Proxy

Objective

The attack surface is reduced due to internet connectivity.

What is a proxy used for?

In computer networks, a proxy server is a server application or device that acts as an intermediary for requests from clients who seek sources of servers providing these resources. A proxy server is acting on behalf of the client when requesting service and may mask the true origin of the request to the source server.

Instead of directly connecting to a server that can meet a requested resource, such as a file or web page, the client sends the request to the proxy server, which evaluates the request and perform the necessary network operations. This serves as a method to deal with the complexity of the request to simplify or control or to provide additional benefits such as load balancing, privacy or security. There's proxies were created to add structure and encapsulation distributed systems.

Principle

Every Internet connection is a proxy to expire

Direct connections that bypass the proxy must:

  • Risk-driven evaluation
    • Specifically: * preferably no .domeinen
    • Reason why
    • potential impact
  • Acceptance by liable
  • adjust inventory

TIP: Try the PAC file as small as possible, because every web request must go through this PAC file.

TIP: Use a specific PAC file for certain segments. This is consistent with the minimal surface attack to the segments.

Process

All appliances give the pac file

  • A proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL.

The firewall is intended to block the alternative connections.

Devices that do not support proxy must respect to be a higher risk and therefore possibly (I recommend at unsafe protocols) in a separate segment to be housed.

How in CoDex.eu?

The proxy server

  1. Create a network assessment unit to
  2. chapter Proxy
  3. Proxy configuration overflow according to the requirements

Inventory Proxy Rules

Keeping the proxy rule exceptions

An exception to the proxy should be an entry added

  1. Create a network assessment unit to
  2. chapter Proxy
  3. Complete the proxy inventory

Last modified: Thursday, 31 December 2020, 5:03 PM