How Do I Improve Proxy Server Security?

The function of the proxy server is to proxy network users to obtain network information. Visually speaking, it is a relay station for network information, an intermediary agency between personal networks and Internet service providers, and is responsible for forwarding legitimate network information and controlling and registering the forwarding. ^[1]

As a bridge connecting the Internet and the intranet, a proxy server plays an extremely important role in practical applications. It can be used for multiple purposes. The most basic function is connection. In addition, it includes security, caching, content filtering, access control management, etc. Features. More importantly, the proxy server is an important security function provided by the Internet link-level gateway. Its work is mainly in the dialog layer of the Open System Interconnection (OSI) model. ^[1]

Chinese name: Proxy server
Foreign name: Proxy Server
Function: Act as a firewall, save IP overhead, etc.

Features: Proxy network users to get network information
Attributes: Computer application software
Performance: Throughput, maximum concurrent connections, packet loss rate, etc.

Introduction to proxy server

With the rapid development of the Internet and the intranet, as a bridge connecting the Internet and the intranet, proxy servers play an extremely important role in practical applications. ^[2]

A proxy server is a relay station for network information. Generally, when using a web browser to directly link to other Internet sites and obtain network information, a request signal must be sent to get a response, and then the other party sends the information back. A proxy server is a server between the browser and the web server. With it, the browser does not go directly to the web server to retrieve the web page, but sends a request to the proxy server. The request signal is sent to the proxy server first. The proxy server retrieves the information needed by the browser and transmits it to your browser. Moreover, most proxy servers have a buffer function, just like a large Cache, which continuously stores newly acquired data packets on its local storage. If the data requested by the browser is already on its local storage, Existing and up-to-date, then it does not fetch data from the Web server again, but directly transfers the data on the memory to the user's browser, which can significantly improve browsing speed and efficiency.

Proxy server can not only achieve the functions of improving browsing speed and efficiency, but also can implement the functions of network security filtering, flow control (reducing Internet usage costs), user management, etc. Therefore, it is not only a network firewall technology, but also can solve many problems Units connected to the Internet caused insufficient IP addresses.

How a proxy server works

Proxy server, as an intermediate program that is both a server and a client, is mainly used to forward network access requests from client systems. However, a proxy server does not simply forward requests to a real Internet server. It can also control user behavior, make decisions about received client requests, and filter user requests based on filtering rules.

With a proxy server, network administrators can implement stricter security policies than using packet filtering routers. Rather than using a universal packet filtering router to manage the flow of Internet services through a firewall, a proxy server works by installing a dedicated code (proxy service) on the gateway for each required application. If a network administrator does not install a proxy service code for a particular service, the service will not be supported and the corresponding client request will not be forwarded through the firewall. In addition, this proxy server code can be configured to support only those features that a network administrator of a certain service considers acceptable, but not other features.

Main functions of proxy server

A proxy server has many functions. For our individual users, accessing the Internet through a proxy allows us to access some websites that are directly slower, such as Internet users visiting the website of Education Network. For the unit, the internal use of the proxy can filter some viruses in advance to ensure the security of the Internet, and can also effectively perform access control, speed limit, Internet monitoring, and so on. ^[3]

The following describes the basic functions of the proxy server: ^[4]

(1) One IP address or Internet account for simultaneous use by multiple users

In the current situation, IP addresses are a limited and precious resource in the Internet. If these IP addresses are used only for a single user requesting Internet access, it can be said that it is a waste of resources. Using a proxy server can provide Internet access to multiple users at the same time through one IP. For an internal network connected to the Internet through a telephone dial-up, you can use a telephone line, a modem, and an Internet account to allow all users on the internal network. Access the Internet at the same time, thus making full use of IP address resources.

(2) Cache function, which can reduce costs and increase speed

During installation, the proxy server will create a disk space on the hard disk as a cache area, and download and save the content received by the proxy user from the Internet. When another user accesses the same content, it will be transmitted directly from the cache area to the user. Instead of looking on the Internet. This function of the proxy server can greatly improve the access speed, and also reduce the communication cost, which is a very important function.

(3) Management of authority and information flow charge for internal network users

Figure 1 Proxy server

Through a proxy server, network administrators can easily manage the access rights and information flow charges of internal network users when providing Internet services. Not only can network administrators allow only authorized LAN users to access the Internet, but they can also control which types of Internet services these users use at what times and on which computers. For Internet users who have been granted access, network administrators can also perform billing management of information traffic in various ways, such as: individual billing, billing by department-owned computers, etc., which brings great convenience to network management. .

