• Click "Download Now" image upwards.
• Here is the link Internet proxy wiki if the image doesnt shows
• Then, after you click the image you'll go to the 100% protected site where your download will start shortly
• The small window should appear. Click RUN, and thats all. Just follow the instructions of the installer.

� MoinMoin Powered� Design by FrancescoChemolli ( credits)� Hosting donated by MessageNet�� Contents are � their respective authors, licensed under theCreative Commons Attribution Sharealike 2.5 License Contents� Feature: HTTPS (HTTP Secure or HTTP over SSL/TLS)� CONNECT tunnel� CONNECT tunnel through Squid� Intercepting CONNECT tunnels� Bumping CONNECT tunnels� Direct SSL/TLS connection� Direct SSL/TLS connection to a reverse proxy� Intercepting direct SSL/TLS connections� Bumping direct SSL/TLS connections� Encrypted browser-Squid connection� Chrome� FirefoxWhen a browser comes across an https:// URL, it does one of two things:� opens an SSL/TLS connection directly to the origin server or�opens a TCP tunnel through Squid to the origin server using the CONNECT request method.Squid interaction with these two traffic types is discussed below.CONNECT tunnelThe CONNECT method is a way to tunnel any kind of connection through an HTTP proxy.

By default, the proxy establishes a TCP connection to the specified server, responds with an HTTP 200 (Connection Established) response, and then shovels packets back and forth between the client and the server, without understanding or interpreting the tunnelled traffic.

For the gory details on tunnelling and the CONNECT method, please see RFC 2817 and the expired Tunneling TCP based protocols through Web proxy servers draft.CONNECT tunnel through SquidWhen a browser establishes a CONNECT tunnel through Squid, Access Controls are able to control CONNECT requests, but only limited information internet proxy wiki available.

For example, many common parts of the request URL do not exist in a CONNECT request:�the URL scheme or protocol (e.g., https://, https://, ftp://, voip://, itunes://, or telnet://),�the URL path (e.g., /index.html or /secure/images/),�and query string (e.g.

?a=b&c=d)With HTTPS, the above parts are present in encapsulated HTTP requests that flow through the tunnel, but Squid does not have access to those encrypted messages. Other tunnelled protocols may not even use HTTP messages and URLs (e.g., telnet).�It is important to notice that the protocols passed through CONNECT are not limited to the ones Squid normally handles. Quite literally anything that uses a two-way TCP connection can be passed through a CONNECT tunnel.

This is why the Squid default ACLs start with deny�CONNECT�!SSL_Ports and why you must have a very good reason to place any type of allow rule above them.Intercepting CONNECT tunnelsA browser sends CONNECT requests when it is configured to talk to a proxy.

Thus, it should not be necessary to intercept a CONNECT request. TBD: Document what happens of Squid does intercept a CONNECT request, either because Squid was [mis]configured to intercept traffic destined to another proxy OR because a possibly malicious client sent a hand-crafted CONNECT request knowing that it is going to be intercepted.Bumping CONNECT tunnels�WARNING: HTTPS was designed to give users an expectation of privacy and security.

Decrypting HTTPS tunnels without user consent or knowledge may violate ethical norms and may be illegal in your jurisdiction. Squid decryption features described here and elsewhere are designed for deployment with user consent or, at the very least, in environments where decryption without consent is legal. These features also illustrate why users should be careful with trusting HTTPS connections and why the internet proxy wiki link in the chain of HTTPS protections is rather fragile.

Decrypting HTTPS tunnels constitutes a man-in-the-middle attack from the overall network security point of view. Attack tools are an equivalent of an atomic bomb in real world: Make sure you understand what you are doing and that your decision makers have enough information to make wise choices.Squid SslBump and associated features can be used to decrypt HTTPS CONNECT tunnels while they pass through a Squid proxy.

This allows dealing with tunnelled HTTP messages as if they were regular HTTP messages, including applying detailed access controls and performing content adaptation (e.g., check request bodies for information leaks and check responses for viruses). Configuration mistakes, Squid bugs, and malicious attacks may lead to unencrypted messages escaping Squid boundaries.From the browser point of view, encapsulated messages are not sent to a proxy.

Thus, general interception limitations, such as inability to authenticate individual embedded requests, apply here as well.Direct SSL/TLS connectionWhen a browser creates a direct secure connection with an origin server, there are no HTTP CONNECT requests.

