Open Proxies

A proxy is a type of server that acts as a "go-between" or "broker" for some type of information exchange on a network. The most common use of a proxy is to regulate HTTP (web) traffic that passes between hosts on a local area network (LAN) and an external network (such as the Internet). Used in such a way, a proxy server is not a bad thing; in fact, it can be quite beneficial, as it can filter the content that is delivered to a business or home network.

So what's the problem?

If a proxy server is used for such a legitimate purpose, and is correctly configured, there is no problem. However, if the proxy server is not correctly configured, or if it is set up on a network where the sys admin doesn't care if the proxy is abused, it can be used as an anonymous launchpad for all kinds of mischief.

For example, a spammer can use certain types of open proxies to relay e-mail that cannot be traced back to the original sender, or to launch a port scanning attack to find "open relays" (mail servers that allow anyone on the Internet to relay mail to anyone else on the Internet, bypassing the security checks that restrict usage to authorized users). Or an open proxy could be used to try to steal content from web servers.

How do I know if I have an open proxy on my computer or network?

Get a copy of nmap or nessus (or better yet, both nmap and nessus) and look for the following (incomplete) list of open proxy ports:

You might also find it educational to download ethereal and watch the traffic on your network/Internet connection.