I'm interested in learning about proxy server security. How can I defend against proxy server attacks?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Proxy server security measures depend on the specific types of proxy server attacks. Attacks on your proxy server could be either denial-of-service (DoS) attacks, unauthorized access attacks or attacks on the proxy server software. A DoS attack on a proxy server could be just be an attacker trying to send more network traffic to the proxy software than the system can process. Unauthorized access attacks are where an attacker uses a proxy (typically an open proxy that allows anyone to use it without authentication) to mask their connections when attacking a different site. Attacks on the proxy software could be used to gain unauthorized access to make configuration changes to the software or server.
Boost proxy server security and defend against DoS attacks by blocking unsolicited packets or by using load balancers, as these actions could help reduce the impact the attack has on the server.
Unauthorized access attacks can be prevented by ensuring appropriate types of authorization are used to access the service and potentially by only allowing certain clients to access the proxy based on IPs. You could also authenticate the users of the proxy. Based on group membership, you could give them different authorizations to view different types of websites or vary their type of access.
Defend against attacks on proxy server software by using good management practices such as regularly updating software. You can also ensure that access to the management functionality is limited to only certain networks and uses strong access controls.
There are also attacks that use a proxy server on the Internet as a transit device to hide the originating source of the attack on your network. Blocking open or malicious proxy servers from accessing the network or servers is one way to prevent this type of attack from being successful. There are companies that maintain lists that can be used for this type of blocking, but take care to understand exactly what is being blocked and how the list is maintained. An example of a commercial block list is the one maintained by URLblacklist.com.
Dig Deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis
Related Q&A from Nick Lewis
Malware is increasingly using DNS tunnels to aid in data exfiltration. Expert Nick Lewis explains how the attacks work and how best to defend against...continue reading
Researchers warned about the rise of a new cross-site scripting flaw involving same-origin policy. Expert Nick Lewis explains the vulnerability and ...continue reading
Malware authors are adopting software wrapping to hide malicious code and avoid detection. Expert Nick Lewis explains how to defend against the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.