The first HTTP request sent on such a connection is already encrypted. In most cases, Squid is out of the loop: Squid knows nothing about that connection and cannot block or proxy that traffic. The reverse proxy and interception exceptions are described below.Direct SSL/TLS connection to a reverse proxySquid-2.5 and later can terminate TLS or SSL connections. You must have built with -enable-ssl. SeeAnonymous web browsing refers to utilization of the World Wide Web that hides a user's personally identifiable information from websites visited.

Anonymous web browsing can be achieved via proxy servers, virtual private networks and other anonymity programs such as Tor. These programs work by sending information through a series of routers in order to hide the source and destination of information. However, there is never a guarantee of anonymity with these servers. These programs are still susceptible to traffic analysis.

Proxy servers, which have a central point of knowledge, are also susceptible to collection of data by authorities. Moreover, cookies, browser plugins, and other information can be used to uniquely identify a user even if they have hidden their IP address. Contents� 1 Achieving anonymity� 2 Limitations to proxy servers� 3 Cookies� 4 See also� 5 References� 6 SourcesAchieving anonymity [ edit ]When a user opens a web page, his or her IP address and other computer information (e.g.

device fingerprint) become visible to the target web page's server. This information can be used to track the user. The user's IP address can be hidden via a proxy server or a VPN server, though this can be circumvented by just using the wrong browser. These types of servers work by sending a request to the target server from itself rather than from the user directly. For example, if a user requests to visit a link on a web page, the request will�instead of being sent directly to the web site server�be sent to the proxy server, which then relays the request to the targeted internet server.

This hides the user's IP address from the target server, as only the proxy server's information is visible. [1]On the other hand, device fingerprints are relatively resistant to anonymization. While some data can be hidden or spoofed, this can actually make a particular user atypical and thereby less anonymous. Services NoScript and Tor, however, appear to be very effective for creating anonymity.

[2]Anonymous web servers generally work by placing an anonymous proxy between a user and the website he/she is visiting. These servers can be used to bypass restrictions and visit sites that might be blocked in a specific country, office, or school.

Some individuals take advantage of these servers solely to protect their personal online identity.Anonymous web browsing is useful to Internet users who want to ensure that their sessions cannot be monitored.

For instance, it is used to circumvent traffic monitoring by organisations who want to discover or control which websites employees visit.If law enforcement officials suspect illegal activity, they can can request logs from the user's Internet provider. Internet providers that emphasize protection of personal data will typically only save their log files for a few days [ citation needed], at which time they are deleted/overwritten by rotation.

Many providers, however, keep log files indefinitely [ citation needed]. Limitations to proxy servers [ edit ]Proxy servers have a number of limitations. Primarily, web pages will sometimes load at a slow pace as user information must be rerouted. Further, if the server is attempting to bypass suspicious software, some elements of a page may not load. Since personal information, such as credit card numbers and passwords, has been passed through an external server that could be accessed by anyone, proxy servers are more of a security hazard than browsing the web without a proxy (if not on an encrypted channel ( HTTPS)).

[3]Browser add-ons like the Java virtual machine plugin and the Adobe Flash Player can be used to reveal the web surfer's IP address even if they are surfing through an anonymous proxy web server. Cookies [ edit ]HTTP cookies are strings of text that are saved on a computer when a user browses different web pages. Cookies allow small bits of information to be stored, such as passwords and shopping lists.

They are also used to track demographics and browsing habits. This information is sent to the user's computer and then uploaded to web databases without the user's approval. [4] Cookies represent another avenue (besides transmission of the IP address) by which a user's anonymity can potentially be breached.

See also [ edit ]� Anonymity� Anonymity application� Anonymous blogging� Anonymous P2P� Anonymous remailer� Data privacy� HTTP cookie� HTTP tunnel� Internet privacy� Personally identifiable information� Privacy software and Privacy-enhancing technologies� Private P2PReferences [ edit ] � ^ Confident Ltd.

"Anonymous Surfing, AnonIC.org, 2004� ^ Eckersley, Peter. "How Unique Is Your Web Browser?" (PDF). Electronics Frontier Foundation. Springer. Retrieved 18 November 2014.� ^ Roos, "How to Surf the Web Anonymously, HowStuffWorks.com, 11 June 2009� ^ Whalen, "The Unofficial Cookie FAQ", CookieCentral.com, June 2002Sources [ edit ]� How to Foil Search Engine Snoops, Wired Magazine (2006) � This page was last modified on 8 SepA reverse proxy taking requests from the Internet and forwarding them to servers in an internal network.

