When all your pos’ come from the same proxy?
It is rare that people are interested in the details of how the Internet works. The problem with this behavior is the danger inherent in data breaches and identity thefts which accompanies the pleasure of displaying beautiful images, accessing new ones 24 hours a day, or doing good business in line.
But what really happens when you browse the web ? You may be using a proxy server at your work, on a VPN (Virtual Private Network), or you may be one of the technology-ferus users who always use a type of proxy server.
What is a proxy server ?
A proxy server acts as a gateway between the Internet and you. It is an intermediate server that separates users from the websites they browse on. Proxy servers provide different levels of functionality, security and confidentiality, depending on your type of use, your needs or your company’s policy.
If you are using a proxy server, Internet traffic passes through this server before reaching the address you requested. The returned response goes through this same proxy server (there are exceptions to this rule), then it transmits the data received from the website.
If that’s all a proxy server does, why bother with it ? Why not communicate directly with the website ?
To ensure data security and network performance, modern proxy servers do much more than transfer web queries. They act as a firewall and filter the Web, provide shared network connections and place the data in cache to speed up the processing of the most common queries. A good proxy server protects users and the internal network from threats from the Internet. Finally, proxy servers guarantee a high level of confidentiality.
Download a White Paper on security analysis
“Organizations fail to detect hacking quickly, with less than 20% of data theft detected internally. – Gartner “
How a proxy server works ?
On the Internet, each computer must have a unique Internet Protocol address. You can see the IP address as the postal address of your computer. Just as the postman knows how to use your mail address to deliver your mail, the Internet knows how to use the IP address to send the right data to the right computer.
Basically, a proxy server is a computer connected to the Internet and whose computer knows the unique IP address. When you send a web request, it is first directed to the proxy server. This then issues a request on your behalf, retrieves the response from the web server, and transmits the data from the web page to you so that you can view it in your browser.
When the proxy server transmits your Web queries, it can make changes to the data you send while still sending you the information you expect. A proxy server can change your IP address, so the web server doesn’t know exactly where you are in the world. It can encrypt your data, which makes it illegible during their transit. And finally, a proxy server can block access to certain web pages, based on their IP address
Why should you use a proxy server ?
There are several reasons for organizations or individuals to use a proxy server.
- To monitor the use of the Internet by employees and children: organizations and parents set up proxy servers to monitor and monitor how their employees or children use the Internet. Most organizations do not want you to consult certain sites during your working hours, and they can configure the proxy server to refuse access to certain sites and kindly remind you to refrain from going to these sites from the network of the company. They can also control and record all web queries; therefore, even if they do not block a particular site, they know how long you have spent in “cyberloafing” (abuse of the Internet).
- Bandwidth savings and improved flow rates: With a good proxy server, organizations can also improve the performance of their network. Proxy servers can cache (record a copy of the website locally) the most visited websites. So when you go to www.varonis.fr, the proxy server will check if it has the most recent copy of the site, and then send you this locally saved copy. This means that when hundreds of people interview www.varonis.com from the same proxy server at the same time, the one sends only one request to varoni.com. This technique saves the company’s bandwidth and improves network performance.
- Privacy benefits: individuals and businesses use proxy servers to navigate the Internet more confidentially. Some proxy servers will modify the IP address and other identification information contained in the web query. This means that the destination server does not know who actually issued the original request, which contributes to better confidentiality of your personal information and your navigation habits.
- Improved security: in addition to enhanced confidentiality, proxy servers bring you security benefits. You can configure your proxy server to encrypt your web queries and prevent prying eyes from reading your transactions. Using the proxy server, you can also prohibit access to sites known to host malware. Organizations can also associate their proxy server with a virtual private network (VPN), which allows remote users to access the Internet only through the company’s proxy. A VPN is a direct connection to the company’s network, which it provides to external or remote users. By using a VPN, the company can monitor and verify that its users have access to the resources (messaging, internal data) they need, while providing them with a secure connection to protect the company’s data.
