This time on Hak5: We begin a special series on proxies. Caching, filtering, security or anonymity -- whatever your reasons may be Darren and I are exploring the in's and out's of this great technology from the ground up. All that and more, this time on Hak5!

Download HD Download MP4

What is a Proxy

Basically a proxy is a technology that enables one to bounce their Internet traffic off, or tunnel Internet traffic through, a third party server. Typically this is a linux box running a daemon, but there are plenty of types of proxies, as well as reasons to use 'em. So why do we have proxies? Well, this won't cover everything, but here's a few examples:

Why would you want to proxy?

Security - keep your web traffic encrypted
For me it's all about security. Most proxies employ encryption, encapsulating each packet into a private tunnel so that would be eavesdroppers can't peer in on your surfing. I don't care if it's open wifi at the airport or a wired hotel LAN -- if it isn't my network I don't trust it.


I hate it when network operators do this, and I'm sure you've encountered it. It turns out there's porn on the Internet. That, um, isn't what I've encountered -- I'm talking about when sysops use Proxies to filter content. Whether it's a DNS blacklist or content keywords, proxies can be used to shut down browsing to sites the operator deems inapproporiate. Whether that's porn or blogs criticizing a draconian government.

Bypassing Censorship

Likewise proxies are a great weapon against censorship. During the 2011 Egyptian Revolution, and following the January 25th protest, access to Twitter and Facebook from within the country were blocked.


Speed up web browsing with a caching proxy like Squid which is implemented in a lot of the more advanced open source routers we like, including Smoothwall and Untangle. The idea being that it holds copies of a web page or other resource in its cache, so if Darren visits in the morning then I go there in the afternoon I grab a local copy, thus saving bandwidth and speeding up the network.


Like a WiFi Honeypot or a Man-in-the-middle attack, a proxy can facilitate eavesdropping by routing traffic from a client, or victim in this case, through an eavesdropper's server. This enables the kind of packet sniffing mischeif you might imagine -- password snooping, URL snarfing, stealing of cookies and session hijacking, even altering content in transit. You know, the same kind of stuff your ISP could do - but doesn't... Or do they? Nah.... But SRSLY.

Private Networks

Traveling abroad and need access to resources on your office network? There's a proxy for that. Basically bridging two or more networks a proxy can enable access to stuff like printers, internal web servers, even private peer to peer networks or Darknets. Who doesn't like a little privacy with their file sharing?


Network Proxies can provide some level of anonymity by making it difficult to trace internet activity. The most notable examples include The Onion Router and I2P or the Invisible Internet Project. We're working up a special episode on these, but suffice it to say if you're a fan of freedom and privacy these are for you. Just, be aware that they aren't fool proof. In design these networks don't account for a global passive adversary, you know - like the NSA.

There are more proxy types and implementations than you can shake a stick at, but we’ll cover a few of the more popular ones and get into the practice soon.

Types of Proxies

Forwarding Proxies: Typically speaking a forwarding proxy is a private service setup for one or more users that forwards or relays Internet traffic. An example would be a SOCKS proxy setup on a Virtual Private Server that you maintain and only you have access to. Use of this proxy requires authentication and once connected some or all of your Internet traffic is routed through this host.

Open Proxies: which is similar to a forwarding proxy, except that authentication isn’t required. These open proxies or anonymous proxies are generally available to anyone on the Internet. Most HTTP or web based proxies don’t require a whole lot of skill or network configuration to use. For example visiting the open proxy allows a user to pull up pages like twitter and facebook without actually going to those domains. As far as a network operator is concerned the user is only visiting the proxy, and the subsequent web pages are requested on the proxies behalf.

Reverse Proxies: one that facilitates connections between two networks, often making it possible to access an internal resources which is otherwise inaccessible from the Internet. A good example of this would be a WiFi Pineapple in the wild connecting back to my VPS in the cloud allowing me to proxy through the VPS and into my pineapple. We’ll get into this in practice soon.

The nice thing about your reverse proxy setup is that it’s able to overcome NAT.

NAT, or Network Address Translation, is a gateway (typically your home router) which assigns private IP addresses to each connected client, then allows all of those clients to access the Internet through a single public IP address. Since each machine on a NAT’ed network doesn’t actually have it’s own public IP address it makes it more difficult to run a server, like SSH. Typically port forwarding is necessary to allow incoming connections to get routed to the right machine inside the network. But outgoing traffic doesn’t have this limitation. Thus the reverse proxy is able to establish its connection without any special network configuration, a lovely technique we know as "NAT Traversal".

SOCKS Proxy: Our favorite implementation

SOCKS stands for SOCKet Secure and it’s an Internet protocol that allows you to route your network traffic through a proxy server.

