Last Updated on
If you’re looking for a super secure, highly anonymous proxy then it can be rather confusing. After all what does constitute such a server, there are no real definitions only opinions.
The first thing to be aware of is that if someone just adds the word secure or highly secure to their description it means nothing. There are literally thousands of one page proxy servers running as default installations on some free web hosting space which describe themselves as secure – they are not. To keep a proxy secure needs time, technical skill and a very real commitment to keeping the infrastructure secure.
For instance, there are loads of people running proxies who never even consider the question of which user context the proxy should be running in. It’s actually very important but surprisingly a huge number of people run their proxy services as root.
This is a very bad idea, not only does this potentially give an attacker a very real chance of obtaining complete control not only to the proxy but the server it runs on. The slightest bug or vulnerability in the service can be exploited – there goes the server, the data, user accounts and logs.
A Step Towards a Properly Secure Proxy
Someone more security aware might run the proxy service in the context of the ‘nobody’ user. The advantage of this account is that it has no real administrative rights or privileges and there the integrity of the server is maintained even if the account is compromised. It does have some rights though and can access public directories and any other directories or services running in the ‘nobody’ user context.
But the real secure way is to create a dedicated user account specifically to run the proxy server in. It would have no other function and importantly no other rights or permissions applied. This protects the server, the logs and any users data that may be on the machine. It’s a simple point but a fundamental step in running a truly secure proxy server and giving you a secure IP address to use – 99% of the proxies you find online won’t be set up like this.
The unfortunate thing is that people tend to imagine that a proxy server that obscures your IP address adds a level of security and anonymity automatically. This is simply not the case and a badly configured proxy is far worse than using no proxy at all. Remember that when you use a proxy server all your data is diverted through that server and everything is probably logged too. It’s a huge risk using a badly configured server, whether it’s meant to be a simple porn proxy or highly secure VPN!
The security of the proxy server is really dependent on the technical expertise of the people who set it up and run it. You’ll never get a secure proxy server for nothing simply because professionals don’t work for free. Kids running proxies on free web space who have no concept of security – do however.
Updated Content and Tags – May 10th, 2013