Those making requests to the proxy may not be aware of the internal network.In computer networks, a reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers. These resources are then returned to the client as if they originated from the proxy server itself. [1] While a forward proxy acts as an intermediary for its associated clients to contact any server, a reverse proxy acts as an intermediary for its associated servers to be contacted by any client.Quite often, popular web servers utilize reverse-proxying functionality, acting as shields for application frameworks with weaker HTTP capabilities.

Uses of reverse proxies [ edit ]� Reverse proxies can hide the existence and characteristics of an origin server or servers.� Application firewall features can protect against common web-based attacks, such as DoS or DDoS. Without a reverse proxy, removing malware or initiating takedowns, for example, can become difficult.� In the case of secure websites, a web server may not perform SSL encryption itself, but instead offloads the task to a reverse proxy that may be equipped with SSL acceleration hardware.

(See SSL termination proxy.)� A reverse proxy can distribute the load from incoming requests to several servers, with each server serving its own application area. In the case of reverse proxying in the neighborhood of web servers, the reverse proxy may have to rewrite the URL in each incoming request in order to match the relevant internal location of the requested resource.� A reverse proxy can reduce load on its origin servers by caching static content, as well as dynamic content - also known as web acceleration.

Proxy caches of this sort can often satisfy a considerable number of website requests, greatly reducing the load on the origin server(s).� A reverse proxy can optimize content by compressing it in order to speed up loading times.� In a technique known as "spoon-feed" [2] a dynamically generated page can be produced all at once and served to the reverse-proxy, which can then return it to the client a little bit at a time.

The program that generates the page need not remain open, thus releasing server resources during the possibly extended time the client requires to complete the transfer.� Reverse proxies can operate wherever multiple web-servers must be accessible via a single public IP address. The web servers listen on different ports in the same machine, with the same local IP address or, possibly, on different machines and different local IP addresses altogether.

The reverse proxy analyzes each incoming request and delivers it to the right server within the local area network.� Reverse proxies can perform A/B testing and multivariate testing without placing JavaScript tags or code into pages.� Commercial or enterprise level out-of-box solutions exist and can have an agent installed on user systems to ensure a constant connection to a cloud proxy / reverse proxy server also a SaaS solution.

An example of this is McAfee Web Protection Gateway - SaaS solution. [3]� A reverse proxy can add basic HTTP access authentication to a web server that does not have any authentication. [4]See also [ edit ]� Network address translationReferences [ edit ] � ^ "Forward and reverse proxies".

The Apache Software Foundation. Retrieved 9 February 2011.� ^ "squid-cache wiki entry on "SpoonFeeding "". Francesco Chemolli. Retrieved 9 February 2011.� ^ https://www.mcafee.com/us/resources/data-sheets/ds-web-gateway-reverse-proxy.pdf� ^ https://serverfault.com/questions/239749/possible-to-add-basic-http-access-authentication-via-haproxy � This page was last modified on 28 August 2016, at 17:43.� Text is available under the Creative Commons Attribution-ShareAlike License ;additional terms may apply.

By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia� is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization.� Privacy policy� About Wikipedia� Disclaimers� Contact Wikipedia� Developers� Cookie statement� Mobile view�� Contents� 1 Summary� 2 Proxy configuration example� 2.1 Transparent proxy configuration example� 2.2 Proxy based firewall � Access List� 2.3 Enabling RAM or Store based caching.� 3 Reference� 3.1 General� 3.1.1 Menu Specific commands� 3.2 Access List� 3.3 Direct Access� 3.4 Cache Management� 3.4.1 Menu Specific commands� 3.5 Connections� 3.6 Cache Inserts� 3.7 Cache Lookups� 3.8 Cache Contents� 3.9 HTTP Methods� 3.9.1 Options� 3.9.2 GET� 3.9.3 HEAD� 3.9.4 POST� 3.9.5 PUT� 3.9.6 TRACESummarySub-menu: /ip proxyStandards: RFC 1945, RFC 2616MikroTik RouterOS performs proxying of HTTP and HTTP-proxy (for FTP and HTTP protocols) requests.

Proxy server performs Internet object cache function by storing requested Internet objects, i.e., data available via HTTP and FTP protocols on a system positioned closer to the recipient in the form of speeding up customer browsing by delivering them requested file copies from proxy cache at local network speed.