(4) Monitoring and filtering Internet information entering the internal network

In order to prevent information that is not related to business from entering the internal network and wasting communication fees, various institutions often have corresponding regulations on the content that is allowed to be accessed. Through the proxy server, the network administrator can not only control the information content flowing from the Internet into the internal network simply by filtering, but also monitor the user's access to the Internet in real time and establish an audit log archive for future reference.

The main classification of proxy server

From the perspective of technical implementation, shared Internet access through a proxy server can be divided into two ways: hardware shared Internet access and software shared Internet access. From the perspective of the level of proxy server work, it can be divided into application layer proxy, transport layer proxy, and SOCKS proxy. ^[5]

Figure 2 Proxy server implementation model

The application layer proxy works on the application layer of the TCP / IP model. It can only be used to support the application layer protocols (such as HTTP, FTP) of the proxy. It provides the most control, but is not flexible and must be supported by a corresponding protocol. If the protocol does not support the proxy server implementation model shown in Figure 2 (such as SMTP and POP), then it can only proxy below the application layer, that is, the transport layer proxy. The last proxy needs to change the client's IP stack, which is the SOCKS proxy. It is the most powerful and flexible proxy standard protocol available. The following will introduce several different levels of proxy server from the perspective of the classification of the level of proxy server work. ^[6]

Proxy server application layer proxy

Here mainly introduces the proxy server based on the HTTP protocol. HTTP is an object-oriented protocol that belongs to the application layer. Due to its simple and fast way, it is suitable for distributed hypermedia information systems. According to the HTTP protocol, when the client uses the proxy mode, the request command format is as follows: methodhttp: // hostname / path / / fiIename.

Figure 3 HTTP protocol proxy model with Cache database ^[2]

After the client establishes a connection with the network proxy service system, the proxy server will receive the request command. At this time, the proxy server should intercept the host name part for domain name resolution, establish a connection with the host, and forward the request command without the host name part It waits for a response, then forwards the response to the client, and finally disconnects. Its model is shown in Figure 3. ^[2]

Proxy server transport layer proxy

The transport layer proxy interacts directly with the TCP layer, which is more flexible. The proxy server is required to have some of the functions of a real server: listening to a specific TCP or UDP port, receiving a client's request and sending a corresponding response to the client. ^[6]

socks Proxy server socks proxy

Socks is a proxy protocol for client / server environments. It includes two main components, the Socks server and the Socks client library. The Socks server is implemented at the application layer, and the Socks client library is implemented between the client's application layer and the transport layer. A proxy server establishes a connection between the client and the application server. The proxy server transfers data between the client and the application server. From the perspective of the application server, the proxy server is the client. ^[7]

When a client wants to establish a connection to an application server, it first connects to a proxy server. The address and port number of the application server are passed to the proxy server through the proxy protocol, and then the proxy server connects to the application server. Once the connection to the application server is established, the proxy server relays data between the client and the application server. ^[7]

Currently, there are two versions of the Socks protocol, version 4 and version 5. Socks version 4 is abbreviated as "Socks V4", and Socks version 5 is abbreviated as "Socks V5". ^[7]

Proxy server network impact

With the increasing application of the Internet, the security issues of Internet services have become increasingly prominent, and it has become increasingly important to provide a secure network environment. Internet security services can generally be implemented in two ways: ^[8]

(1) Access control. Access control is the first line of defense for protecting the network and is generally implemented by a firewall.

(2) Communication security. This kind of service provides services such as data encryption, authentication at the counterparty, non-repudiation by both parties, and integrity of data during transmission. It can be implemented at the application layer, transport layer, and network layer.

The proxy service on the Internet is a form of firewall. It is an application-level gateway. There is no direct connection between the internal network and the external network. The network link of the external computer can only reach the proxy server, which significantly increases the security of the network. In addition, compared with packet filtering, proxy servers can perform user-level authentication, that is, they can restrict certain users from accessing certain Internet sites or using certain Internet services, thereby greatly improving network security. ^[9]

Proxy server architecture

However, the widespread use of proxy servers has also made it a key target for network attacks. The current proxy server cannot provide users with reliable security, and even cannot guarantee their own security, so research and improvement of the security of the proxy server has attracted much attention. ^[10]