Script Address” field Step 7 Click Save to implement the changes = < L and use the Internet through the proxy Copyright © by All Rights Reserved. Reproduction is Strictly Prohibited. How to Configure Proxy Server (Cont’d) Open the Windows settings menu by pressing Step 1 Configuring Manual Proxy Setup in Windows 10 the Windows key and | together ¢ Sattegn = [8) x Step 2 Click Network & Internet Proxy @ Home Proxy F.m a tetting | Manual proxy setup Automatic proxy setup window opens. Scroll Network & Internet Use a proxy server for Ethermaet or Wi-Fi connections. These settngs don't apply to VPN connections. Step 3 down to “Manual proxy setup” and set the “Use a Proxy Server” toggle button to On & Use a proxy server @& @ o Address Port Type proxy.certifiedhacker.com in the address Step 4 T Ethemet l :\roxy:cvtflnflh&lfltm\] [ 8838 ] field and 8888 in the port field * Ve the proxy server except for addresses that start with the follewing entres, Use semicolens () to separate entres. Type *.local in the field below the address and L *local Step 5 port fields to exempt the use of a proxy server P D Don't use the proxy server for local (intranet) sddresses Click Save to implement the changes and Step 6 use the proxy in Windows 10 Copyright © by All Rights Reserved. Reproductionis Strictly Prohibited. Module 07 Page 890 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls How to Configure Proxy Server (Cont’d) Configuring Proxy Setup in Google Chrome Step 1 e System Step 3 0O ¢ 0 The System window opens. Click “Open your i z : computer’s proxy settings” - & [ Step 4 3 =+ ©C The proxy server settings window opens. F Follow the instructions to configure the o proxy Copyright © by All Rights Reserved. Reproduction Is Strictly Prohibited How to Configure Proxy Server (Cont’d) Step 1 Step 2 Open the Microsoft Edge browser and click “Settings” Scroll down on the page and click “System” Configuring from the menu displayed on the top-right corner Proxy Setup in Microsoft Edge Step 3 Step 4 The System window opens. Click “Open your The proxy server setup window opens. Follow the computer’s proxy settings” instructions to configure the proxy server B | @ s x|+ : [ O @ Edge | edgey/settings/system v 0% 3§ R & samilysafety B Ingan System O Frinters Contrue running background 3pps when Micrasoft Edga s closed @ O Reet setrngs (i bt sl O Phoneand oter devices |09«\ywmwm'ww-wwx [ | @ Abeut Mirosoht Edge Copyright © by All Rights Reserved. Rej is Strictly Prohibited How to Configure Proxy Server A proxy server acts as a gateway between a user and the Internet and can perform many functions such as virus scanning, secure communication, and fast data transmission; further, it maintains the privacy of online identity. The following are the different ways to set up a proxy server in Windows 10, Google Chrome, and Microsoft Edge. Module 07 Page 891 Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Configuring Automatic Proxy Setup in Windows 10 = Step 1: Open Windows Settings by pressing the Windows key and | together. Settings Windows Settings Efi Devices Bluetooth prnter @ Network & Internet Wi-Fi arplane mode. VPN @ Personalization — Apps AF o rogondom R Accounts Q) Time & Language Your accounts emasl syng Figure 7.88: Screenshot showing Windows Settings in Windows 10 = Step 2: The Windows Settings box appears. Click Network & Internet = Proxy. < @ Home Proxy I Find a setting Automatic proxy setup Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don't apply to VPN connections. Leod CuerneL Automatically detect settings Dial-up @ o Use setup script VPN @ of Airplane mode Script address [0} Mobile hotspot Proxy Save Figure 7.89: Screenshot displaying proxy settings in Windows 10 = Step 3: An automatic proxy setup window opens. Ensure that the “Automatically detect settings” toggle button is On. Module 07 Page 892 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls = Step 4: Windows runs an automatic check by default to check whether an automatic proxy server setup has been implemented previously on the network and provides the name and instructions to follow. = Step 5: If Windows detects the Proxy Auto-Configuration (PAC) file, set the “Use Setup Script” toggle button to On. = Settings (A Home Proxy Find a setting Automatic proxy setup Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don't apply to