Summary
Understanding Proxies: Different Types and Their Functions
Highlights
A proxy is a device or service that mediates a connection, inspecting the traffic passing through it. Unlike gateways, proxies actively mediate content. Misconceptions exist, with many confusing proxies with VPNs, which primarily obfuscate location. Proxies typically operate at Layer 7 of the OSI Model.
A forward proxy is what most people typically imagine a proxy to be. It acts on behalf of a client to carry out requests, often used in corporate networks to filter outgoing internet access for security against malware. Examples include web filters in organizations and tools like Burp Suite for HTTP requests. Malware often needs to be 'proxy-aware' to bypass these, though certain applications like Firefox (using libcurl) are less susceptible than others (using WinSock).
A reverse proxy filters incoming requests, forwarding them to a protected network. They are commonly used for load balancing, DDoS protection (e.g., Cloudflare), and as Web Application Firewalls (WAFs) like ModSecurity to inspect and block malicious web traffic. Penetration testers also use reverse proxies on compromised systems to bypass firewalls and evade IDS by routing traffic through tunnels like SSH.
Proxies can operate transparently or non-transparently. A transparent proxy intercepts communication without the client's knowledge, acting as an unseen mediator. A non-transparent proxy requires explicit configuration on the client side; without this setup, communication through the proxy (and often to external networks) is not possible.