This paper discusses the security ramifications of web proxies, including attack methods, authentication, and hardening. Hyper Text Transport Protocol or HTTP is the protocol used for web traffic. Its specification allows the use of proxies. Proxies are used in a large number of companies and network environments to protect internal machines from attack, accelerate web browsing, filter destinations, and to authenticate users. However, due to a weakness in the CONNECT method of HTTP, the proxies are capable of blindly passing more then just HTTP traffic and can be used to check email, connect to P2P (peer to peer) networks, and even allow bidirectional VPN (virtual private networks) traffic to bypass firewalls and other security devices. All that is needed to exploit HTTP tunnels is basic web browsing privileges through a proxy. Detecting this unauthorized traffic is difficult because it is often hidden in ways that make it almost indistinguishable from normal authorized traffic. However, with proper configuration of the proxy server the risks can be minimized.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
