Proxyserver

Also called a "proxy," it is a computer system or router that breaks the connection between sender and receiver. Functioning as a relay between client and server, proxy servers help prevent an attacker from invading a private network and are one of several tools used to build a firewall.

The word proxy means "to act on behalf of another," and a proxy server acts on behalf of the user. All requests from clients to the Internet go to the proxy server first. The proxy evaluates the request, and if allowed, re-establishes it on the outbound side to the Internet. Likewise, responses from the Internet go to the proxy server to be evaluated. The proxy then relays the message to the client. Both client and server think they are communicating with one another, but, in fact, are dealing only with the proxy.

The proxy server is a dual-homed host with two network interfaces and two IP addresses. The IP address on the outbound side of the proxy is the one the Internet sees, and the address of the machine making the request is hidden to the outside world. Proxies are often used in conjunction with network address translation (NAT), which hides all the IP addresses of the client machines on the internal network. Proxy servers may also cache Web pages, so that the next request for that same page can be obtained much faster locally.

Proxy servers are available for common Internet services; for example, an HTTP proxy is used for Web access; an FTP proxy is used for file transfers. Such proxies are called "application-level" proxies or "application-level gateways," because they are dedicated to a particular application and protocol and are aware of the content of the packets being sent. A generic proxy, called a "circuit-level" proxy, supports multiple applications. For example, SOCKS is IP-based circuit-level proxy server software that supports TCP and UDP applications