MikroTik RouterOS implements the following proxy server features:� Regular HTTP proxy � customer (itself) specify what is proxy server for him� Transparent proxy � customer does not know about the proxy being enabled and there isn�t need any additional configuration for web browser of client.� Access list by source, destination, URL and requested method (HTTP firewall)� Cache access list to specify which objects to cache, and which not.� Internet proxy wiki Access List � to specify which resources should be accessed directly, and which - through another proxy server� Logging facility � allows to get and to store information about proxy operation� Parent proxy support � allows to specify other proxy server, (' if they don�t have the requested object ask their parents, or to the original server.)A proxy server usually is placed at various points between users and the destination server ( also known as origin server) on the Internet.

(see Figure 10.1). A Web proxy (cache) watches requests coming from client, saving copies of the responses for itself. Then, if there is another request for the same URL, it can use the response that it has, instead of asking the origin server for it again. If proxy has not requested file, it downloads that from the original server.There can be many potential purpose of proxy server:� To increase access speed to resources (it takes less time for the client to get the object).� Works as HTTP firewall (deny access to undesirable web pages),Allows to filter web content (by specific parameters, like source address, destination address and port, URL, HTTP request method) scan outbound content, e.g., for data leak protection. Note: it may be useful to have Web proxy running even with no cache when you want to use it only as something like HTTP and FTP firewall (for example, denying access undesired web pages or deny specific type of files e.g.

.mp3 files) or to redirect requests to external proxy (possibly, to a proxy with caching functions) transparently.Proxy configuration exampleIn MikroTik RouterOS proxy configuration is performed in /ip proxy menu.

See below how to enable the proxy on port 8080 and set up 195.10.10.1 as proxy source address:[admin@MikroTik] ip proxy> set enabled=yes port=8080 src-address=195.10.10.1[admin@MikroTik] ip proxy> printenabled: yessrc-address: 195.10.10.1port: 8080parent-proxy: 0.0.0.0:0cache-drive: systemcache-administrator: "admin@mikrotik.com"max-disk-cache-size: nonemax-ram-cache-size: 100000KiBcache-only-on-disk: yesmaximal-client-connections: 1000maximal-server-connections: 1000max-fresh-time: 3dWhen setting up regular proxy service, make sure it serves only your clients and prevent unauthorised access to it by creating firewall that allow only your clients to use proxy, otherwise it may be used as an open proxy.Remember that regular proxy require also client�s web browser configuration.For example:Explorer 8.xFirefox 3.xOpera 10.xSelect Tools>Internet options.Click the Connections tab.Select the necessary connection and choose Settings button.Configure proxy address and port.Select Tools>Options.Click the Advanced tab.Open the Network tab.Click the Connection/SettingsSelect Manual proxy configuration'Select Tool>Preferences.Open the Advanced tab/Network.Click the Proxy servers.Enter proxy address and port.Transparent proxy configuration exampleRouterOS can also act as a Transparent Caching server, with no configuration required in the customer�s web browser.

Transparent proxy does not modify requested URL or response. RouterOS will take all HTTP requests and redirect them to the local proxy service. This process will be entirely transparent to the user (users may not know anything about proxy server that is located between them and original server), and the only difference to them will be the increased browsing speed.To enable the transparent mode, firewall rule in destination NAT has to be added, specifying which connections (to which ports) should be transparently redirected to the proxy.

Check proxy settings above and reThe English used in this article or section may not be easy for everybody to understand. You can help Wikipedia by reading Wikipedia:How to write Simple English pages, then simplifying the article. (April 2012) A proxy server connects two computers indirectly to each other.In computer networks, a proxy server is a server (computer) which clients (people or computers) use to access other computers.

[1] A proxy server that passes information to its clients without changing it is usually called a gateway or sometimes tunneling proxy. [2]Proxy servers get their name because they act like a proxy (a stand-in) and act on behalf of a Client's computer.A client that connects to the proxy server requests some service, such as a file, connection, web page, or other resource, that is available on a different server.

The proxy server then goes to the other server and requests what the client wants for them.A proxy server can change the information that it gives to the client, and if the same information is accessed many times or by many different clients it can use what is called a cache to make things faster.

A cache is the term for information that has been accessed and saved for future use; if a proxy server has what the client is accessing in its cache, it will make it faster because it does not need to go and access the other server to provide what the client wants.A proxy server can be placed anywhere in the connection between the client and the server, which could include software on the client computer itself or on any computer between.Some proxy servers use Secure Sockets Layer (SSL) to secure the connection between the client and the remote server.

[3] This security layer helps to make sure that no other computers can read or understand what the client is asking from the server. Contents� 1 Benefits of proxy servers� 2 Types and functions� 2.1 Caching proxy server� 2.2 Web proxy� 2.3 Anonymizing proxy server� 2.4 Open proxy� 2.5 Forced proxy� 2.6 SMTP Proxy� 3 Software� 4 References� 5 Other websitesBenefits of proxy servers [ change | change source ]There are many benefits of using a proxy server.

