[Web Informant] 16 June 2009: The Power of the Proxy

David Strom david at strom.com
Tue Jun 16 10:36:59 EDT 2009


Web Informant 16 June 2009: The Power of the Proxy

Proxy servers have been in the news as of late, both as a result of
the Iran putative election and a new legal case where Microsoft is
suing purveyors of advertising click fraud. I thought I would take you
through what proxies are, how they can be used for both good and evil,
and what all the fuss is about.

First, here is a little background. When you bring up your Web
browser, you are asked how you want it to connect to the Internet.
Most of us that have home PCs don't use any proxy, and go out to the
raw Internet without any fuss or bother. But enterprises that want to
cut down on their bandwidth usage, improve performance and security,
and have control over what their users see use them all the time. Each
browser first checks and sees if the Web page that is being requested
is on the proxy's cache, or memory, and if so, it saves a few
milliseconds or more by grabbing the page directly, without having to
traverse the Internet at all. So proxies are often combined with
caching servers to deliver the best combination of features and
management. As far as the browsing user is concerned, all this happens
without any notification, other than the pages seem to load quicker on
their PCs. About the only configuration option is the IP address of
the server, which is placed inside the browser options or network
settings. And proxies are available for more than just Web protocols,
although that is their most popular use case.

That is the good side of proxies. What about the evil side? Proxies
are supposed to be for internal users of an enterprise, but if a
hacker can find out the IP address of an internal proxy, they can gain
access to lots of network resources. This was a common MO for the
hacker Adrian Lamo, among others, and you still find corporations that
haven't locked their proxies down with the appropriate security. It is
also possible for proxies to operate on a user's PC without their
knowledge, which is a common way botnets are created.

There are also proxies that are used to make your browsing history
anonymous, which can be used for both good and evil; depending on what
information you are trying to hide.

Now to the news. Microsoft filed suit in federal court yesterday
against three people it claims were defrauding Internet advertisers by
having automated programs mimic users clickstreams. They found the
fraudulent activities by tracing the actions to two proxy servers. And
once they blocked the particular IP addresses of the proxies, the
fraudsters would simply alter them in a continual game of cat and
mouse. The fraud involved is significant, and ClickForensics estimates
that 14% of the total ad clickstream is faked.
http://www.nytimes.com/2009/06/16/business/media/16adco.html

When the Iranian government wanted to block Internet access, several
private individuals from around the globe took it upon themselves to
set up the open source proxy Squid (squid-cache.org) and other tools
on their own networks to get around these blocks. They then publicized
(via Twitter) the IP address of their Squid PCs so that anyone could
connect to the open Internet, rather than be blocked. Of course, as
the government learns of these addresses, they add them to their block
list, so another cat and mouse game ensues.

(small self-promotion here) The news is very timely, indeed. I am off
next week to work with Blue Coat on producing another of my screencast
product review videos on their proxy and caching server line for my
WebInformant.tv site. Let me know if you'd like me to do one of these
for your product, they are a unique way to promote and explain a
product.




More information about the WebInformant mailing list