Networking

The basics of using a proxy server for privacy and security

Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

If you work remotely, or have to handle corporate files on the road, then chances are you've used a specific type of proxy and may not even be aware of it. In fact, proxies are used by workers all over the world in the form of a VPN. A virtual private network is one specific type of proxy which provides you with the ability to work remotely and securely. But what is a proxy exactly, how does it work, and what are some of the advantages it can give not only a remote worker, but anyone who wants an extra layer of privacy? Here's a look at the various types of proxies and a review of one particular service which provides you with proxies on steroids.

How proxies work

Basically, a proxy is a point to point connection between you and a remote location on the Internet. If you're in a hotel in Seattle and you work for a large corporation down in Dallas, then opening a VPN to your corporate office means your computer will create a permanent connection between your own system and a dedicated device at the corporate office called the VPN server. This connection provides you with a tunnel through which all further communication will pass. This is the first and most well known quality of a VPN. All of your traffic, whatever it is, will be encrypted inside that tunnel, going from your current location to the VPN server, and then be resent on your behalf to the wider Internet. What this means is that anyone listening nearby, or trying to see the packets going from your own system, will see nothing but static. In fact, they won't even know which websites you visit, because everything is encrypted. This is an even stronger security mechanism than SSL, since with SSL people can still see the headers and know which sites you surf to.

But a VPN, or any other type of proxy, provides quite a few more benefits. Whether you use a VPN, which relies on a protocol like PPTP to encapsulate your packets securely, an SSL proxy, a Socks proxy, or even a simple web gateway (which doesn't actually provide you with any encryption) they all have a couple of features  that are similar. The basic principle is that the server is relaying those packets for you, and stripping the originating address. Instead of your own IP address, they only see the proxy server's. That also means if you connect using the previous example, instead of thinking you're in Seattle, every site you connect to will think you're sitting right there in the Dallas corporate office.

Of course, people use proxies for other reasons as well. One example is trying to access region-restricted content. For example, someone in Canada trying to see Hulu content won't be able to, because Hulu restricts videos to U.S. users only. But if they connect to a U.S. based proxy first, they can bypass that restriction. The same thing applies if you live in the U.S. and want to see BBC content through their iPlayer. You would need to connect to a UK proxy to do it.

Criminals also make heavy use of proxies to obscure their actual locations. They can even chain proxy servers together to increase the difficulty of being tracked. But proxies are used for a lot more than just to watch the latest Family Guy, or commit crimes. A lot of people use them simply for safety. If you have a slow Internet connection, you could use a proxy server with a lot of bandwidth, and malware threats roaming the net trying to find unpatched systems, or launch potential denial of service attacks, would find only the proxy. Security researchers also love proxies. When you're trying to infiltrate the criminal underground, the last thing you want is to give them your home address.

One such service: HMA

As you can see, proxies provide security and anonymity that can be very handy. If you don't have a corporate VPN you can use, there are a lot of services that offer some alternatives. One of the most popular right now, and the one I've used, is called Hide My Ass. While the name may sound strange, I've had some good success with it. One of the things I like about it is that, first, it provides a very easy-to-use client software. Instead of having to configure the proxy settings manually, you simply install the client, and it keeps track of your connection status, allowing you to set preferences. Then, it also has a massive amount of 36,000+ IP addresses all over the world. This means you can connect to any of those servers and appear to be from that location. The service isn't free, but at around $10 a month, it's not bad.

Proxies still require trust

Finally, there are some things you need to keep in mind when using proxies. First, remember that while a proxy server will provide you with security and anonymity, the proxy itself has to decode your traffic to send it through. This means it can see everything you're doing, unless you use SSL connections. So you need to trust it. A lot of people use TOR, which is a free anonymity network run by volunteers, or some go to underground channels to get so-called "private" proxies, but the problem is you never know if you can trust those servers. It may end up being worse than not using a proxy at all. Popular commercial services like Hide My Ass base their business on providing this service, so personally I have more faith in them. Don't think of using them for criminal acts however, since they do state clearly that they cooperate with law enforcement. Because again, the proxy server is the one party that knows what your real IP address is. Also, using proxies will typically slow your connection down, since you're basically transferring all your data to another location around the world before it goes out to the Internet. As you attempt to connect to various proxy servers, you may find very big differences in speed, so it's a good idea to try them out. Whether you want security, anonymity, or both, proxies provide a good way to surf the net.

Do you have any tips to share about using a proxy server?

About

Patrick Lambert has been working in the tech industry for over 15 years, both as an online freelancer and in companies around Montreal, Canada. A fan of Star Wars, gaming, technology, and art, he writes for several sites including the art news commun...

Editor's Picks