HOW A PROXY SERVER WORKS
A proxy is basically a Client / Server program. First, the proxy (in server mode) listens for a connection request. Once someone connects to the proxy server they send a Proxy HTTP Request. Then the proxy server modifies the Proxy HTTP Request and makes it become a somewhat regular HTTP Request. Then the proxy server sends the HTTP Request to the Web-Server. The Web-Server then sends it's HTTP Response back to the Proxy server. The proxy server takes that response and adds "Proxy-Connection: Close" (if no more requested web-page contents exists [such as pictures]) or "Proxy-Connection: keep-alive" (if not all requested web-page contents been sent [such as pictures]. If the Proxy-Connection has been set to "keep-alive" the Proxy server stays connected with you. Otherwise if it has been set to "close" then the Proxy server closes it's connection with you.
EXAMPLE OF A HTTP PROXY SESSION
Here is what a HTTP Proxy session would look like:
KEY:
H = Your home PC.
P = HTTP Proxy Server.
W = Web-Server
[H -> P] - Step 1 - Your PC sends Proxy HTTP Request to proxy server.
GET http://www.gamesites200.com/starcraft/ HTTP/1.0 Host: www.gamesites200.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Proxy-Connection: keep-alive Cookie: wsk=voted; PHPSESSID=41d2c9b92afc459380abb77cc46b72cc[P -> W] - Step 2 - Proxy sends somewhat regular HTTP Request to web server.
GET /starcraft/ HTTP/1.0 Host: www.gamesites200.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Proxy-Connection: keep-alive Cookie: wsk=voted; PHPSESSID=41d2c9b92afc459380abb77cc46b72cc[W -> P] - Step 3 - Web server sends HTTP Response to proxy server.
ddd HTTP/1.1 200 OK Date: Sat, 27 Aug 2005 02:23:18 GMT Server: Apache/1.3.33 (Unix) DAV/1.0.3 mod_jk/1.2.8 mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 mod_ssl/2.8.21 OpenSSL/0.9.7a Vary: Accept-Encoding Connection: close Content-Type: text/html <html>...</html>[P -> H] - Step 4 - Proxy sends the HTTP Response + "Proxy-Connection: Close" to your PC and then disconnects.
HTTP/1.1 200 OK Date: Sat, 27 Aug 2005 02:10:55 GMT Server: Apache/1.3.33 (Unix) DAV/1.0.3 mod_jk/1.2.8 mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 mod_ssl/2.8.21 OpenSSL/0.9.7a Vary: Accept-Encoding Content-Type: text/html Proxy-Connection: Close <html>...</html>
BRIEF DIAGRAM A HTTP SESSION
step1 step2 (Home PC)----->-----(Proxy Server)----->-----(Web Server) \-------<----------/ \----------<----------/ step4 step3
ANONYMOUS LEVELS OF HTTP PROXYS
There are four types of proxy anonymity levels. They are the following:
1. Transparent Proxies: A transparent proxy tells the web server you are using a proxy and also tells the server your IP address.
Some Environment Variables
REMOTE_ADDR = Proxy IP address.
HTTP_VIA = Proxy DNS Name.
HTTP_X_FORWARDED_FOR = your IP address.
2. Anonymous Proxies: An anonymous proxy hides your IP address; in some cases it lets the server know you are using a proxy.
Some Environment Variables
REMOTE_ADDR = Proxy IP address.
HTTP_VIA = Proxy DNS Name.
HTTP_X_FORWARDED_FOR = Proxy IP address.
3. High Anonymity Proxies: An anonymous proxy that hides your IP address but doesn't let the server know your using a proxy.
Some Environment Variables
REMOTE_ADDR = Proxy IP address.
HTTP_VIA = NULL
HTTP_X_FORWARDED_FOR = NULL
4. Distorting Proxies: This is the same as a Transparent proxy but instead of sending your IP address, it sends a random or spoofed IP address.
Some Environment Variables
REMOTE_ADDR = Proxy IP address.
HTTP_VIA = Proxy DNS Name.
HTTP_X_FORWARDED_FOR = Random/Spoofed IP address.
Also, if you have Java enabled on your browser, the web server can get your real IP address. The applet can access the web server directly (ignoring proxy settings), which will reveal your IP address.
In other words... If you want to stay extremely anonymous, then use high anonymity proxy servers and disable Java on your browser.
CONCLUSION
Well, I hope you have learned something today about proxies.
If you want to know more about proxies http://www.stayinvisible.com is a great site for you. If you want some proxies to use http://www.proxy4free.com/page1.html has a great list. If you want to view your browser header http://www.searcheng...bin/browser.cgi will do that for you.
I have worked hard to put this article together, please post your comments and tell me how you liked my article.
Edited by Fiend, 26 August 2005 - 10:40 PM.