First, the client machine can exchange data with the remote server without making a direct connection. This way, the client's real internet address will not be known to the remote server. This is sometimes called anonymizing because it makes the client anonymous. A second advantage is that when the proxy server itself is able to serve the request made by the client, it will not contact the remote server any more. So the load on the remote server will be reduced by using a proxy server.

[4] This type of proxy servers are called caching servers.Big organizations (or even countries) sometimes use proxy servers to control access to the Internet.

A large bank may use a proxy server that only allows connections to other websites relevant to banking. The proxy server might however block access to Websites offering free email or serving pornographic material. It might also block access to file sharing applications. Limiting access to specific content on the internet is also called internet filtering. [5] Types and functions [ change | change source ]A proxy server may have one or more of the functions described below: Caching proxy server [ change | change source ]A caching proxy server can service requests from clients, without contacting the remote server; instead, it sends the data which it has stored from a previous request.

This is called caching.Caching proxy servers reduce the work load of the remote server. However, they have their own problems, especially if they are not configured well. Some problems are described in RFC 3143.

Web proxy [ change | change source ]A web proxy is a proxy server that focuses on the traffic over the World Wide Web. It may be used to block offensive web content, or to control access of clients to online content. They may be used by corporations or countries.Web proxies can also be used to track how different individuals have used internet access.

Anonymizing proxy server [ change | change source ]An anonymizing proxy server removes identifying information from the clients' requests, for the purpose of anonymity. They may also be used to break through filtered contents on the internet. Open proxy [ change | change source ]A proxy server is called an open proxy if everyone can connect to it and use it.

Usually, open proxies are proxy servers which are badly configured. [6] Open proxies may be abused easily; for example, a bad user may send a corrupting request to a remote server, but hide himself behind an open proxy, so the administrators of the remote server cannot stop him.

Open proxies can also be used for spamming. [7] For this reason, some websites do not allow connections to their web servers or to edit content on them through known open proxies. Forced proxy [ change | change source ]A forced proxy server is a proxy server which handles all of the traffic from the client to the iThis article includes a list of references, but its sources remain unclear because it has insufficient inline citations.

Please help to improve this article by introducing more precise citations. (March 2015) ( Learn how and when to remove this template message) Communication between two computers (shown in grey) connected through a third computer (shown in red) acting as a proxy. Bob does not know to whom the information is going, which is why proxies can be used to protect privacy.In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers.

[1] A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity. Proxies were invented to add structure and encapsulation to distributed systems. [2] Today, most proxies are web proxies, facilitating access to content on the World Wide Web and providing anonymity. Contents� 1 Types� 1.1 Open proxies� 1.2 Reverse proxies� 2 Uses� 2.1 Monitoring and filtering� 2.1.1 Content-control software� 2.1.2 Filtering of encrypted data� 2.1.3 Bypassing filters and censorship� 2.1.4 Logging and eavesdropping� 2.2 Improving performance� 2.3 Translation� 2.4 Accessing services anonymously� 2.4.1 QA geotargeted advertising� 2.5 Security� 2.5.1 Cross-domain resources� 3 Implementations of proxies� 3.1 Web proxy servers� 3.2 SOCKS proxy� 3.3 Transparent proxy� 3.3.1 Purpose� 3.3.2 Issues� 3.3.3 Implementation methods� 3.3.4 Detection� 3.4 CGI proxy� 3.5 Suffix proxy� 3.6 Tor onion proxy software� 3.7 I2P anonymous proxy� 3.8 Proxy vs.

NAT� 3.9 DNS proxy� 4 See also� 4.1 Overview and discussions� 4.2 Proxifiers� 4.3 Diverse topics� 5 References� 6 External linksTypes [ edit ]A proxy server may reside on the user's local computer, or at various points between the user's computer and destination servers on the Internet.� A proxy server that passes requests and responses unmodified is usually called a gateway or sometimes a tunneling proxy.� A forward proxy is an Internet-facing proxy used to retrieve from a wide range of sources (in most cases anywhere on the Internet).� A reverse proxy is usually an internal-facing proxy used as a front-end to control and protect access to a server on a private network.

A reverse proxy commonly also performs tasks such as load-balancing, authentication, decryption or caching.Open proxies [ edit ] Main article: Open proxyAn open proxy is a forwarding proxy server that is accessible by any Internet internet proxy wiki. Gordon Lyon estimates there are "hundreds of thousands" of open proxies on the Internet.

