Proxy server

Definitions[]

A proxy server is

“

[a] server that services the requests of its clients by forwarding those requests to other servers.^[1]

”

“

a computer system or an application program that acts as an intermediary for requests from a user seeking resources from other servers, allowing the user to block access to his or her identity and become anonymous.

”

“

a system that caches items from other servers to speed up access. On the Internet, a proxy server first attempts to find data locally, and if it is not there, fetches it from a remote server where the data resides permanently.

”

“

[a]n Internet server that controls client computers' access to the Internet. Using a proxy server, a company can stop employees from accessing undesirable websites, improve performance by storing webpages locally, and hide the internal network's identity so monitoring is difficult for external users.^[2]

”

Overview[]

“

Proxy servers conserve system resources by directing all outgoing and incoming data traffic through a centralized portal. Typically, organizations limit the use of their proxy servers to local users. However, some organizations, either as a public service or because of a failure to properly protect their proxy server through the use of a 'firewall,' allow their proxy servers to be accessed by remote users. Outgoing requests from remote users can be routed through such unprotected proxy servers and appear to originate from the proxy server. Incoming responses are then received by the proxy server and routed to the remote user. Information requests sent through such proxy servers cannot easily be traced back to the originating IP address and can be used to circumvent attempts to block queries from the originating IP address.Blocking queries from innocent third party proxy servers is both inefficient, because it creates an endless game of hide-and-seek, and potentially counterproductive, as it runs a substantial risk of blocking requests from legitimate, desirable users who use that proxy server.^[3]

”

References[]

↑ CNSSI 4009.
↑ FFIEC IT Examination Handbook, E-Banking, Appendix B: Glossary (full-text).
↑ eBay, Inc. v. Bidder’s Edge, Inc., 100 F.Supp.2d 1058, 1061 (N.D. Cal. 2000) (citations omitted).

[1] CNSSI 4009.

[2] FFIEC IT Examination Handbook, E-Banking, Appendix B: Glossary (full-text).

[3] Bay, Inc. v. Bidder’s Edge, Inc., 100 F.Supp.2d 1058, 1061 (N.D. Cal. 2000) (citations omitted).

[1]

[2]

[3]