Many people use the proxy server to overcome the limitation of Local network, or geographical boundaries. Proxy is acting like middle man who let you browse on your computer, how to trust this middle man? Is he good or rogue? Let’s discuss.
Proxy server are some servers which takes the request from your side, ask for the page on your behalf and sends it back to you, your local network may have blocked the direct accessing of that site but using proxy, that site can be brought to your browser.
He is in the position of Man in the Middle, is it possible that proxy can steal your information? Can it be cause of Man in the Middle Attack? Or it is safe and how honest are they so not to see what goes from their system.
I launched a Discussion on our Facebookpage about this, most people replied in positive way that it’s possible that proxy server will sniff your data and able to. Though I couldn’t find the perfect answer there, so I decided to dig this for you all and for those Facebook fans. Here we go with A-Z detail about the proxy servers.
Before we know the Cons and Pros of the proxy servers, let’s know what kind of proxies are there.
1. HTTP proxy
2. Web Proxy
How Proxy server works?
When you ask Proxy server I want to visit http://Example.com/page.html, it contacts the example.com and ask for the required page and returns it back to you, during this process, all the page data passes through it can be seen by proxy servers, because it is in HTTP mode.
In case you’ve asked for HTTPS of any website like Https://Facebook.com/ it will contact facebook.com and request to setup connection by HTTPS, i.e. port number 443, in fact SSL connection.
This connection will be made established between your browser and original web server (facebook.com in this case).
Since data is going through SSL, no one else will see the content. Your Proxy server will be seeing how much data is being transferred but not what transferred. (SSL not hides the size of data).
How Proxy can sniff even of SSL is there?
Is that all, well thinking this is not all. What if the server or someone will install the rough CA certificate to your system? It is also possible that they can break your SSL and re-SSL the content and those fake certificates won’t prompt anything to you, and your data will be compromised.
Keeping your System protected from unknown login and applying some restriction may help you to stay safe.
Recommended for you
HTTP Proxy is some silent machine which just protect your IP address and site’s IP address for being on light, it just can send you data in plain text in HTTP mode and can send encrypted data in case of HTTPs mode.
But HTTPS is established after connecting to HTTP and site should use 301 redirect to new secure port of 443, but proxy servers can protect this.
So make sure to see HTTPS and Green lock icon on your browser to make sure you are using SSL and kind of safe.
Suggested for you
Web proxies are basically sites which allow you to browse anything from it, you can Google Web proxy like HideMyAss AWebProxy, ZendProxy, and you’ll find many sites but this is dangerous.
These sites are basically not transferring data to you from server; instead it browses in their own system and sends you just an instant of that screen just like remote desktop. You can imagine its straight forward Man in the Middle. It sees everything and even don’t know if they are sending you correct pages or not.
IC recommends never use such site for specially accessing your private data Mails, Facebook etc.
Alternatively you can configure your system with proper proxy to browse by HTTP proxy.
What at the end of the Discussion
In this discussion I didn’t dig too deep inside but made following points clear to you.
How proxy works, how it can see and can’t see your data, what types of proxies are there. I would conclude and suggest you not to use the web proxy just use the HTTP proxy for best safety and keep your eye on HTTPs to be smart and safe.
Leave your comment how you feel about the safety using proxies.