in many large enterprises and in some countries, there are usually some access restrictions in order to restrict employees or people to visit certain websites or to use certain network applications. Limiting methods usually include routers, IP filtering, and the use of proxy servers in a few ways.
router IP filtering refers to through the router to join the extranet or foreign IP blacklist, so that within the network or domestic access to the Internet or outside of these IP, access to the purpose of limiting access. The mandatory use of proxy server filtering usually used only in large enterprises, refers to the intranet must access the Internet through a proxy server to the proxy server, then can achieve a more complex filtering mechanism. This article describes the IP filter attack and defense, on the proxy server offensive and defensive warfare next discussion. The following describes in turn the network access offensive and defensive warfare escalating process:
first, if you want to forbid people to access certain websites, then the router administrator can set the IP filtering rules in the router, the website of the IP blacklist, naturally people cannot visit these sites.
, people will bypass the restrictions with proxy servers in order to continue accessing these sites. The IP of the proxy server is thousands of, and constantly changing, making work limiting access to the network in a passive situation.
, however, because the proxy server protocol is clear, through the monitoring network data packet and making automatic collection procedures can know which people access the proxy server and automatically the proxy server IP IP added to the blacklist, so the use of ordinary proxy server to bypass access restrictions on the failure mode, bypass network access restrictions work in a very passive situation.
therefore, the encryption proxy software came into being in order to avoid detection of the proxy server address. The communication protocol between the user and the proxy server is encrypted so that the IP address of the proxy server cannot be easily analyzed by listening to network packets. Again, the work that limits access to the network is in a passive state.
, however, cryptographic agents also need to communicate with the proxy server and also need to know the IP address of the cryptographic proxy server. As a result, cryptographic agents typically get the IP of the cryptographic proxy server at startup to some places where the IP address of the encrypted proxy server is issued. So, only to come up with a computer, start encryption software, monitor network communication on the computer, then you can know the release of encrypted proxy IP address, and IP filtering for the publishing point. It can be made into the program to start automatically encrypted proxy software, automatic monitoring data packets, automatically encrypted proxy IP release site IP blacklist, this encryption proxy software cannot obtain the encrypted proxy IP, encrypted proxy software failure, bypassing network restrictions work again in a very disadvantageous position.
encryption agent, in order to deal with this situation, >