A web proxy server is a server that acts as an intermediary for requests from client devices requesting resources from servers in a network. A client device typically sends a request for a resource over the network and begins by connecting to a web proxy server. The web proxy server evaluates the request, performs a number of functions and fetches the requested resource and sends it back to the requesting client. A web proxy server may perform a number of functions, for example, enabling client devices downstream of the proxy server to maintain anonymity, speeding up access to resources using techniques such as caching for preventing download of the same content multiple times, auditing of access to internet resources, scanning of transmitted content for malware before delivery to requesting clients and scanning of outbound content for data loss prevention and other access and management tasks.
Proxy servers, in particular web proxy servers are vulnerable to attack. Often attackers look for vulnerabilities in the design and the source code of components that perform some of the functions already mentioned. Vulnerabilities can be exploited to alter the behaviour of the software components and potentially threaten the confidentiality, integrity and/or availability of data within the proxy server itself or a larger network system that the proxy server is part of.
Typically this type of vulnerability exploitation attack is mitigated by using one or more specialist components to protect the web proxy server. These components can include firewalls, intrusion detection systems, web application firewalls and virus scanners. Typical vulnerabilities in web proxy servers allow an attacker to send carefully crafted messages to a component which can result in an attacker being able to take control of the web proxy server and use the web proxy server as a “launch pad” for attacks on “downstream” components of the network system. The impact of such attacks can be to degrade the confidentiality, integrity or availability of information within the overall system.
Suppliers of web proxy software make every effort to avoid introducing vulnerabilities into their products and typically act quickly to remedy any problems that are identified by releasing software “patches” which replace or supplement the defective code. However, this approach has been found to be unsatisfactory for several reasons:
Vulnerabilities are often exploited faster than manufactures can create and disseminate patches;
Means to exploit known vulnerabilities are frequently published (on the internet) and consequently wide-spread attacks can be perpetrated by attackers who have little skill or knowledge themselves; and
The process of applying patches is frequently delayed while patched copies of the web proxies are tested. This adds additional cost and complexity to the process and many large scale commercial systems remain “unpatched” for a considerable length of time. The UK Government agency responsible for information assurance (CESG) estimates that the majority (70% to 80%) of successful attacks on IT systems in the Public Sector could be avoided if all components were correctly patched.
Despite technical advances made in the design of such specialist components over the years, successful attacks on web proxy servers still continue and are one of the main sources of risk in large commercial information processing systems.