Proxies and How to Use Them

Taken from "Burn This Book" by Dan Hoff


A proxy is a server that serves as a middle-man for users connecting to other servers.  The user submits a request and the proxy communicates with the website or resource to fulfill that request on the user's behalf.  By doing this, the server or resource identifies the proxy's IP address instead of that of the user.  The proxy can also allow the user to bypass filters.  For instance, a server that restricts its use based on location only allows requests from IP addresses within that location.  By using a proxy within that location, the server can be tricked into granting access to the user. 

There are many different types of proxies.  For our purposes, we will be discussing Forward, Open, Reverse, Transparent/Forced/Intercept and Web proxies.  I will attempt to write all of the computer-speak in terms that may be understood by the computer-illiterate.

A forward proxy forwards traffic from the user to the server(website).  It is the most basic proxy, and simply takes requests from the user and forwards them to the server(internet).

An open proxy is accessible to anyone on the internet.  It is usually in the form of a web browser or website.  The user can surf the web using the open proxy, and conceal their IP address from the servers and sites they visit.

A reverse proxy appears to be a normal server.  Requests sent by the user to the proxy are forwarded to a hidden internal web server that processes the user's request. These are most commonly used at libraries and workplaces, to monitor user activity.

A transparent proxy intercepts the user's network communication without his knowledge and without any user configuration.  There are two methods used in transparent proxy implementation: GRE Tunneling aka OSI Layer 3 and MAC rewrites aka OSI Layer 2.  Generic Routing Encapsulation Tunneling was developed by Cisco Systems to encapsulate network layer protocols within point-to-point links.  GRE is used to send IP packets between networks without having them sniffed.  This allows the user to surf the web without revealing his IP, and provides encryption on any packets sent by the user.  GRE is done using OSI Layer 3.  The network layer, known as OSI 3, is the third layer of the seven layer OSI model of computer networking.  MAC rewriting is a protocol that allows for rewriting your MAC address for Layer 2 tunneling.

A web proxy is the most common form of proxy, and is a subset of the open proxy.  It allows users to input a website's URL, and it subsequently opens that website in the user's browser window.

As far as proxies go, there are typically 4 levels of user anonymity.  Level 1 provides no anonymity: The remote host knows the user's IP address, and is aware that the user is using a proxy.  Level 2 (low):  The remote host does not know the user's IP address, but is aware that the user is using a proxy.  Level 3 (medium):   The remote host does not know the user's true IP address, but is aware that the user is using a proxy.  Inbound interface is displayed as "REMOTE_ADDR" for the remote host.  Level 4 (high):  The remote host does not know the user's IP address, and is unaware that the user is using a proxy.  Below are instructions for using a proxy IP with your web browser:

Firefox: Tools > Options > Advanced > Settings > Manual proxy configuration.

Google Chrome: Options > Under the hood > Network > Change proxy settings > LAN settings > Use a proxy server > Advanced > HTTP.

Internet Explorer: Tools > Internet options > Connections > LAN settings > Use a proxy server > Advanced > HTTP.


Once you have made it to either “Manual proxy configuration” or “HTTP”, simply type in the proxy's IP address and port number into your browser's configuration.

Virtual Private Networks, or VPNs, are much more secure than web proxies.  Unlike a web proxy, a VPN tunnels your entire internet connection.  This prevents applications on your computer from bypassing the proxy.  All traffic on a VPN is heavily encrypted to prevent caching of cookies and packet sniffing.  Even proxy detection programs like traceroute are usually unable to detect a good VPN.  Examples of VPNs are TOR, I2P and HideMyAss.  HideMyAss is the only VPN that I know of that completely prevents all of a system's applications from accessing the internet outside of the proxy.