  • Originally developed by David Koblas, a sysadmin at MIPS in ‘92
  • Later extended to version 4 by Ying-Da Lee at NEC
  • And finally version 5 was approved by the Internet Engineering Task Force in ‘96
  • Can be used with Secure SHell - a network protocol for secure communication to remote shells
  • Operates at a lower level than HTTP proxying
  • Able to be used for any TCP or UDP connection
  • Two mainstream types of SOCKS proxies, SOCKS4 and 5
  • SOCKS5 allows for use of IPv6, UDP and DNS lookups so it is preferred

Basic Client Setup in Linux

ssh -D 8080 user@host

The -D option, from the man pages

-D [bind_address:]port

Specifies a local dynamic application-level port forwarding. This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address. Whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine


Keep in mind this option requires superuser privileges so you may need to use sudo or similar root execution utility.

Warning: The basic client setup illustrated here uses password based authentication, which goes against security best practices. The next episode in this series will address this setup. Use of password based authentication is not advised.

Basic Client Setup in Windows

Begin by downloading putty, the gold standard in SSH on Windows.

Open putty, enter your host information, then expand SSH > Tunnels. Enter a port between 1025 and 65535, check Dynamic and enter localhost or as the IP address. Click Add, then Open. An SSH session will open, typically prompting for username and password. Note: We will expand on this shortly with key based authentication.

If you're into Hak5 you'll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!

Whether you're a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let's not forget to mention that you can follow us on Twitter and Facebook, Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at If you have any questions or suggestions please feel free to contact us at

Youtube Description (No HTML):

This time on Hak5: We begin a special series on proxies. Caching, filtering, security or anonymity -- whatever your reasons may be Darren and I are exploring the in's and out's of this great technology from the ground up. All that and more, this time on Hak5!

If you're into Hak5 you'll love our new show by hosts Darren Kitchen and Shannon Morse. Check out

Whether you're a beginner or a pro, is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let's not forget to mention that you can follow us on and, to the show and get all your Hak5 goodies, including the infamous over at . If you have any questions or suggestions please feel free to contact us at

Leave a Reply

Your email address will not be published. Required fields are marked *



  • bigbeck89 3 years ago

    Great Episode! Loved having Snubs asking all those questions, they were exactly the questions floating around in my head!

    Excited to see this Proxies series move forward.

  • Fredrik 3 years ago

    Thumbs up for this “new” kind of episode. I was actually just surfing around thinking about browser security and this will be really helpfull.

    Keep up the good work!

  • Would proxies be a possible work around for accessing local resources while connected to a corporate VPN?

    I have heard this complaint from many people, that whenever they want to print or access a file on their local network they have to disconnect from VPN and use that resource, then reconnect.

    Thanks for the great show!


  • Damon 3 years ago

    This was one of your best episodes, thanks.

  • Missed one point that I find useful from a holistic pov, proxies and NAT and essentially one in the same. OSI is the general and useful 7 layered design of encapsulation and should be the basis and descriptor of all network technologies.

    NAT or Network Address Translation is essentially the replacement of layer 1-4, physical, data link, network, and transport. Proxies do the exact same however depending on software they may record the information, relay it, replace the NAT portions dynamically and such. Same goes for IDS’s, web publishing servers, and all intermediate devices.

    Even your pineapple is the same concept. I think you got something for flipping images in HTTP traffic right. Well now your reading layer 1-7 and altering 6, and 7. Its just more processing of packets.

    The concept and OSI is golden and very underrated. The IT world is flooded with terminology and categorization and process. This is flawed. Please try and incorporate OSI into the show more often. You and intrinsically understand this but for myself is what the holy grail to my understanding of these network technologies.

    • TuffRank 3 years ago

      m8! you are well-off with your OSI understanding /concept … first thing first;

      Quote; “proxies and NAT and essentially one in the same” that is incorrect… Go back to your study guides or your youtube vids & refresh your Knowledge r follow on…

      However, I do agree with you with using the OSI and TCP/IP layer Blueprint for explaining how Internetworking Works…

      Think about NAT & Proxy this way.

      Do not confuse a proxy server with a NAT (Network Address Translation) device. A proxy server connects to, responds to, and receives traffic from the Internet, acting on behalf of the client computer, while a NAT device transparently changes the origination address of traffic coming through it before passing it to the Internet…

      OSI concept;

      For those who understand the OSI (Open System Interconnection) model of networking, the technical difference between a proxy and a NAT is that the proxy server works on the transport layer (layer 4) or higher of the OSI model, whereas a NAT works on the network layer (layer 3).

      Oh yeah!!

      >> SOCKS performs at Layer 5 of the OSI model—the session layer (an intermediate layer between the presentation layer and the transport layer).

