Sunday, April 27, 2008

WHAT IS PROXY

Ok, here we go. This is my first tutorial, so don't expect this to be something you've never read before...

First we need to know what a proxy is. A proxy actually is nothing more than some sort of "middle man" between you and the server (web-page, ftp, ...) you want to visit or make access to. So if someone wants to trace you, it won't be easy for him (her) to find out who you are. So, in a way it's some sort of hiding your own IP. (=Not the same as ip-spoofing, that's a whole other area!!!)

So now we know what a proxy is, it's time to move a little bit forward. There are two (most used) sorts of proxy servers.

1) HTTP proxy

A HTTP (hyper text transfer protocol) proxy server is a proxy which allows you to connect to a remote server through its own "dataflow". Mostly http and sometimes ftp protocol.

2) SOCKS proxy

A SOCKS proxy server is a proxy which allows you to connect to a remote server. All protocols. (http, smpt, ftp, udp, tcp/ip, ...) Two types of SOCKS; - SOCKS V4 - SOCKS V5

I find it difficult to explain the difference between them. The things i understand, i will share with you;

SOCKS V4 is the oldest one (duhhh, version 4) but has two major weaknesses: the lack of strong identification and the requirement to recompile applications with SOCKSv4 client library. Due to the fact this is the oldest one, it is the most found one SOCKS proxy throughout the internet.
SOCKS V5 resolved the weaknesses in the previous version:
# Strong authentication
# Authentication method negotiation
# Address resolution proxy
# Proxy for UDP-based applications

It's all rather technical "mambo-jambo" to explain the real difference between them. So i'm not going into this issue any further. {also because of my lack of knowledge at this moment}

Just remember that a HTTP proxy is easy to use with your standard browser, and supports most of the protocols what you're using.
SOCKS have a -very- positive thing, they always have high anonymity, because this protocol is used for firewalls. (authenticated firewall traversal (AFT))
While using a SOCKS proxy server, the remote server actually thinks the SOCKS server is the client, and not you.
So figure out why you want to use a proxy, and choose a type which is most suitable for you.

How do you find proxy servers? Just use your browser to search some sites which offer several proxys. The best ones are the ones who let you filter out proxies. By this I mean, filter the HTTP, SOCKS proxys. So you know which one is which.

Then there is the "Anonymity" subject.
I suggest you use a high anonymity proxy. Here's why:
Everytime you visit a webpage, you leave some information at the server you're connected to. For example, if you visit www.whatever.com, you leave some 'footprints' behind. Those footprints can identify you. Which isp (internet service provider) you use, the browser u use, your ip, which site you last visited... Here are the three most common to trace you. The footprints are called "VALUES". The places where they are stored in are called "VARIABLES". If you use a high anonymity proxy it will only leave its own IP. The rest is not determined. (The proxy leaves those variables empty)

1) REMOTE_ADDR – Your IP (client = you)
2) HTTP_VIA – If you use a proxy not 'high anonymous', it will leave it's IP here. (proxy IP)
3) HTTP_X_FORWARDED_FOR – If you use a proxy not 'high anonymous', it will leave your IP here. (client IP)

Here's what those different types leave behind:
# Transparant Proxy
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = your IP

# Simple Anonymous Proxy
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = proxy IP

# Distorting Proxy
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = could be whatever IP

# High Anonymity Proxy
REMOTE_ADDR = proxy IP
HTTP_VIA = empty (not determined)
HTTP_X_FORWARDED_FOR = empty (not determined)

PS: Only the high anonymity proxy doesn't reveal that a proxy has been used.

A proxy looks like this (for the ones who don't know yet): xxx.xxx.xxx.xxx:yyy
The X's are the proxys adress, and the y's are the port they use.
The x's and y's don't always have to be 3-digit numbers. (look up how a ip is built)

We have a clear picture about what a proxy actually is and what it does. {(i hope..}

I can hear you asking: "how the hell do i configure my system settings to use a proxy and not use a direct connection?" Well, that's easier than you think. Just go to your browser and find the options menu. There should be tap saying
-connection settings-
or something simular to this.
See if your browser lets you choose between HTTP, SOCKS, ... . If it doesn't, you should choose a HTTP proxy, because else you need some extra software to let you use a SOCKS proxy. I know IE (M$) doesn't have this option. Firefox does.

Next all you have to do is enter the proxys adress and port number into the specific field for the manually proxy configuration.

Most sites support the feature allowing you to see if the proxy has high anonymity or not. But to make sure you can use a program called "Accessdiver" to test those proxys for speed and anonymity. But that's a whole tutorial on its own... And most free proxys don't last for long, so make sure the proxy u use is safe.

Hope this helped you out...!

Special thanks to several sites who helped me out in understanding the basics of using Proxy Servers.

No comments:

Post a Comment