Sign in to follow this  
Followers 0
Fiend

HTTP Proxys

4 posts in this topic

I have been studying how HTTP proxys work, and I thought some of you guys might want this info... so here it is.

HOW A PROXY SERVER WORKS

A proxy is basically a Client / Server program. First, the proxy (in server mode) listens for a connection request. Once someone connects to the proxy server they send a Proxy HTTP Request. Then the proxy server modifies the Proxy HTTP Request and makes it become a somewhat regular HTTP Request. Then the proxy server sends the HTTP Request to the Web-Server. The Web-Server then sends it's HTTP Response back to the Proxy server. The proxy server takes that response and adds "Proxy-Connection: Close" (if no more requested web-page contents exists [such as pictures]) or "Proxy-Connection: keep-alive" (if not all requested web-page contents been sent [such as pictures]. If the Proxy-Connection has been set to "keep-alive" the Proxy server stays connected with you. Otherwise if it has been set to "close" then the Proxy server closes it's connection with you.

EXAMPLE OF A HTTP PROXY SESSION

Here is what a HTTP Proxy session would look like:

KEY:

H = Your home PC.

P = HTTP Proxy Server.

W = Web-Server

[H -> P] - Step 1 - Your PC sends Proxy HTTP Request to proxy server.


GET http://www.gamesites200.com/starcraft/ HTTP/1.0
Host: www.gamesites200.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Cookie: wsk=voted; PHPSESSID=41d2c9b92afc459380abb77cc46b72cc


[P -> W] - Step 2 - Proxy sends somewhat regular HTTP Request to web server.


GET /starcraft/ HTTP/1.0
Host: www.gamesites200.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Cookie: wsk=voted; PHPSESSID=41d2c9b92afc459380abb77cc46b72cc

[W -> P] - Step 3 - Web server sends HTTP Response to proxy server.


ddd
HTTP/1.1 200 OK
Date: Sat, 27 Aug 2005 02:23:18 GMT
Server: Apache/1.3.33 (Unix) DAV/1.0.3 mod_jk/1.2.8 mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 mod_ssl/2.8.21 OpenSSL/0.9.7a
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<html>...</html>

[P -> H] - Step 4 - Proxy sends the HTTP Response + "Proxy-Connection: Close" to your PC and then disconnects.


HTTP/1.1 200 OK
Date: Sat, 27 Aug 2005 02:10:55 GMT
Server: Apache/1.3.33 (Unix) DAV/1.0.3 mod_jk/1.2.8 mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 mod_ssl/2.8.21 OpenSSL/0.9.7a
Vary: Accept-Encoding
Content-Type: text/html
Proxy-Connection: Close

<html>...</html>

BRIEF DIAGRAM A HTTP SESSION


           step1                    step2
(Home PC)----->-----(Proxy Server)----->-----(Web Server)
     \-------<----------/  \----------<----------/
           step4                    step3

ANONYMOUS LEVELS OF HTTP PROXYS

There are four types of proxy anonymity levels. They are the following:

1. Transparent Proxies: A transparent proxy tells the web server you are using a proxy and also tells the server your IP address.

Some Environment Variables

REMOTE_ADDR = Proxy IP address.

HTTP_VIA = Proxy DNS Name.

HTTP_X_FORWARDED_FOR = your IP address.

2. Anonymous Proxies: An anonymous proxy hides your IP address; in some cases it lets the server know you are using a proxy.

Some Environment Variables

REMOTE_ADDR = Proxy IP address.

HTTP_VIA = Proxy DNS Name.

HTTP_X_FORWARDED_FOR = Proxy IP address.

3. High Anonymity Proxies: An anonymous proxy that hides your IP address but doesn't let the server know your using a proxy.

Some Environment Variables

REMOTE_ADDR = Proxy IP address.

HTTP_VIA = NULL

HTTP_X_FORWARDED_FOR = NULL

4. Distorting Proxies: This is the same as a Transparent proxy but instead of sending your IP address, it sends a random or spoofed IP address.

Some Environment Variables

REMOTE_ADDR = Proxy IP address.

HTTP_VIA = Proxy DNS Name.

HTTP_X_FORWARDED_FOR = Random/Spoofed IP address.

Also, if you have Java enabled on your browser, the web server can get your real IP address. The applet can access the web server directly (ignoring proxy settings), which will reveal your IP address.

In other words... If you want to stay extremely anonymous, then use high anonymity proxy servers and disable Java on your browser.

CONCLUSION

Well, I hope you have learned something today about proxies.

If you want to know more about proxies http://www.stayinvisible.com is a great site for you. If you want some proxies to use http://www.proxy4free.com/page1.html has a great list. If you want to view your browser header http://www.searchengineworld.com/cgi-bin/browser.cgi will do that for you.

I have worked hard to put this article together, please post your comments and tell me how you liked my article.

Edited by Fiend
0

Share this post


Link to post
Share on other sites

Don't forget about ActiveX or Flash, etc tracking your player-id or other personal information and possibly leaking your ip, and of course cookies.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0