A proxy is a computer software component that acts as an intermediary by placing itself between two hosts to facilitate or monitor their exchanges. In computer networks, a proxy is then a program serving as an intermediary to access another network (usually the network is public Internet). By extension, we also call a hardware proxy when such as a server set up to ensure the operation of services.
The proxy is located at the application layer (HTTP, FTP, SSH, etc. level 7 of the OSI model). A common mistake is to use the traceroute command (or tracert on Windows) to try to see the proxy. It does not appear because this command uses the IP level 3 network protocol and therefore cannot know the proxy.
Design Pattern in Programming
The concept of proxy can be used in any computer program. If two people who do not speak the same language want to communicate, they need an interpreter. In computer science, two entities using different technologies can communicate with each other through an intermediary who interprets their exchanges.
In the more specific environment of networks, a proxy server, proxy server1 or agent1, is a client-server computing function that relays requests between a client function and a server function (layers 5 to 7 of the OSI model). Proxy servers are used to perform the following functions:
- Navigation acceleration: cache, data compression ;
- History (logs): logging of requests;
- LAN security
- filtering: site restrictions, blocking ads or heavy content (Java, Flash) ;
- Anonymity ;
- load balancing ;
Internet Service Providers (ISPs) can offer proxies for their subscribers’ connection. This requires the subscriber to correctly configure his system (via installation software provided by the ISP). But it is also possible that the ISP uses a transparent proxy (without user configuration). This proxy allows, for example, the access provider to know the browsing habits of its subscribers or to reduce the number of effective accesses to remote sites.
In the context of security
The usefulness of proxy servers is important, especially in the context of securing information systems. For example, it is almost systematic in companies or schools that Internet access is through a proxy server. The user does not see the difference, except when the user tries to browse a prohibited site, in which case he may receive an error message: such a proxy is called a filtering proxy. You may also see a dialog box asking for a username and password before you can surf the Internet.
Conversely, a proxy can also be used to bypass filters. Suppose the case of a country that blocks access to certain sites considered “subversive”, but performs this filtering only based on the address of the site you want to visit. In this case, by using a proxy as an intermediary (located in another country therefore not affected by filtering), you can get rid of filtering (unless of course the proxy address is itself prohibited).
The principle also works the other way around. Suppose a website only accepts Internet users from a certain country (concrete example: a US presidential campaign site that only accepts connections from the United States). In this case, through a proxy located in the United States, a French Internet user will be able to visit the site.
A third role of the proxy is to complicate the escalation to the user (anonymization). In the previous example, we deceived the American site that was not able to trace back to the user through the proxy. Some advanced techniques allow you to go back through the proxy. In this case, a user will be able to use many chain proxies such as the Tor network and stop the connection before those who track him are traced back to him.
Normally, the use of a full proxy is done by configuring your browser or computer. But there is a much easier to use category of proxy: web proxies. It is a simple website whose page offers a field to type the address of the site you want to visit. Once entered, the requested page is displayed inside the first page. But the address that appears in the address bar is always that of the proxy.
This type of proxy is less powerful than a normal proxy. Indeed, pages using advanced techniques to update themselves (AJAX) do not “know” that they are going through a proxy, and therefore try to reach their servers directly. If this server was banned, then the request fails. Most web proxies also do not allow the use of secure sites using HTTPS, such as banks for example.
Many web proxies are available for free on the Internet, mainly to allow Internet users to bypass the protections of their surfing places (company, school, as explained above). Most finance themselves by displaying advertising in addition to the requested page. But some may also try to capture passwords or other sensitive information (credit card number) or even redirect the user to a fake site. So you have to be extremely careful before using a free proxy on the Internet.
The principle of web proxies is used by university libraries to allow their users to access online resources for which they have a subscription. The IP address of the proxy server is declared to the provider who gives access to the content to users passing through the proxy and therefore presenting themselves with the authorized IP address.