VPN connections. =t CAnerne Automatically detect settings 2 Dial-up o e % VPN Use setup script @ on l%:’ Airplane mode Script address ) Mobile hotspot @ Proxy Figure 7.90: Screenshot displaying automatic proxy setup in Windows 10 Step 6: Type proxy.certifiedhacker.com in the “Script Address” field. Step 7: Click Save to implement the changes and use the Internet through the proxy. \ T Settings - O (A Home Proxy Find a setting Automatic proxy setup Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don't apply to VPN connections. = CueimneL Automatically detect settings 2 Dial-up 0 on % VPN Use setup script @ on Ly Airplane mode Script address I proxy.certifiedhacker.com ) Mobile hotspot @ Proxy Figure 7.91: Screenshot showing the configuration of automatic proxy setup Module 07 Page 893 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Configuring Manual Proxy Setup in Windows 10 = Step 1: Open Windows Settings by pressing the Windows key and | together. » Step 2: The Windows Settings box appears. Click Network & Internet = Proxy. ¢« Settings (A Home Proxy [ Find a setting Manual proxy setup Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don’t apply to VPN connections. @ Status Use a proxy server ‘ i Wi-Ri @D o \ Address Port ‘ 2 Ethernet \ \ Dial-up Use the proxy server except for addresses that start with the following entries. Use semicolons (;) to separate entries, % VPN g5 Airplane mode “? Mobile hotspot Save @ Proxy Figure 7.92: Screenshot showing manual proxy setup = Step 3: Automatic proxy setup window opens. Scroll down to “Manual proxy setup” and set the “Use a Proxy Server” toggle button to On. - Settings (N Home Proxy I Find a setting Manual proxy setup Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don't apply to VPN connections. M Status Use a proxy server A WiFi @ o Address Port ¥ Ethernet Dial-up Use the proxy server except for addresses that start with the following entries. Use semicolons () to separate entries. % VPN g» Airplane mode [] pon't use the proxy server for local (intranet) addresses () Mobile hotspot Save | & Proxy Figure 7.93: Screenshot showing the configuration of manual proxy setup Module 07 Page 894 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls = Step 4: Type proxy.certifiedhacker.com in the address field and 8888 in the port field. &« Settings (o] Home Proxy I Find a setting Manual proxy setup Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don’t apply to VPN connections, 8 Status Use a proxy server I3 Wi-Fi @D on Address Port Ethernet { :)roxy.certifiedhacker.com‘ I 8888 | Dial-up Use the proxy server except for addresses that start with the following entries. Use semicolons (;) to separate entries. VPN *local Airplane mode I:I Don't use the proxy server for local (intranet) addresses «» Mobile hotspot | ® Proxy Figure 7.94: Screenshot showing the text to be entered in the address and port field for configuring manual proxy setup = Step 5: Type *.local in the field below the address and port fields to exempt the use of a proxy server. = Step 6: Click Save to implement the changes and use the proxy in Windows 10. Configuring Proxy Setup in Google Chrome = Step 1: Open the Google Chrome browser and select Settings in the toolbar. = Step 2: Scroll down on the page and Click Advanced = System. Module 07 Page 895 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls 8 Settings X + & > C @ Chrome | chrome://settings/system Settings Q,_ Search settings - Youand Google System B Auofil Continue running background apps when Google Chrome is closed @ safetycheck L when availsbl Use e Q@ Privacy and security @ Appearance Open your computer's proxy settings Q, Search engine Reset and clean up 9 Default browser () Onstartup Restore settings to their original defaults Advanced - Clean up computer @ Languages $ Downloads T Accessibility 9, system £ Resetand clean up Figure 7.95: Screenshot displaying proxy setup in Google Chrome = Step 3: The System window opens. Click “Open your computer’s proxy settings.” Q Setings X + & > C ® Chrome | chromey//settings/system Settings You and Google System Autofill Continue running background apps when Google Chrome Is closed @ Safety check & Use hard when availab N ) Privacy and security & Appearance Open your computer's proxy settings @A % Search engine °o Reset and clean up Default browser 0 () Onstartup