      Great work Mr. Kitchen and pretty girl Shannon… Give-Thx

  • tomscrat 3 years ago

    I am a great fan of hak5 and watching the video of the show each week from Germany ;D

    I tried out the ssh proxy thing and found a surprising fact:

    I did “ssh -D 8080 user@host” to a ssh server of mine, opened chrome and installed Switchy as Shannon explained. Works fine!
    Then I changed to Firefox, and when I go here to I see the same as in Chrome with Switchy and proxy use enabled …
    Hmm, I thought, then I figured out Firefox provides the options “Use system proxy settings”, which automatically uses the setup ssh tunnel. So no need to change with Foxyproxy the use of a proxy.
    Find the setting in Firefox > Edit > Preferences > Advanced > Network > Connection > Settings
    That is the normal way to provide proxy information, but with set on “use system proxy settings” no need to change anything 😀

    I am looking forward for to the next episode of Hak5,
    cheers form Germany ;D

  • Martin 3 years ago

    Awesome show! Very well explained and covered! I Love HAK5


  • Pixelated Dwarf 3 years ago

    Outstanding! Love the in depth look at proxies. Hope you will also be getting into VPN’s.

    Short correction – it is IP v6 not 5 :) 65,535 for the number of ports.

    Keep up the great work – looking forward to future parts of this!



  • Great episode! I’ve been struggling with proxies for a long time (out of need and desire to learn). I can’t wait for the next episodes. I’m hoping for some techniques to maintain anonymity, and safe guard a particular email account that’s been compromised by a vicious hacker.

  • Mario 3 years ago

    Great Episode, wish i knew about this show from when it started!
    Iv managed to stay up to date with all the latest episodes.

    All the way from South Africa

    Thank you guys!!

  • dortizesquivel 3 years ago

    Great video! waiting the next!! :)

  • signal7 3 years ago

    That was a very Interesting presentation on using proxies and I must
    admit, I learned a few things along the way. However, some packet
    captures of the session using a dynamic port shows that all of the DNS
    requests still go to the locally defined DNS server. So, even though
    the information itself is tunneled and encrypted, *where* you’re going
    online is not protected. It would be trivial to defeat this proxy
    with a filtering DNS provider or even a firewall that can do deep
    enough packet inspection. At the very least, your provider could log
    the DNS queries for later use, whatever that may be.

  • Slickkk 3 years ago

    I guess the tools that are out are coming out are being developed slower than your episodes. They used to be way longer and better; must be running out of material. And btw Darrin you screwed up big time with not being with that chick, you must take a lot of showers lol.

  • What’s the ETA on the next part? Leaving for China in 10 days!!!!

  • Cobolt 3 years ago

    shannon Just love your boobs in those tight T-shirt’s…
    More tight tops please, 😀

  • PROXIES ago!
    Totally digging this. Can’t wait to re-watch and see what comes next.
    Great show.

  • rami_info 3 years ago

    Hi hak5 crew

    Is it possible to go back to metasploit with new modules of 2012.

    Thnx and hope goooooooooooooooood luck

  • Kincaid 3 years ago


    I am excited about starting to use proxies. So since we don’t know if the free proxy servers out there are logging the traffic for their evil purposes and if we go with the same line of thought that vps could in theory also log your info, I was wondering if i could run my own proxy server at home.

    Then the question becomes, if i am at my favorite wifi location and I connect to my proxy at home so i can safely check my 2 emails i get a week, connecting to the proxy server would give the “man in black” the ip address of my home proxy server and they can start doing the evil things they do.

    I am guessing there is no way around this?

    • Sure you can run a proxy server at home. We actually cover setting these up in both Windows and Linux over the next two episodes. If there was a MITM at the coffee shop you would indeed be giving up the IP of your home server. Also keep in mind what you’re doing here is shifting the trust from the open WiFi network (low trust IMHO) to your home or VPS. Sure your VPS provider could be sniffing, but then again so can your ISP so at the end of the day you just have to ask yourself, who do you trust?

  • Hey man…..

    itz awsum… I mean to say that this show is ultimate for

    all who want to Learn Security(also other) from BASIC —–> ADVANCE…

    I really Like it ….. and mostly “GO THROUGH IT”

    Thanks …to all

  • People from the gaming industry generally rely on cheats all the time in order to make significant progress in the game.

  • Excellent beat ! I would like to apprentice even as you amend your web site, how could i subscribe forr a blog website?
    The account helped me a acceptable deal. I were a little bit familiar of this your broadcast offered
    brilliant clear idea

  • Unquestionably imagine that that you said. Your favourite justification seemed to bbe on the net the simplest thing to have
    in mind of. I say to you, I definitely get annoyed while other folks think about
    concerns that they just do not recognise about. You controlled to hit the nail upon thee highest and also defined out the whole thing with
    no need side-effects , folks could take a signal. Will
    likely be back to get more. Thanks