[3] An anonymous open proxy allows users to conceal their IP address while browsing the Web or using other Internet services.

There are varying degrees of anonymity however, as well as a number of methods of 'tricking' the client into revealing itself regardless of the proxy being used. Reverse proxies [ edit ] Main article: Reverse proxyA reverse proxy (or surrogate) is a proxy server that appears to clients to be an ordinary server. Requests are forwarded to one or more proxy servers which handle the request.

The response from the proxy server is returned as if it came directly from the original server, leaving the client no knowledge of the origin servers. [4] Reverse proxies are installed in the neighborhood of one or more web servers. All traffic coming from the Internet and with a destination of one of the neighborhood's web servers goes through the proxy server. The use of "reverse" originates in its counterpart "forward proxy" since the reverse proxy sits closer to the web server and serves only a restricted set of websites.

There are several reasons for installing reverse proxy servers:� Encryption / SSL acceleration: when secure web sites are created, the Secure Sockets Layer (SSL) encryption is often not done by the web server itself, but by a reverse proxy that is equipped with SSL acceleration hardware. Furthermore, a host can provide a single "SSL proxy" to provide SSL encryption for an arbitrary number of hosts; removing the need for a separate SSL Server Certificate for each host, with the downside that all hosts behind the SSL proxy have to share a common DNS name or IP address for SSL connections.

This problem can partly be overcome by using the SubjectAltName feature of X.509 certificates.� Load balancing: the reverse proxy can distribute the load to several web servers, each web server serving its own application area. In such a case, the reverse proxy may need to rewrite the URLs in each web page (translation from externally known URLs to the internal locations).� Serve/cache static content: A reverse proxy can offload the web servers by caching static content like pictures and other static graphical content.� Compression: the proxy server can optimizeThis article may need to be rewritten entirely to comply with Wikipedia's quality standards, as it is predicated on dangerous advice relating to security.

You can help. The discussion page may contain suggestions. (January 2015) VPN connectivity overviewA virtual private network, also known as a VPN, is a private network that extends across a public network or internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.VPNs can provide functionality, security and/or network management benefits to the user. [1] But they can also lead to new issues, and some VPN services, especially "free" ones, can actually violate their users' privacy by logging their usage and making it available without their consent, or make money by selling the user's bandwidth to other users.

[2]Some VPNs allow employees to securely access a corporate intranet while located outside the office. Some can securely connect geographically separated offices of an organization, creating one cohesive network.

Individual Internet users can use some VPNs to secure their wireless transactions, to circumvent geo-restrictions and censorship, and/or to connect to proxy servers for the purpose of protecting personal identity and location.

But some Internet sites block access via known VPNs to prevent the circumvention of their geo-restrictions.A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption.

A VPN available from the public Internet can provide some of the benefits of a wide area network (WAN). From a user perspective, the resources available within the private network can be accessed remotely. [3]Traditional VPNs are characterized by a point-to-point topology, and they do not tend to support or connect broadcast domains, so services such as Microsoft Windows NetBIOS may not be fully supported or work as they would on a local area network (LAN).

Designers have developed VPN variants, such as Virtual Private LAN Service (VPLS), and layer-2 tunneling protocols, to overcome this limitation. Contents� 1 VPN Prehistory� 2 Types� 3 Security mechanisms� 3.1 Authentication� 4 Routing� 4.1 Provider-provisioned VPN building-blocks� 5 User-visible PPVPN services� 5.1 OSI Layer 2 services� 5.2 OSI Layer 3 PPVPN architectures� 5.3 Unencrypted tunnels� 6 Trusted delivery networks� 7 VPNs in mobile environments� 8 VPN on routers� 9 Networking limitations� 10 See also� 11 Further reading� 12 ReferencesVPN Prehistory [ edit ]The first incentive to VPN creation was a desire of different companies and corporations to remove a set of impediments of their successful business development.Lots of business representatives were looking for the methods of boosting their data security.

The question was how to keep information safe while transferring it to the other company department located far away from the headquarter. In addition to these challenges, there arose the issue of Wi-Fi security. Business needed to make private Wi-Fi wireless network safe for their work. A necessity to economize on remote network access for employees was another reason to make use of a VPN.

The X.25 Protocol and Frame Relay were the first steps to forthcoming of a VPN which later conquered not only business market but also became popular with common online users.A range of events, including the Edward Snowden scandal, made Internet users consider their online privacy and security more seriously. Governments one by one have started adopting laws according to which all communication providers have to keep users� data up to 2 years. Users of countries with a highly censored Internet space like China also started looking for alternative ways of getting unrestricted access to the net.

