Part of an overall Firewall strategy Sits between the local network and the external network Originally used primarily as a caching strategy to minimize outgoing URL requests and increase perceived browser performance Primary mission is now to insure anonymity of internal users Still used for caching of frequently requested files Also used for content filtering Acts as a go-between, submitting your requests to the external network Requests are translated from your IP address to the Proxy’s IP address E-mail addresses of internal users are removed from request headers Cause an actual break in the flow of communications . | Proxy Servers CS-480b Dick Steflik Proxy Servers Part of an overall Firewall strategy Sits between the local network and the external network Originally used primarily as a caching strategy to minimize outgoing URL requests and increase perceived browser performance Primary mission is now to insure anonymity of internal users Still used for caching of frequently requested files Also used for content filtering Acts as a go-between, submitting your requests to the external network Requests are translated from your IP address to the Proxy’s IP address E-mail addresses of internal users are removed from request headers Cause an actual break in the flow of communications Security Advantages Terminates the TCP connection before relaying to target host (in and out) Hide internal clients from external network Blocking of dangerous URLs Filter dangerous content Check consistency of retrieved content Eliminate need for transport layer routing between networks Single point of access, control and logging TCP Connection Termination Both the outgoing and incoming TCP connections are terminated prevents a hacker from hijacking a stale connection on a service that is being proxied ex . HTTP page request User Proxy Server request packet request packet’ response packet’ response packet Connection left open until the proxy closes it after receiving response packet and sending it back to user Connection only left open until server closes the connection after sending the response packet TCP Connection Termination Transport layer packets don’t need to be routed because the entire request must be regenerated Prevents transport layer exploits source routing fragmentation several DoS attacks Since some protocols don’t have proxies available many admins will enable routing , this alleviates any benefit gained Most good proxy servers will allow you to create generic proxies using SOCKS or the redir utility Performance Aspects Caching By keeping local copies of frequently accessed file the . | Proxy Servers CS-480b Dick Steflik Proxy Servers Part of an overall Firewall strategy Sits between the local network and the external network Originally used primarily as a caching strategy to minimize outgoing URL requests and increase perceived browser performance Primary mission is now to insure anonymity of internal users Still used for caching of frequently requested files Also used for content filtering Acts as a go-between, submitting your requests to the external network Requests are translated from your IP address to the Proxy’s IP address E-mail addresses of internal users are removed from request headers Cause an actual break in the flow of communications Security Advantages Terminates the TCP connection before relaying to target host (in and out) Hide internal clients from external network Blocking of dangerous URLs Filter dangerous content Check consistency of retrieved content Eliminate need for transport layer routing between networks Single point of access, control and