Unwanted Remote Access
Unwanted remote access to the client (which goes beyond the response packets) is thus prevented or at least made more difficult. Appropriate security measures and their constant control are thus limited to a single or a few proxies, rather than to a large number of clients.
They can also be made simpler and more reliable in an upstream bastion network. In addition, own servers are better protected, which do not need access to the Internet themselves, but are in the same segment as the clients shielded by the proxy site.
This keeps the internal network protected, even if the proxy is compromised, giving the IT department extra time to respond appropriately to a possible external attack.
Protection of the server proxy server can generally be used to connect the actual server to a protected network make it accessible from the external network only through the proxy.
In this way you try to protect the server from attacks. The proxy software is less complex and therefore offers fewer attack points. This solution is used, for example, in online shops.
The web server is located on the Internet with its proxy and accesses the database with customer data behind a firewall. Bandwidth control the proxy assigns different resources to different users and groups depending on their workload.
The proxy server Squid masters this procedure, whereby it can likewise contribute to the protection of the server and supports methods for better availability. Availability Around a proxy network, load distribution and availability can be achieved with relatively little effort.
Preparation of data proxy servers can also take over certain application functions. Maintaining Data in a Standardized Format. Interview of Frequently Used Protocols Specialized in a particular network protocol, a proxy can parse the packets of each protocol, acting as a connection and command filter.
Enhancements to a Network Service a reverse proxy can extend the standard functionality of a service by: thanks to the analysis of the protocol z. For example, you might want to create special statistics that the service does not normally receive offers.
Since it can answer requests itself, any further functional enhancements are conceivable. Logging many proxies allow you to log connections that pass through them.
This allows statistical analysis and detection of unwanted connections. Open Proxy As an open proxy or Open Proxy (English open proxy) is called a proxy that can be used by anyone without logging in (open or public).
On the one hand, they are unknowingly caused by incorrect configuration or by trojanized PCs (see also: Botnet), but on the other hand, many open proxy servers are deliberately set up to enable extensive anonymity. Such as in the free-wireless network; such proxies are often provided with additional functions for anonymization.
Proxy as anonymization service The anonymization proxy (e.g. Anonymizer, Tor) forwards the data of the client to the server, whereby the server can no longer directly read the IP address of the client ( see also: anonymity on the Internet).
They are used to disguise the origin of a client. For example, Internet users may seek to protect themselves from government or other persecution or control.
In another scenario, proxies are offered – some freely available – where you can request arbitrary web pages under the URL of the proxy.
These proxies can be used to bypass, for example, company or school network restrictions (but sometimes, if the operator notices, they are blocked). They are anonymous insofar as the destination server only sees the URL of the anonymization service.