Rastere settings to their original defaults Advanced - Clean up computer @ Languages s Downloads T Accessibility \\ System £) Resetand clean up Figure 7.96: Screenshot displaying the option to open the computer’s proxy settings in Google Chrome Module 07 Page 896 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Step 4: The proxy server settings window opens. Follow the instructions to configure the Proxy. < Settings (N Home Proxy Find a setting / Automatic proxy setup Network & Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don't apply to VPN connections. = Culernmet Automatically detect settings Dial-up @ on °%® VPN Use setup script @ o e Airplane mode Script address ) Mobile hotspot proxy.certifiedhacker.com @ Proxy Save Figure 7.97: Screenshot displaying proxy setup in Windows opened through Google Chrome Configuring Proxy Setup in Microsoft Edge Step 1: Open the Microsoft Edge browser and click Settings from the menu displayed on the top-right corner. Step 2: Scroll down on the page and click System. Step 3: The System window opens. Click “Open your computer’s proxy settings.” (G i@) Settings x |+ & C @ tdge | edge:/settings/system 7o 1= ¢ 4 ?g; Family safety - System Al Languages @ Printers Continue running background apps when Microsoft Edge is closed @ = et | Use hardware acceleration when available Q ) Reset settings. : 2 D Bhons ad other devices |Open your computer’s proxy settings ] l @@ About Microsoft Edge Figure 7.98: Screenshot displaying proxy setup in Microsoft Edge Module 07 Page 897 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls = Step 4: The proxy server setup window opens. Follow the instructions to configure the proxy server either automatically or manually. @ Home Proxy ? Find a setting o) I Manual proxy setup &Internet Use a proxy server for Ethernet or Wi-Fi connections. These settings don’t apply to VPN connections. Status Use a proxy server & wir @ (e} on p Address Port ¥ Ethernet l oroxy.certifiedhacker.com l I 8888 l 2 Dial-up Use the proxy server except for addresses that start with the following ‘ entries. Use semicolons () to separate entries. *local D Don't use the proxy server for local (intranet) addresses Figure 7.99: Screenshot displaying proxy setup in Windows opened through Microsoft Edge Module 07 Page 898 Certified Cybersecurity Technician Copyright © by EC-Gouncil Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Limitations of Proxy Server If proxy is not properly secured, then it may become point of failure in an event of attack ‘ Increase in workload since proxy must be configured for each and every service it provides / If we attempt to change the default settings, the proxy server might not function properly Proxy servers have to reroute information, thus web pages can sometimes load slowly If the proxy server is attempting to bypass suspicious software, some elements of a page may not load Copyright © by EC-Councll. All Rights Reserved. Reproductionis Strictly Prohibited. Limitations of Proxy Server The following are some of the limitations of proxy servers. = Single Point of Failure An issue with a proxy server is the creation of a single point of failure. If the entire organization uses the same proxy, that machine is quite critical and should be configured properly. A common mistake is forgetting that a proxy is insecure. Although a proxy server protects the internal network, any interface directly connected to the Internet is wide open to attack. Organizations should ensure that the proxy is used in conjunction with other security mechanisms, such as a packet filter, to decrease the possibility of a direct intrusion attack on the proxy. = A Proxy for Each Service The proxy must be configured for each service. A network that allows numerous types of services in both directions can create considerable work. For supplementary services, it is important that the proxy server remains securely configured. The workload is high because the proxy must be configured for each and every service it provides. = Default Configurations When implementing a proxy, it is recommended to avoid the use of the default configurations. Take time to follow the rules and restrictions. If some default settings are changed, the proxy server might not function properly. = Proxy servers have to reroute information; thus, web pages can occasionally load slowly. = |f the proxy server is attempting to bypass suspicious software, some elements of a page may not load. Module 07 Page 899 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls = As personal information is passed through an external server that could be accessed by intruders, data security can be compromised. Module 07 Page 900 Certified Cybersecurity Technician Copyright © by EG-Gouncil Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Example of a Proxy Server: Squid Proxy Risense i : N\ Ao Condig Backp Q Squid is a caching proxy for the web and Package / Proxy Server. General Setings| captve portsl supports HTTP, HTTPS, FTP, and more DHCP Relay Qenersl MemsteCache LocaiCoshe Awihus | OHCPSorve Asherticonon Users R Q It reduces the bandwidth and improves — the response time by caching and reusing - frequently-requested web pages Cnable SquidPrexy @ Check 1o snsble the Squid prowy, D5 1™ Important: i unchacked, ALL Squid DNS Resclver Mopped / Dyrnamuc ONS Keep Settings Dats @ M erubied the settings, logs, Cad p— be presetvedof - important: dissbled, oll settingsa | spe unimisitrel Package / SquidGuard / Blacklists Load Balarvce Prowy Interlacels) u.‘f NP Covar o settongs Common ACL Gronps A Target catogores Tomes Few tos Loy “.". PPPol Server aup Blackiist Update v vy server will lect mednpleof Provy Port. ,~{|-_. werw Shallabst o Do ] Example of a Proxy Server: Squid Proxy Source: http://www.squid-cache.org Squid is a caching proxy for the web and supports HTTP, HTTPS, FTP, and more. It reduces the bandwidth and improves the response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and is a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU general public license (GNU GPL). Module 07 Page 901 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls msense $ o tot{oces Fieowall Servicos ~ COMMUNITY LDITION Auto Config Backup Package / Proxy Server: General Settings captive Portal DHCP Refay General Hemate Cache Local Cache Artivirus DHCP Serves Authentication Users Fa — DHCPVE Relay Squid General Settings DHCPVE Server & RA _ DNS Foewarder Enable Squid Proxy ¢ Check 10 enable the Squid praxy DNS Resalver Important: I unchacked, ALL Squid slopped Dymamic DNS Keep Settings/Dats ¢ If enabled the sethings, logs, cac \OMP S be preserved atroas package renistala QA Frox Impoantant: i disabled, #ll sattings a ' ago uninstail reinstall'upgrade Load Balancer Proxy Interface(s) LAN NTP WAN phack PPPOE Server “..‘.‘.("' 1 { elocty 1inle Inted!f Squd Prasy Server Proxy Port Squd Reverse Proxy ICP Port the proxy Var W WakeonLAN it et ank o y ] RTRTTS—, (™ ) [ cp Figure 7.100: Screenshot of Squid Proxy Package / SquidGuard / Blacklists Genweral settngs Common ACL Groups ACL Target categones Times Rew'ites Olackhat Log XMLARPC Syn Blacklist Update 0 {' tps Vwew shallalist de/Downloads/ shall ahist 1ar g2 ] = Enter e FTP or MTTP path to the Blacklist archive here Figure 7.101: Screenshot of Squid Proxy Module 07 Page 902 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls List of Proxy Tools [ [ Whonix @ Proxify ProxyCap https://www.whonix.org https://proxify.com https://www.proxycap.com Psiphon Guardster CCProxy https://psiphon.ca http://www.guardster.com https://www.youngzsoft.net FoxyProxy s“é"lD Global Proxy Network Fiddler https://getfoxyproxy.org S:\_;f https://infatica.lo https://www.telerik.com GeoSurf Anonym8 BlackArch Proxy https://www.geosurf.com https://github.com https://blackarch.org JonDo ProxySite Artica Proxy https://onony -proxy net https://www.proxysite.com https://ortica-proxy.com Copyright © by EC-ouncl. All Rights Reserved. Reproduction is Strictly Prohibited List of Pxroxy Tools Some of proxy tools are listed below: * Whonix (https://www.whonix.org) = Psiphon (https://psiphon.ca) * FoxyProxy (https://getfoxyproxy.org) » GeoSurf (https://www.geosurf.com) * JonDo (https://anonymous-proxy-servers.net) = Proxify (https://proxify.com) » Guardster (http://www.guardster.com) * Global Proxy Network (https://infatica.io) * Anonym8 (https.//github.com) » ProxySite (https.//www.proxysite.com) * ProxyCap (https://www.proxycap.com) = CCProxy (https://www.youngzsoft.net) » Fiddler (https://www.telerik.com) = BlackArch Proxy (https://blackarch.org) » Artica Proxy (https://artica-proxy.com) Module 07 Page 903 Certified Cybersecurity Technician Copyright © by EG-Council