More Related Content Similar to The 5 most dangerous proxies Similar to The 5 most dangerous proxies (20) The 5 most dangerous proxies1. Top 5 Most Dangerous Proxies http://www.deepnines.com/ http://www.deepnines.com/proxy-blocker/ 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 1 2. Agenda Understanding Proxies Most Dangerous Proxies Countdown Prevention and Gaps 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 2 5. From a network security perspective, web proxies are the unauthorized use of a proxy server for circumventing network security policies, filtering solutions and firewalls 6. Once a user connects to a proxy server, the proxy then connects the user to the unfiltered Internet 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 4 7. Proxies and Filter Avoidance Complete Anonymous Surfing of Websites Circumvents existing network security and content filtering solutions Unfiltered, free rein of the Internet Prevents administrators from monitoring or reporting on users Original Intent Provide uncensored access to the Internet in oppressed nations Still operational for people of many nations Unintended Outcome Easy to build and use Became circumvention tactic for users wanting unfiltered access 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 5 24. And the list goes on…There are over 23 different types of proxies and filter avoidance techniques 32. Not difficult to block once the URL is know but requires constant black listing 35. 1. Email distribution list and spam in the morning 2. Blacklisting all day 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 9 36. #5: Anonymous Proxies, Cont’d… Known by a specific URL, making it easier for traditional filters to block Groups exists that are dedicated to creating new proxies each week These are not detected by filters for 2-3 days Examples Include PHP pinksocks.info CGI adiofairy.com ROT13 and Base64 stupidcensorship.com 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 10 37. Definition Circumventor software can be placed on a home (or any out-of-network) computer and it will return a URL that acts as a proxy and can be used to connect back to that computer for anonymous browsing Characteristics These URLs are dynamic and easily changed if ever discovered and blocked Works well for people who do not know how to set up a web server and have a broadband connection at home Example: http://adsl-68-93405.dsl.rcsntx.swbell.net/peacefire911437will be assigned URL and distributed as www.goldenscar.com 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 11 #5 (b): Circumventors 40. Software or an OS feature allowing graphical applications to run remotely on a server while being displayed locally 44. Uses ports that are usually open, or not inspected such as HTTP 80 or HTTPS 443 47. RDP 2 home, Logmein, GotoMeeting, etc.5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 14 48. #4: Remote Desktop Connections 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 15 50. Tunnels form a secure connection between the user and a server on the outside of the network in order to conceal the traffic 57. Most common tunnels are VPN (Virtual Private Network), SSL, UDP and SSH5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 16 75. #2: Secure Proxy Sites: SSL Proxies 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 20 77. Host proxy programs run on a user’s desktop and combine multiple circumvention technologies, making them the most dangerous proxies 97. It’s only as good as the last update (best case scenario) 99. Only effective as a tool for well-known sites5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 24 100. URL Filters: What Do They See? 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 25 101. URL Filters: What Do People See? 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 26 109. Limited signature set, no focused on content5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 27 123. Utilizes specially architected deep packet inspection intellectual property to identify the fabric of what makes up a proxy in order to prevent or block the connection 126. Proxy blocker / DPI (for unknown sites)5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 29 127. Questions and Answers 5/13/2010 DeepNines Technologies, Inc. Confidential © 2009 30 Additional questions email: sales@deepnines.com call: 1-866-DEEP9-12 www.deepnines.com