Another spur to VPN popularity was the blocking policy of renowned online streaming channels internet proxy wiki Netflix, Hulu, Spotify, etc. Types [ edit ]Early data networks allowed VPN-style remote connectivity through dial-up modem or through leased line connections utilizing Frame Relay and Asynchronous Transfer Mode (ATM) virtual circuits, provisioned through a network owned and operated by telecommunication carriers.

These networks are not considered true VPNs because they passively secure the data being transmitted by the creation of logical data streams. [4] They have been replaced by VPNs based on IP and IP/ Multi-protocol Label Switching (MPLS) Networks, due to significant cost-reductions and increased bandwidth [5] provided by new technologies such as Digital Subscriber Line (DSL) [6] and fiber-optic networks.VPNs can be either remote-access (connecting a computer to a network) or site-to-site (connecting two networks).

In a corporate setting, remote-access VPNs allow employees to access their company's intranet from home or while travelling outside the office, and site-to-site VPNs allow employees in geographic�TourStart here for a quick overview of the site�Help CenterDetailed answers to any questions you might have�MetaDiscuss the workings and policies of this site�About UsLearn more about Stack Overflow the company�BusinessLearn more about hiring developers or posting ads with us Announcing Stack Overflow DocumentationWe started with Q&A.

Technical documentation is next, and we need your help.Whether you're a beginner or an experienced developer, you can contribute.Sign up and start helping >Learn more about Documentation > The previous answers were accurate, but perhaps too terse.I will try to add some examples.First of all, the word "proxy" describes someone or something acting on behalf of someone else.In the computer realm, we are talking about one server acting on the behalf of another computer.For the purposes of accessibility, I will limit my discussion to web proxies - however, the idea of a proxy is not limited to web sites.

FORWARD proxyMost discussion of web proxies refers to the type of proxy known as a "forward proxy."The proxy event in this case is that the "forward proxy" retrieves data from another web site on behalf of the original requestee.

A tale of 3 computers (part I)For an example, I will list three computers connected to the internet.� X = your computer, or "client" computer on the internet� Y = the proxy web site, proxy.example.org� Z = the web site you want to visit, www.example.netNormally, one would connect directly from X -> Z.However, in some scenarios, it is better for Y -> Z on behalf of X,which chains as follows: X -> Y -> Reasons why X would want to use a forward proxy server:Here is a (very) partial list of uses of a forward proxy server.�1) X is unable to access Z directlybecause�a) Someone with administration authority over X's internet proxy wiki connection has decided to block all access to site Z.�Examples:�The Storm Worm virus is spreading by tricking people into visiting familypostcards2008.com, so the system administrator has blocked access to the site to prevent users from inadvertently infecting themselves.�Employees at a large company have been wasting too much time on facebook.com, so management wants access blocked during business hours.�A local elementary school disallows internet access to the playboy.com web site.�A government is unable to control the publishing of news, so it controls access to news instead, by blocking sites such as wikipedia.org.

See TOR or FreeNet.�b) The administrator of Z has blocked X.�Examples:�The administrator of Z has noticed hacking attempts coming from X, so the administrator has decided to block X's ip address (and/or netrange).�Z is a forum web site. X is spamming the forum. Z blocks X.REVERSE proxy A tale of 3 computers (part II)For this example, I will list three computers connected to the internet.� X = your computer, or "client" computer on the internet� Y = the reverse proxy web site, proxy.example.com� Z = the web site you want to visit, www.example.netNormally, one would connect directly from X -> Z.However, in some scenarios, it is better for the administrator of Z to restrict or disallow direct access, and force visitors to go through Y first.So, as before, we have data being retrieved by Y -> Z on behalf of X, which chains as follows: X -> Y -> Z.What is different this time compared to a "forward proxy," is that this time the user X does not know he is accessing Z, because the user X only sees he is communicating with Y.The server Z is invisible to clients and only the reverse proxy Y is visible externally.

A reverse proxy requires no (proxy) configuration on the client side.The client X thinks he is only communicating with Y ( X -> Y), but the reality is that Y forwarding all communication ( X -> Y -> Z again).

Reasons why Z would want to set up a reverse proxy server:� 1) Z wants to force all traffic to its web site to pass through Y first.� a) Z has a large web site that millions of people want to see, but a single web server cannot handle all the traffic.

