Proxies Flashcards
Q: What is a proxy?
A: A proxy is a device or service that acts as a mediator in a connection, inspecting the contents of the traffic between the client and the destination.
Q: What do average people often mistake a proxy for?
A: They often confuse a proxy with a VPN used to obfuscate location, thinking any change in IP address is due to a proxy.
Q: What distinguishes a proxy from a gateway?
A: A proxy can inspect traffic contents as a mediator, while a gateway simply routes traffic without inspecting it.
Q: At which OSI model layer do proxies typically operate?
A: Layer 7.
Q: What are the key types of proxy services?
A: Dedicated/Forward Proxy, Reverse Proxy, and Transparent Proxy.
Q: What is a Forward Proxy?
A: A proxy that handles client requests to external servers, often used in corporate networks to control internet access.
Q: Give an example of a Forward Proxy.
A: Burp Suite, used to forward HTTP requests.
Q: What is a Reverse Proxy?
A: A proxy that handles incoming requests to a server, commonly used to protect and load balance web servers.
Q: Give an example of a Reverse Proxy.
A: Cloudflare, used to filter traffic and protect against DDoS attacks.
Q: What is a Transparent Proxy?
A: A proxy that intercepts client requests without their knowledge, acting as an invisible intermediary.
Q: What is a Non-Transparent Proxy?
A: A proxy that requires client configuration to route traffic through it, as clients are aware of its existence.
Q: How are proxies used in security?
A: To filter and inspect traffic, prevent malware, enforce access policies, and protect against attacks.
Q: How do web developers use proxies?
A: To block malicious traffic and load balance using services like Cloudflare or ModSecurity.
Q: How are proxies used in penetration testing?
A: To bypass firewalls and evade detection by setting up reverse proxies on compromised endpoints.
