This service will
enhance your
network security.

NOT ALL PAGES ARE CONVERTED TO CELL PHONE FORMAT!

Home     Sitemap

Proxy service, maybe the best thing you can do for your data...

What is it and why would I want to use it?

You can stop a virus from sending your data home by using a Proxy service.

When you get a Trojan virus how do you keep it from sending your data to the creator/thief that controls the virus?

A firewall either hardware or software will not stop a program that is resident behind a firewall from sending data out through the firewall.

Firewalls by their nature are one way, that is it will only send data or will allow data to pass in if the data was requested from behind the firewall. (Does this make sense?)

What this means is a computer on the outside of the firewall can not contact a computer on the inside of the firewall but a computer inside the firewall can contact a computer on the outside of the firewall and receive data back from the computer the inside computer requested.

This fact keeps unauthorized computers from contacting authorized computers and gaining access to them.

But if a virus such as a key logger, Trojan, or some other type can contact the originating computer from inside the firewall it makes the firewall almost useless.

That is why I recommend a Proxy service when setting up networks.

Starting with Windows XP, Microsoft included a software solution for a firewall. The firewall solution is not a combination of a firewall program and  a proxy service.

It works like this:

  • The Windows Firewall program/service has a basic set of rules.
  • A rule is a statement that tells the program what it can and can not allow through from the outside to the inside and from the inside to the outside.
  • To keep a virus from accessing a computer outside the firewall you would have to have a rule for the virus - not practicable - there are MILLIONS of viruses...

You can setup the rules for either a port or a program.

You need this in your IT Tool Box! Get yours today...

The 5 Steps to high quality and cheap
DIY Computer Repairs


Get It Today...

Access through the network adapter is controlled by 'port' this is a software address inside the service that is agreed on as a standard such as all web browsers and web sites are listed on port 80, however this is not set in stone and can be changed.

Servers that have more than one web site can not have the same port of 80 so the web master of the secondary web sites give them a different port number. You may have seen them like this: http://some.web.site.com:10100/index.htm note the :10100 this is the port that the web master picked that is not used by some other service or program.

What you would have to do with Windows Firewall is create a 'rule' (I will not go in to the process of how to do a Windows Firewall rule here) that will allow either the program to access port 10100 or write the 'rule' for only a certain inbound IP address to access the port 10100.

Where the Windows Firewall fails are these two areas:

  • It can not block wan requests
  • It can be hacked

Hardware that is hard coded (i.e. it can not be changed) can not be hacked, nor can it be by passed.

Thus a router between your network and the outside world is the best way to block hackers from getting inside your network. By setting the router to not accept wan requests a hacker will see the ISP then your cable/DSL modem (if the modem does not have the "block wan requests" either turned on or available) but not the network on your side of the modem.

You will find more information on installing,  configuring, and troubleshooting Firewalls and Proxy service in the Build a Server Guide.

But a virus on the inside can get out through the router.

This is where the Proxy service comes in.

Normally you would have the Proxy service software on a computer between the router and your network like this:

  • Outbound traffic:
    • Network computers  ->  Proxy computer -> Router  -> Cable/DSL modem -> Contacted computer
  • Return traffic
    • Contacted computer -> Cable/DSL modem -> Router -> Proxy computer -> Network computers

You have to set up the proxy computer with two dissimilar NIC's, one will have an IP address from the router the other will have your internal IP network address, this will also be your gateway address such as:

  • Router IP 192.168.1.3 (IP address of the NIC in the proxy computer to connect to the router)
  • Network IP 10.10.0.2 (IP address of the NIC in the proxy computer to connect to your network, also known as the Gateway address)

What the Proxy / computer allows you to do is change the gateway address of the outbound / inbound traffic, it also queries all traffic to the router and pass it through a rule such as:

Scenario #1:

Your email program contacts a server to see if you have any new email -

  • The email program sends a message on port 110 to the proxy addressed to your hosting computer by name xyzserver.emailservice.com, the proxy service looks at the message and says yes let the message to the xyzserver.emailservice.com through on port 110 and wait for a return reply from xyzserver.emailservice.com on port 110.
  • The email server checks you account and either returns the new email or a message that there isn't any new messages for your email account.

Scenario #2:

  • You are browsing the internet and come across a web site that has been hacked and is propagating a virus. Unbeknown by you or your AV program your computer gets infected by the virus. The virus uses your word processor program to gather information and then starts sending the data it has stolen back to the originating computer.
  • Windows Firewall may or may not block the virus from sending the data back, if the port is open or in the disabled state then the data will go back to the originating computer.

However if you had a proxy service between your network and the router the virus would not be able to send the data back to the originating computer.

Why?

Two reasons:

  • First the virus does not know about the gateway IP address required to contact the service.
  • Second the virus does not have a rule to pass the information through the proxy server.

Thus the virus can not 'call home' with your data.

With a proxy server or service you will decrease you vulnerability of a ID or data theft from your computer or network.

Viruses such as Trojans, Key Loggers, and other Malware may cause you some problems with your computers but the data will not be transmitted to some thief to use as they please.

The only draw back to having a proxy service is that you will need a server to install the software on...



Emergency Repair
D
isk (ERD) - Will Yours Work?

Emergency
Repair Disk


Custom made for you...



You keyboard isn't thirsty, and it doesn't need calcium. Milk and other liquids will ruin a keyaboard!


This Web
Site is a
labor of Love
!
But Love
doesn't pay
the bills!

Please chip in $5 to keep it live...

Need A Checklist?

Need A Repair Manual?


    Page copy protected against web site content infringement by Copyscape
 

You can:


Return to
previous page:



 

 

 

 


Thank you for visiting my web site, and please come back again.

This website is not intended for children under the age of 18

Author of this web site: Monte Russell


FTC Endorsement Rules
All testimonials on the DIY Computer Repair web site are from customers who were not paid to comment on any products!


The Flag of The United States of America!   Proudly Made in The U. S. A.

Copyright and Registered to www.diy-computer-repair.net, all thieves will be prosecuted to the fullest extent of international law!www.diy-computer-repair.net

From the Desert South West ~ Arizona, U. S. A.
Copyright DIY-Computer-Repair.Com 2006-2016

 

"You found this web site through:"

Active Search Results


Return to top of Proxy service

Proxy service





Home    About    Sitemap
Fix It Blog!

From the Desert South West ~ Arizona, USA
Copyright www.diy-computer-repair.net 2006-2015