As a network administrator, how do you effectively manage networks? Although many network management tools can help you, the most effective way is to create a proxy server to filter illegal information. Therefore, as a network administrator, we need to know about the proxy server.
Today, we will introduce you to the readers when to use proxy services.
1. When to use proxy
As the name suggests, proxy is a service that helps you access the internet. What is the use of proxy as a network administrator? Our company has several data centers that used to connect to the network using the shared connection of the operating system. In fact, many Internet users often run illegal programs, and viruses and hacking tools are pervasive, in addition, they play online games during work hours.
How can we disable these behaviors? The proxy server can provide help. I installed ISA2000 on the server at the outlet of the company's network and enabled its proxy function. In this way, the computer in the IDC can only access webpage information through IE browser, game and chat tools cannot be used normally. Therefore, the proxy server is widely used in actual work. It can help our administrators effectively manage network resources.
TIPS: the working mechanism of the proxy server is very similar to the agency we often mention in our lives. Assume that your own machine is server A, and the data you want to obtain is provided by server B, the proxy server is C. In actual work, machine A requires data from machine B. Machine A establishes A connection directly with machine C. After machine C receives data requests from machine A, it establishes A connection with machine B, download the data on machine B requested by machine A to the local device, and then send the data to machine A to complete the proxy task.
Ii. Types of proxies
There are many types of proxies, and there are also many division methods. We will explain this one by one.
1. Transparent proxy and traditional Proxy:
Proxy settings can be divided into transparent proxy and traditional proxy.
(1) Transparent proxy is essentially a type of DNAT, which is similar to declaring a host in NAT. When an intranet host needs to access an Internet host, it does not need to make any settings. It is completely aware of the existence of the firewall and completes communication between the Intranet and the Internet. However, the basic principle is that the firewall communicates with the Internet host instead of the internal network host, and then returns the result to the Intranet host. In this process, no matter whether the Intranet host or the Internet host is aware that they are actually communicating with the firewall. The firewall can only be seen from the Internet, which hides the Intranet network and improves security.
(2) the working principle of the traditional proxy is similar to that of the transparent proxy. The difference is that it needs to set the proxy server on the client. We often set proxy servers in IE browsers to use traditional proxies.
Some readers may still have doubts, so I will teach you a good way to remember. That is, if you set a proxy on the local machine, you will use a traditional proxy. If the local computer is not set and all the settings are executed on the vro or server, the proxy method you use is transparent proxy.
2. HTTP proxy, FTP proxy, and SOCKS Proxy:
There are many types of proxy servers, some of which only provide some services. For example, HTTP Proxy only provides HTTP proxy service. users using HTTP proxy can only access websites and pages through proxy, but cannot access FTP sites. Services are divided into HTTP proxy, FTP Proxy, SOCKS proxy, and so on.
(1) HTTP Proxy: it can be used to access the webpage through a proxy browser. Generally, its ports are 80, 8080, and 3128.
(2) FTP Proxy: the FTP software on the proxy client can access the FTP server. The ports are generally 21 and 2121.
(3) RTSP Proxy: The Real player on the proxy client accesses the proxy of the Real Streaming Media Server. The port is generally 554.
(4) POP3 Proxy: the mail software on the proxy client sends and receives mails in POP3 mode. The port is generally 110.
(5) SSL Proxy: supports up to 128-bit http proxy for encrypted websites. An encrypted website is a website starting with https. The standard ssl port is 443.
(6) Telnet proxy: used for remote control and frequent intrusion. The port is generally 23.
(7) SOCKS Proxy: the SOCKS proxy is different from other types of proxies. It simply transmits data packets and does not care about the application protocol, the SOCKS Proxy Server can be either an HTTP request or an FTP request. Therefore, the SOCKS proxy server is much faster than other types of proxy servers. The standard port number is 1080.
Note: SOCKS proxies are classified into SOCKS4 and SOCKS5. The difference between the two is that the SOCKS4 proxy only supports the TCP protocol, while the SOCKS5 Proxy also supports the TCP protocol, it also supports various authentication mechanisms and server-side domain name resolution. SOCKS5 can be achieved by SOCK4, but SOCKS that can be achieved by SOCKS5 may not be achieved. For example, QQ, a commonly used chat tool, needs to use SOCKS5 as a proxy, because it needs to use UDP to transmit data.
3. anonymous proxy:
If the proxy is hidden at the Agent user level, the proxy can be divided into three types: Highly anonymous proxy, normal anonymous proxy, and transparent proxy.
(1) The highly anonymous proxy does not change the client's request. In this way, the server looks like a real client browser is accessing it. In this case, the customer's real IP address is hidden, the server does not consider that we use a proxy.
(2) normal anonymous proxy can hide the real IP address of the client, but it will change our request information. The server may think that we use a proxy. However, when using this proxy, although the accessed Website Cannot know your ip address, you can still know that you are using the proxy. Of course, some webpages that can detect ip addresses can still find your ip address.
(3) Transparent proxy, which not only changes our request information, but also transmits real IP addresses.
The three are hidden Using proxy identities, which are the most concealed by highly anonymous proxy, followed by common anonymous proxy, and the worst is transparent proxy.
TIPS: The transparent proxy mentioned here is named based on anonymity, and the transparent proxy mentioned above is distinguished based on the proxy enabling method. There is a difference between the two.
Conclusion: In actual work, you must first think about the types of proxies you want to create. Different proxy types are applicable to different situations and cannot be the same.