Everything there is to know about Proxy Servers
May 26, 2008 – 5:47 pmProxy servers are devided to three kinds:
HTTP Proxy:
These proxy servers are the most common ones.
There are four kinds of HTTP Proxy servers:
Transparent - The proxy server transfer the visitor request to the target website, but reveals the true identity of the visitor by adding an HTTP Header to the web request called X_FORWARDED_FOR or VIA_PROXY which contains the IP address of the original visitor.
Transparent proxy servers are usually used by companies that wants to allow their employees to access the Internet but wants to cut down bandwidth by caching pages inside the proxy server. So users would reload previously visited pages from the proxy server rather than the website itself. Clearly, the company does not wish to provide its employees anonymous surfing, that is why the proxy server reveals the identity of the original visitor.
Anonymous - This proxy server also adds the X_FORWARDED_FOR or VIA_PROXY field to the HTTP headers, though leaves it empty, So the identity of the original visitor stays anonymous, but the fact that the visitor used a proxy server is revealed.
High Anonymity - This proxy server acts as the original visitor and adds no fields to the HTTP Headers.
Elite - This kind is exactly as “High Anonymity” except for the fact that it works over SSL and provides Encryption between the visitor and the Proxy (but not between the proxy to the target website).
There are millions of HTTP Proxy servers mainly because they are commonly installed on zombie computers that are a part of a Botnet you can find them very easily in hundreds of forums.
Common ports of HTTP Proxy servers are: 80, 8080, 3128.
CGI Proxy Script (CGI/Perl):
These proxy servers transfer the visitor request to the target website using a CGI Script.
It looks like this:
Once we fill in the website we want to visit into the form, our request will be tunneled through the script to that website.
The URL will look like this:
http://www.bpcd.net/cgi-bin/nph-proxy.cgi/010110A/http/www.google.com/
As you can see, the bold part is the CGI proxy script, and the following is the website we wanted to visit.
The script will also replace every link in the visited website so that every link we will follow inside the website will also be transmitted through the proxy script.
Another plus is that The CGI script also provides cookie management and therefor can enable us to visit websites that requires authentication.
TIP: You can chain CGI proxy scripts like this to gain even more anonymity.
Even though using a CGI Proxy script does not reveal our original identity, It does have one weakness.
The weakness is that we cannot use a Referer (Notice the “Hide referer information” in the screenshot), because doing so will reveal the fact that we are using a CGI proxy.
CGI proxy scripts are very easy to find, You can use the following query on Google:
(filetype:cgi OR filetype:pl) AND (intitle:”start using cgiproxy” OR intitle:”start using cgi proxy”)
CGI Proxy scripts are very stable due to the fact that they are hosted on web servers (rather than zombie computers like http proxy servers), but there is only a few of them. Google finds about a hundred.
CGI Proxy scripts are commonly used by people who wants to bypass web content filters (at Universities, Work, etc..). These filters work by blocking specific domains or IP addresses. By using a CGI proxy script we can bypass the content filter because we access the forbidden domain/ip through the CGI Script which is hosted on a non-blocked domain/ip.
SOCKS Proxy Servers:
A SOCKS Proxy is very similar to an HTTP Proxy. The main differences are that SOCKS transfers data between the original client to the server without interpreting it while an HTTP Proxy does interpret the data.
The other difference is that SOCKS can transfer any kind of data between a client and a server, while an HTTP Proxy can only transfer http data between a client and a server.
The most common port of a SOCKS Proxy is 1080.