What Is a Transparent Proxy Server?

Transparent proxy means that the client does not need to know the existence of a proxy server at all, it changes your request fields (messages), and will transmit the real IP, which is mostly used in the NAT forwarding of the router. Note that the encrypted transparent proxy is an anonymous proxy, which means that there is no need to set up a proxy, such as the Garden 2 program. ^[1]

Chinese name: Transparent proxy

Category: Proxy server

Transparent mode of transparent proxy firewall

Transparent proxy (3 photos)

With the development of firewall technology, firewalls with high security, easy operation and friendly interface have gradually become market hotspots. In this case, transparent mode and transparent proxy, which can greatly simplify firewall settings, improve security performance, have become important indicators for measuring product performance. Therefore, in the process of recommending products, many manufacturers often introduce their products to implement transparent mode and transparent proxy. So what exactly is transparent mode and transparent proxy? What is the relationship between them? We will do a detailed analysis below. The transparent mode, as the name suggests, has the primary characteristic of being transparent to the user (that is, the user is unaware of the existence of the firewall). To achieve transparent mode, the firewall must work without an IP address, no IP address needs to be set on it, and the user does not know the IP address of the firewall. ^[1]

As a physical device that actually exists, the firewall itself also plays a role in routing, so when installing a firewall for a user, you need to consider how to change its original network topology or modify the routing table connected to the firewall to suit the user's actual situation. Yes, this increases the complexity and difficulty of the job. However, if the firewall adopts transparent mode, that is, it operates in an IP-free manner, users will not have to reset and modify routes, and the firewall can be directly installed and placed in the network for use. Like a switch, there is no need to set an IP address.

A transparent mode firewall is like a network bridge (a non-transparent firewall is like a router). The network equipment (including hosts, routers, workstations, etc.) and all computer settings (including IP addresses and gateways) do not need to be changed. Parsing all data packets passing through it at the same time not only increases the security of the network, but also reduces the complexity of user management.

The transparent proxy, which is similar to the transparent mode in terms of title, can inspect data information in a deeper level than packet filtering, such as the port command of FTP packets, like traditional proxy. At the same time, it is also a very fast proxy that physically separates connections, which can provide more complex protocol requirements, such as H.323 with dynamic port allocation, or a connection with different command ports and data ports. Such communication cannot be done by packet filtering.

The firewall uses transparent proxy technology. These proxy services are also transparent to users. Users cannot realize the existence of the firewall and can complete internal and external network communications. When internal users need to use transparent proxy to access external resources, users do not need to set it up. The proxy server will establish a transparent channel for users to communicate directly with the outside world, which greatly facilitates the use of users.

Generally, when using a proxy server, each user needs to indicate in the client program that a proxy is to be used, and set the Proxy parameter (such as a special setting in the browser to indicate a proxy such as HTTP or FTP). With transparent proxy service, users do not need any settings to use a proxy server, which simplifies the network setting process.

The principle of transparent proxy is as follows: Assume that A is an internal network client, B is an external network server, and C is a firewall. When A has a connection request to B, the TCP connection request is intercepted by the firewall and monitored. After interception, when it is found that the connection needs to use a proxy server, A and C first establish a connection, and then the firewall establishes a corresponding proxy service channel to establish a connection with target B, thereby establishing a data transmission path of A and target address B through the proxy server. From the user's perspective, the connection between A and B is direct, but in fact, A establishes a connection through proxy servers C and B. Conversely, the principle is the same when B has a connection request to A. Because these connection processes are automatic, the client does not need to manually configure the proxy server, and even the user does not even know the existence of the proxy server, so it is transparent to the user. ^[1]

Transparent proxy proxy server

The proxy server can perform internal and external address translation, shield the details of the internal network, and prevent illegal elements from detecting the internal structure. The proxy server provides special filtering commands, which can prevent users from using insecure commands that are prone to attack and fundamentally defend against attacks.

The firewall uses transparent proxy technology, which can also make the service port of the firewall undetectable, and thus cannot attack the firewall, which greatly improves the security and anti-attack of the firewall. The transparent proxy avoids errors that may occur during setup or use, reduces inherent security risks and error probabilities when the firewall is used, and is convenient for users to use. ^[1]

Therefore, both transparent proxy and transparent mode can simplify firewall settings and improve system security. But there is also an essential difference between the two: firewalls working in transparent mode use the technology of transparent proxy, but transparent proxy is not the whole of transparent mode, and firewall can also use transparent proxy in non-transparent mode. It is worth noting that although many firewall products in the domestic market can provide transparent proxy access mechanisms, there are not many realizing the transparent mode-many manufacturers claim that their firewall products have implemented the transparent mode, but in practical applications They often fail to do this, but simply implement transparent proxying. Of course, there are many products on the market that can truly provide transparent modes, such as firewall products such as Netscreen, Oriental Longma, Tsinghua Ziguang.