So Z sets up many servers, and puts a reverse proxy on the internet that will send users to the server closest to them when they try to visit This is part of how the Content Distribution Network (CDN) concept works.� Examples:� Apple Trailers uses Akamai� Jquery.com hosts its javascript files using CloudFront CDN ( sample).� etc.� 2) The administrator of Z is worried about retaliation for content hosted on the server and does not want to expose the main server directly to the public.� a) Owners of Spam brands such as "Canadian Pharmacy" appear to have thousands of servers, while in reality having most websites hosted on far fewer servers.

Additionally, abuse complaints about the spam will only shut down the public servers, not the main server.In the above scenarios, Z has the ability to choose Links to topics from the post: Content Delivery Network� Lists of CDNs� https://www.mytestbox.com/miscellaneous/content-delivery-networks-cdn-list/� https://blog.strePart of the Network software glossary:A proxy server is a dedicated computer or a software system running on a computer that acts asan intermediary between an endpoint device, such as a computer, and another server from which auser or client is requesting a service.

The proxy server may exist in the same machine as afirewall server or it may be on a separate server, which forwards requests through the firewall.An advantage of a proxy server is that its cache can serve all users. If one or more Internetsites are frequently requested, these are likely to be in the proxy's cache, which will improveuser response time. A proxy can also log its interactions, which can be helpful for troubleshooting.Here�s a simple example of how proxy servers work:When a proxy server receives a request for an Internet resource (such as a Web page), it looks inits local cache of previouslypages.

If it finds the page, it returns it to the user without needing to forward the request tothe Internet. If the page is not in the cache, the proxy server, acting as a client on behalf ofthe user, uses one of its own IPaddresses to request the page from the server out on the Internet.

When the page is returned,the proxy server relates it to the original request and forwards it on to the user.Proxy servers are used for both legal and illegal purposes.

In the enterprise, a proxy server isused to facilitate security, administrative control or caching services, among other purposes.In a personal computing context, proxy servers are used to enable user privacy and anonymous surfing.Proxy servers can also be used for the opposite purpose: To monitor traffic and undermine userprivacy.To the user, the proxy server is invisible; all Internet requests and returned responses appearto be directly with the addressed Internet server. (The proxy is not actually invisible; its IPaddress has to be specified as a configuration option tothe browser or other protocol program.)See an introductory video explaining proxy servers (definition continues below):Users can access web proxies online or configure web browsers to constantly use a proxy server.Browser settings include automatically detected and manual options for HTTP, SSL, FTP, and SOCKS proxies.

Proxy servers may servemany users or just one per server. These options are called shared and dedicated proxies,respectively. There are a number of reasons for proxies and thus a number of types of proxyservers, often in overlapping categories.Forward and reverse proxy serversForward proxies send the requests of a client onward to a web server.

Users access forwardproxies by directly surfing to a web proxy address or by configuring their Internet settings.Forward proxies allow circumvention of firewalls and increase the privacy and security for a userbut may sometimes be used to download illegal materials such as copyrighted materials or childpornography.Reverseproxies transparently handle all requests for resources on destination servers withoutrequiring any action on the part of the requester.Reverse proxies are used:� To enable indirect access when a website disallows direct connections as a securitymeasure.� To allow for load balancing between severs.� To stream internal content to Internet users.� To disable access to a site, for example when an ISP or government wishes toblock a website.Sites might be blocked for more or less legitimate reasons.

Reverse proxies may be used toprevent access to immoral, illegal or copyrighted content. Sometimes these reasons are justifiablebut sometimes justification is dubious.

Reverse proxies sometimes prevent access news sites whereusers could view leaked information. They can also prevent users from accessing sites where theycan disclose information about government or industry actions. Blocking access to such websites mayviolate free speech rights.See a video introduction to reverse proxy servers (definition continues below):More types of proxiesTransparent proxies are typically found near the exit of a corporate network.

These proxiescentralize network traffic. On corporate networks, a proxy server is associated with - or is partof - a gateway server thatseparates the network from external networks (typically the Internet) and a firewall that protectsthe network from outside intrusion and allows data to be scanned for security purposes beforedelivery to a client on the network. These proxies help with monitoring and administering networktraffic as the computers in a corporate network are usually safe devices that do not need anonymityfor typically mundane tasks.Anonymous proxies hide the IP address of the client using them allow to access materialsthat are blocked by firewalls or to circumvent IP address bans.

They may be used for enhancedprivacy and / or protection from attack.Highly anonymous proxies hide even the fact that they are being used by clients andpresent a non-proxy public IP address. So not only do they hide the IP address of the client usingthem, they al