Prepare Proxies

A proxy server is a system or router that provides a gateway between users and the internet. Therefore, it helps prevent cyber attackers from entering a private network. It is a server, referred to as an “intermediary” because it goes between end-users and the web pages they visit online.

When a computer connects to the internet, it uses an IP address. This is similar to your home’s street address, telling incoming data where to go and marking outgoing data with a return address for other devices to authenticate. A proxy server is essentially a computer on the internet that has an IP address of its own. 

Because a proxy server has its own IP address, it acts as a go-between for a computer and the internet. Your computer knows this address, and when you send a request on the internet, it is routed to the proxy, which then gets the response from the web server and forwards the data from the page to your computer’s browser, like Chrome, Safari, Firefox, or Microsoft Edge

How to Get a Proxy

There are hardware and software versions. Hardware connections sit between your network and the internet, where they get, send, and forward data from the web. Software proxies are typically hosted by a provider or reside in the cloud. You download and install an application on your computer that facilitates interaction with the proxy.

Often, a software proxy can be obtained for a monthly fee. Sometimes, they are free. The free versions tend to offer users fewer addresses and may only cover a few devices, while the paid proxies can meet the demands of a business with many devices.  

How Is the Server Set Up?

To get started with a proxy server, you have to configure it in your computer, device, or network. Each operating system has its own setup procedures, so check the steps required for your computer or network.

In most cases, however, setup means using an automatic configuration script. If you want to do it manually, there will be options to enter the IP address and the appropriate port.

How Does the Proxy Protect Computer Privacy and Data?

A proxy server performs the function of a firewall and filter. The end-user or a network administrator can choose a proxy designed to protect data and privacy. This examines the data going in and out of your computer or network. It then applies rules to prevent you from having to expose your digital address to the world. Only the proxy’s IP address is seen by hackers or other bad actors. Without your personal IP address, people on the internet do not have direct access to your personal data, schedules, apps, or files.

With it in place, web requests go to the proxy, which then reaches out and gets what you want from the internet. If the server has encryption capabilities, passwords and other personal data get an extra tier of protection.

Proxy Servers

  • A proxy server is an application that can serve as an intermediary for connecting with other computers.
  • To hide the source IP address so that they can hack without any legal corollary.
  • To mask the actual source of the attack by impersonating a fake source address of the proxy.
  • To remotely access intranets and other website resources that are normally off limits.
  • To interrupt all the requests sent by a user and transmit them to a third destination, hence victims will only be able to identify the proxy server address.
  • Attackers chain multiple proxy servers to avoid detection.

Proxy Chaining

  1. User requests a resource from the destination.
  2. Proxy client at the user’s system connects to a proxy server and passes the request to proxy server.
  3. The proxy server strips the user’s identification information and passes the requests to next proxy server.
  4. This process is repeated by all the proxy servers in the chain.
  5. At the end unencrypted request is passed to the web server.  

Proxy Tool: Proxy Switcher

  • Proxy Switcher hides your IP address from the websites you visit.

Proxy Tool: Proxy Workbench

  • Proxy Workbench is a proxy server that displays data passing through it in real time, allows you to drill into particular TCP/IP connections, view their history, save the data to a file, and view the socket connection diagram.

Proxy Tool: TOR and CyberGhost

  • TOR:
    • Tor allows you to protect your privacy and defend yourself against network surveillance and traffic analysis.
  • CyberGhost:
    • CyberGhost allows you to protect your online privacy, surf anonymously, and access blocked or censored content.
    • It hides your IP and replaces it with one of your choice, allowing you to surf anonymously.

Introduction to Anonymizers

  • An anonymizer removes all the identifying information from the user’s computer while the user surfs the Internet.
  • Anonymizers make activity on the Internet untraceable.
  • Anonymizers allow you to bypass Internet censors.
  • Why use Anonymizer?
    • Privacy and anonymity
    • Protects from online attacks
    • Access restricted content
    • Bypass IDS and Firewall rules
  • tracker
  • web beacon
  • super cookie

Censorship Circumvention Tool: Tails

  • Tail is a live operating system, that user can start on any computer from a DVD, USB stick, or SD card.
  • It aims at preserving privacy and anonymity and helps you to:
    • Use the Internet anoynmously and circumvent censorship
    • Leave no trace on the computer
    • Use state-of-the-art cryptographic tools to encrypt files, emails and instant messaging

G-Zapper

  • Google sets a cookie on user’s system with a unique identifier that enables them to track user’s web activities such as:
    • Search Keywords and habits
    • Search results
    • Websites visited
  • Information from Google cookie can be used as evidence in a court of law.
  • G-Zapper is a utility to block or clean Google cookies, and help you stay anonymous while searching oneline. It also helps to protect your identity and search history.

Spoofing IP Address

  • IP spoofing refers to changing source IP addresses so that the attack appears to be come from someone else.
  • When the victim replies to the address, it goes back to the spoofed address and not to the attacker’s real address.
  • IP spoofing using Hping2Hping2 www.certifiedhacker.com -a 7.7.7.7

Note: You will not be able to complete the three-way handshake and open a successful TCP connection with spoofed IP addresses.

IP Spoofing Detection Techniques: Direct TTL Probes

  • Send packet to host of suspect spoofed packet that triggers reply and compare TTL with suspect packet; if the TTL in the reply is not the same as the packet being checked, it is a spoofed packet.
  • This technique is successful when attacker is in a different subnet from victim.  Note: Normal traffic from one host can vary TTLs depending on traffic patterns.

IP Spoofing Detection Techniques: IP Identification Number

  1. Send probe to host of suspect spoofed traffic that triggers reply and compare IP ID with suspect traffic.
  2. If IP IDs are not in the near value of packet being checked, suspect traffic is spoofed.
  3. This technique is successful even if the attacker is in the same subnet

IP Spoofing Detection Techniques: TCP Flow Control Method

  • Attackers sending spoofed TCP packets, will not receive the target’s SYN-ACK packets.
  • Attackers cannot therefore be responsive to change in the congestion window size.
  • When received traffic continues after a window size is exhausted, most probably the packets are spoofed
    After the Attacker sends the SYN packet, the Target receives and responds to SYN+ACK, but the windows size is set to 0, 
    so under normal circumstances, the other party (10.0. , indicating that this is a spoofed packet sent by Attacker.

IP Spoofing Countermeasures

  • Encrypt all network traffic using cryptographic network protocols such as IPsec, TLS, SSH, and HTTPS.
  • Use multiple firewalls providing multi-layered depth of protection.
  • Do not reply on IP-based authentication.
  • Use random initial sequence number to prevent IP spoofing attacks based on sequence number spoofing.
  • Ingress Filtering: Use routers and firewalls at your network perimeter to filter incoming packets that appear to come from an internal IP address.
  • Egress Filtering: Filter all outgoing packets with an invalid local IP address as source address.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *