Security risks of proxy servers

There seems to be a large number of people who like to find agents to hide themselves and use proxies to shield IP addresses on some servers, or because the system does not support Internet sharing, it is forced to use proxy software to enable computers in the internal network to connect to the Internet ...... In addition, there are many reasons for the persistence of various proxy servers. At this time, all your data is exposed to the proxy server! The proxy server is equivalent to a transparent data channel. It connects to a computer based on the request data sent by the customer and uses itself as the original customer machine to connect to the target computer, after the data returned by the target computer is sent to the original customer, the target computer obtains the Proxy Server IP address instead of the original customer IP address, in this way, the IP address is blocked or the recipient cannot obtain your real IP address. How the HTTP Proxy Server works: IE sends an HTTP request containing the target URL, and the proxy server receives and analyzes the target URL and related parameters in the HTTP message, then, the URL is used as a standard HTTP connection process to connect to the target website, obtain the data returned from the target website, buffer it to the hard disk of the proxy server, and then return the data to the client. Request the target URL ------> connect to the target server -------> client ------------------------- Proxy Server -------------------- target server <----- return data ---- (buffer) <------------- return data other protocol proxy work mode is similar, the proxy server acts as a data steering workstation, which is equivalent to a dedicated "hardworking worker" responsible for data forwarding ". The working mode of the proxy server is a typical "man-in-the-middle attack" model. The proxy server acts as a "man-in-the-middle" among them, and communicates data of both computers through it. Therefore, "man-in-the-middle attack on proxy servers" has gradually become a reality. Compared with other "man-in-the-middle attack" methods, this method of using proxy servers to overwrite Chen Cang is almost seamless, attackers can write a proxy service program with the data record function on their own and put it on any stable Zombie or even directly on their own machines, then, through some social engineering means, the victim can use the "Proxy Server" that has been done by hand and feet, so that they can stay right. This method is the most undefended, because it uses people's unconditional trust in agents and cheap ideas, making one rabbit after another automatically hit up, while enjoying this delicious "carrot", I don't know that security is gradually getting away from myself. A typical man-in-the-middle attack model. I suggest you always walk by the river.