Secure web proxies are popular for sending internet traffic via alternative paths. Access to a secure web proxy is typically password protected. A malicious third party that does not know a username or password can detect a secure web proxy server by attempting a connection and observing a distinctive response from the proxy server, e.g., an HTTP 407 Proxy Authentication Required response. Traffic from clients that utilize web proxy servers that are detected in this manner can then be blacklisted.
The techniques of this disclosure enable secure web proxies that are resistant to probing attacks. The output of distinctive signals by the proxy servers is limited to authorized clients by making use of a secret key known only to such authorized clients.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Schwartz, Benjamin, "Secure web proxy resistant to probing attacks", Technical Disclosure Commons, (December 04, 2017)