Classification of transparent proxy proxy server

HTTP Transparent proxy HTTP proxy classified by anonymous function

Whether it has the function of hiding IP.

Non-anonymous proxy: Does not have anonymity.

Anonymous proxy. When using such a proxy, although the visited website cannot know your IP address, it can still know that you are using a proxy, and some web pages that detect IP can still find your IP.

Highly anonymous proxy: When using this proxy, the visited website does not know your IP address, nor does it know that you are using a proxy for access. Hiding of such agents. ^[1]

Transparent proxies are classified by the security of the requested information

Full Anonymous Proxy: Do not change your request fields (messages), making the server look like a real client browser is accessing it. Of course, your real IP is hidden. The webmaster of the server will not think you are using a proxy.

Ordinary anonymous proxy: It can hide your real IP, but it will change your request fields. It may be considered that a proxy is used, but it is only possible. Generally speaking, it is OK. But don't be misled by its name. Its security may be higher than a fully anonymous proxy. Some agents will strip some of your information (like the stealth mode of a firewall), so that the server cannot detect your operating system version and Browser version.

Elite agent, higher anonymity, can hide system and browser information. Such agents are extremely secure.

Transparent proxy (simple proxy): The transparent proxy means that the client does not need to know that a proxy server exists at all. It adapts your request fields (messages) and transmits the real IP. Note that the encrypted transparent proxy is an anonymous proxy, which means that there is no need to set up a proxy, such as the Garden 2 program. ^[1]

Transparent proxy is classified by the purpose of the proxy server

Http proxy: proxy client's http access, mainly proxy browser to access web pages, its ports are generally 80, 8080, 3128, etc.

SSL proxy: Supports http proxy with up to 128-bit encryption strength, which can be used as a proxy to access encrypted websites. An encrypted website is a website that starts with https: //. The standard port for SSL is 443.

HTTP CONNECT proxy: A proxy server that allows users to establish a TCP connection to any port. This proxy can be used not only for HTTP, but also FTP, IRC, RM streaming services, etc.

FTP proxy: The ftp software on the proxy client accesses the ftp server, and its ports are generally 21 and 2121.

POP3 proxy: The mail software on the proxy client receives mail in pop3 mode, and its port is generally 110.

Telnet agent: It can proxy the telnet of the communication machine, which is used for remote control and is often used during intrusion. Its port is usually 23.

Socks agent: It is a versatile agent, just like an adapter board with many jumpers. It simply connects the system at one end to the other end. Supports multiple protocols, including http, ftp requests, and other types of requests. It is divided into two types of socks 4 and socks 5. Socks 4 only supports the TCP protocol while socks 5 supports the TCP / UDP protocol. It also supports various authentication mechanisms and other protocols. Its standard port is 1080.
TUNNEL proxy: The data packets converted by the HTTPTunnet program are encapsulated into http requests to penetrate the firewall, allowing the HTTP server to do anything TCP can do. Its function is equivalent to Socks5.
Document Agent: Agents that can be used to query the database. Through these agents, you can obtain database resources related to the Internet for scientific research and academics, such as querying the databases of Sciencedirect (SD), Academic Press, IEEE, SPRINGER and other databases.
Education network proxy: refers to the local area network of academic educational institutions through a specific proxy server to allow computers without permission to go abroad or access to an IP segment to access related resources.

Springboard agent: used in springboard programs, it can be regarded as a special socks5 agent with dynamic encryption, and it can also be used directly in PSD software. Its port is generally 1813.

Ssso proxy: The ssso program on the proxy client accesses the remote website. It has a super proxy with SSL encryption strength and supports socks.

Flat proxy: The flatsurfer program on the proxy client accesses the remote website. It has a special proxy with a high-strength encrypted data stream. It supports socks. It can set up to three sub-links, and you can set a through proxy. Its port is generally 6700.

SoftE proxy: The SoftEther program on the proxy client accesses the remote website, applies the virtual hub HUB and virtual network card technology, has a proxy with VPN functions and multiple authentication methods, and complies with the https protocol. ^[1]