Difference between pages "IPod" and "Proxy server"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
m (removed category: Encryption :))
 
Line 1: Line 1:
[[Image:ipod.jpg|thumb|200px|A white Fifth Generation iPod (a.k.a. "iPod with Video" or "Video iPod") with a case and earphones.]]
+
{{expand}}
The '''iPod''' is a brand of portable digital media player designed and marketed by Apple Computer. Devices in the iPod family provide a simple user interface designed around a central scroll wheel (with the exception of the iPod shuffle). The standard iPod model stores media on a built-in hard drive, while the smaller iPod shuffle and iPod nano use flash memory. Like most digital audio players, an iPod can serve as an external data storage device when connected to a computer.
+
 
 +
'''Proxy server''' is a server which services the requests of its clients by forwarding requests to other servers.
 +
 
 +
== Overview ==
 +
 
 +
Proxy servers are widely used by organizations and individuals for different purposes:
 +
 
 +
* Internet sharing (like [[NAT]]);
 +
* Traffic compression;
 +
* Accelerating service requests by retrieving content from cache;
 +
* and many others.
 +
 
 +
Proxy servers are often used for malicious purposes (such as fraud).
 +
 
 +
== HTTP proxies ==
 +
 
 +
''These proxy servers are using HTTP.''
 +
 
 +
Example request (direct; with relative URI):
 +
<pre>
 +
GET / HTTP/1.1
 +
Host: cryptome.org
 +
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en; rv:1.9.0.3) Gecko/20080528 Epiphany/2.22 Firefox/3.0
 +
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 +
Accept-Encoding: gzip,deflate
 +
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
 +
Keep-Alive: 300
 +
Connection: keep-alive
 +
If-Modified-Since: Tue, 14 Oct 2008 13:59:19 GMT
 +
If-None-Match: "e01922-62e9-45937059ec2de"
 +
Cache-Control: max-age=0
 +
</pre>
 +
Example request (using proxy; with absolute URI):
 +
<pre>
 +
GET http://cryptome.org/ HTTP/1.1
 +
Host: cryptome.org
 +
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en; rv:1.9.0.3) Gecko/20080528 Epiphany/2.22 Firefox/3.0
 +
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 +
Accept-Encoding: gzip,deflate
 +
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
 +
Keep-Alive: 300
 +
Proxy-Connection: keep-alive
 +
If-Modified-Since: Tue, 14 Oct 2008 13:59:19 GMT
 +
If-None-Match: "e01922-62e9-45937059ec2de"
 +
Cache-Control: max-age=0
 +
</pre>
 +
''Note:'' this HTTP request was intercepted on the way to proxy server.
 +
 
 +
According to RFC 2068 (section 5.1.2):
 +
<pre>
 +
The absoluteURI form is required when the request is being made to a proxy.
 +
</pre>
 +
 
 +
== HTTPS proxies ==
 +
 
 +
''The same as above, but using HTTPS (HTTP over SSL/TLS).''
 +
 
 +
Sometimes HTTP proxies that support CONNECT method are called ''"HTTPS proxies"''. These HTTP proxies can tunnel almost every TCP-based protocol.
 +
 
 +
Example request:
 +
<pre>
 +
CONNECT home.netscape.com:443 HTTP/1.0
 +
User-agent: Mozilla/1.1N
 +
</pre>
 +
 
 +
== SOCKS proxies ==
 +
 
 +
SOCKS is an Internet protocol that allows client-server applications to transparently use the services of a network firewall.
 +
 
 +
== Web proxies (CGI proxies) ==
 +
 
 +
These are web sites that allow a user to access a site through them. They generally use PHP or CGI to implement the proxy functionality.
 +
 
 +
== Proxy detection ==
 +
 
 +
[[Category:Anti-Forensics]]
 +
[[Category:Network Forensics]]

Revision as of 14:06, 15 October 2008

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Proxy server is a server which services the requests of its clients by forwarding requests to other servers.

Contents

Overview

Proxy servers are widely used by organizations and individuals for different purposes:

  • Internet sharing (like NAT);
  • Traffic compression;
  • Accelerating service requests by retrieving content from cache;
  • and many others.

Proxy servers are often used for malicious purposes (such as fraud).

HTTP proxies

These proxy servers are using HTTP.

Example request (direct; with relative URI):

GET / HTTP/1.1
Host: cryptome.org
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en; rv:1.9.0.3) Gecko/20080528 Epiphany/2.22 Firefox/3.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
If-Modified-Since: Tue, 14 Oct 2008 13:59:19 GMT
If-None-Match: "e01922-62e9-45937059ec2de"
Cache-Control: max-age=0

Example request (using proxy; with absolute URI):

GET http://cryptome.org/ HTTP/1.1
Host: cryptome.org
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en; rv:1.9.0.3) Gecko/20080528 Epiphany/2.22 Firefox/3.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
If-Modified-Since: Tue, 14 Oct 2008 13:59:19 GMT
If-None-Match: "e01922-62e9-45937059ec2de"
Cache-Control: max-age=0

Note: this HTTP request was intercepted on the way to proxy server.

According to RFC 2068 (section 5.1.2):

The absoluteURI form is required when the request is being made to a proxy.

HTTPS proxies

The same as above, but using HTTPS (HTTP over SSL/TLS).

Sometimes HTTP proxies that support CONNECT method are called "HTTPS proxies". These HTTP proxies can tunnel almost every TCP-based protocol.

Example request:

CONNECT home.netscape.com:443 HTTP/1.0
User-agent: Mozilla/1.1N 

SOCKS proxies

SOCKS is an Internet protocol that allows client-server applications to transparently use the services of a network firewall.

Web proxies (CGI proxies)

These are web sites that allow a user to access a site through them. They generally use PHP or CGI to implement the proxy functionality.

Proxy detection