- Allow access to blocked resources: proxy servers allow users to circumvent content restrictions imposed by companies or authorities. The meeting of the local football team is inaccessible online ? You can see it if you connect to a proxy server located on the other side of the country. The proxy server will make you pass for a resident of France, when in reality you live in Ivory Coast. Several states around the world are closely monitoring and limiting Internet access, and proxy servers allow their citizens to access an uncensored, or unlocked Internet.
Now that you have an idea of the reasons why organizations and individuals use proxy servers, let’s take a look at the risks associated with their use.
Risks related to proxy servers
You should be careful when choosing a proxy server: some common risks may negate all of its potential benefits:
Risks related to free proxy servers
- You know the old adage: “you get what you pay for” ? Well, it can be risky to use one of the many free proxy server services, even if the business model for these services is based on advertising revenue.
- Their gratuitousness generally results in low investments in their material infrastructure or in encryption. It is likely that you will notice performance problems and possible data security problems. If you really find a fully “free” proxy server, be extremely careful. Some of them have the sole purpose of stealing your credit card numbers.
Logging of the navigation history
- The server saves your original IP address and the information contained in your web queries, possibly not encrypted. Check if your proxy server records and records this data – as well as the retention or cooperation rules with the authorities to which it is subject depending on the physical location of its servers.
- If you are looking to use a proxy server to maintain confidentiality, but the supplier records your data for sale, you will not get the value you expected from this service.
Lack of encryption
- If you are using a proxy server that does not encrypt your data, you might as well not use it. The absence of encryption means that you send your requests in the form of plain text. Anyone who listens to your usernames, passwords and account information very easily. Whichever proxy server you use, make sure it provides a full encryption service.
Types of proxy servers
Proxy servers don’t all work the same way. It is important to understand the functionality of the proxy server and to make sure it meets your needs.
A transparent proxy informs websites that it is a proxy server and sends them your IP address, allowing web servers to identify you. Businesses, public libraries and schools often use transparent proxies for content filtering: they are easy to configure, either by the client or by the server.
An anonymous proxy will identify as a proxy, but it will not pass your IP address to the website. This helps to avoid identity theft and to maintain the confidentiality of your navigation habits. It may also prevent a website from sending you targeted marketing content based on your location. For example, if the France2.fr site knows that you live in Lyon, it will show you news that it considers appropriate in Lyon. Navigating anonymously will not allow a website to use certain targeting techniques, but this is not 100% guaranteed.
A distorting proxy server transmits a false IP address to you while identifying as a proxy. The objectives are similar to those of an anonymous proxy, but passing a false IP address, it makes you appear to be located in a different place, which circumvents content restrictions.
High anonymity proxy
Proxy servers with high anonymity periodically modify the IP address they present to the Web server, making it very difficult to track traffic belonging to such or such. High anonymity proxies, such as the TOR network, are the most confidential and secure way to surf the Internet.
Currently, proxy servers are a hot topic due to controversies over Net neutrality and censorship. In the United States, with the removal of measures to protect the neutrality of the Net, Internet service providers (ISPs) can now control your bandwidth and Internet traffic. ISPs can potentially tell you which sites you may or may not have access to. Even if there are a lot of uncertainties about the future of net neutrality, it is possible that proxy servers will circumvent the restrictions imposed by ISPs
Varoni analyzes the data transmitted by proxy servers to protect you from data breaches and cyber attacks. The addition of proxy data enriches the context and allows a better analysis of user behavioral trends in order to detect anomalies. In the event of suspicious activity, you can receive an alert and usable information to investigate and deal with the incident.
For example, the fact that a user accesses GDPR data may not be significant in itself. But if he accesses GDPR data and then tries to upload it to an external website, it can be an exfiltration attempt and a possible data breach. Without the context provided by file system monitoring, proxy monitoring and Varoni threat models, you may let these events go without realizing that you must prevent a data breach.
Take advantage of an individual demonstration to discover these threat models in action – and see what your proxy data can tell you.