A proxy server is an intermediary machine or application, installed between a client and the final server. This system filters the client requests, acting as intermediary.
When a network client computer, needs access information or a resource, the proxy server is the machine that makes the communication, and transferring the result to the initial client.
Proxies were invented to confer structure to distributed systems. Its purpose is to allow Internet access to all computers in a system when you can only have a single connected device, ie, a single IP address.
Proxy servers can do all kinds of useful things. They can improve security, enhance performance, and save money. And because they can see all the HTTP traffic, proxies can monitor and modify the traffic.
A proxy server can be dedicated to a single client o shared among many clients; proxies shared among numerous clients are called public proxies. Most proxies are public, shared proxies. It’s easier to administrate and more cost effective a centralized proxy. Also some proxy applications such as catching proxy servers become more useful when several users are directed in to the same proxy, because it’s possible to take advantage of common request between clients.
When your PC is configured to use a public proxy, the browser simply sends its entire Web content request to the proxy, instead of sending the request directly to the destination Web site. The public proxy then does the DNS resolution, connects to the destination site, and returns the information to the browser. Blocking this behavior its simple, when you attempt to access a blocked site, the name of the site is contained in the request and the filters work as if the browser wasn’t configured.
There are also secure public proxies, these proxies use the SSL encrypted HTTPS protocol. Exist two types of HTTPS proxies, public and anonymous. Public HTTPS are built by groups like Proxy.org and Peacefire, the information about this proxies is distributed word of mouth or by mailing lists. They look like legitimate sites, and are blocked by IP address. The anonymous web based proxies are hard to locate, in this case the user takes the same package that the public secure site use and installs it on his PC. The package generates a certificate, and listen to HTTPS, now the user has a secure proxy installed in his home computer. This kind of proxy can be a great problem, because nefarious subjects can built them with criminal intentions, as a way to steal user credentials.
Protect systems from eavesdroppers is not the only concern. Usually the security community has centered its attention to the unauthorized disclosure of information and services. But there is also another type of attack: the denial of service (DoS), usually ignored because was considered that the attacker would not gain much from such assault. The DoS attack overwhelms a website, making the content normally available at that website inaccessible to regular visitors, there is also a massive attack of this kind the DDoS, this are volume based attacks originating from a large number of computers, typically workstations, known as zombies. This kind of attacks can be devastating for a business or may be used by terrorist to cause major disruption to critical infrastructure.
In this case the use of a particular type of proxy may be of great help, the reverse proxy, this is a service that acts as a proxy for incoming connections. It can be used outside a firewall as a secure content server. Reverse proxies also improve the performance of the network, as they cut down the unnecessary requests, reducing the data load in the internal server, also keeps the system secure. When a client on the Web tries to connect to the internal server, the request goes first to the reverse proxy, this forward the request trough a specific port to the internal network server, the respond travels in the opposite direction and the reverse proxy rebuilds the data and send the information to the client as if the proxy server were the actual network server. This protocol hides the actual identity of your server, avoiding to be detected to start a DoS attack, also a reverse proxy may be helpful to detect and remove malware making difficult initiate takedowns from the attackers.