Proxy Interview Questions

Ques 1. What is a proxy Server?

Proxy sits between an end system and remote server and acts as a mediator. The client
requesting resource connects to proxy server and once validated proxy connects to remote
server and provides requested content to client. This setup is used to prevent from attack
and unexpected access by techniques like hiding the IP address of the client computer. Proxy
functions on layer 7 placed in Semi-secured DMZ Zone of Data Centers or offices.

Ques 2. Purpose of Proxy Servers?

Purpose of proxy server are enlisted below -

 IP address hiding - When browsing the web, your access to certain websites might be
denied due to your IP address or location restrictions. In this case, a proxy will act as a
bridge and mask your true address, making your target website recognize its address as
your own.
 Block malicious traffic and websites - Your proxy server will act as a wall between you
and potential online attacks that might come from hackers or illegal websites looking to
spread malware and other types of dangerous content.
 Log online activity - This might be very helpful if you regularly visit certain websites. A
proxy server will recognize these as your favorites and make your access to them more
reliable.
 Speed Up surfing - Proxy server caches the required resources in its local hard disk and
clients will get content locally from proxy server instead of reaching out to far away Web
server over Internet.

Ques 3. What are different types of proxies?

 Reverse Proxy –
A reverse proxy does the exact opposite of what a forward proxy does. While a forward
proxy proxies in behalf of clients (or requesting hosts), a reverse proxy proxies in behalf of
servers. A reverse proxy accepts requests from external clients on behalf of servers
stationed behind it
 Forward proxy –
Forward Proxy takes origin connections from the intranet clients and connect them to
servers outside on the internet. In other words, A forward proxy takes requests from an
internal LAN network and forwards them towards the Internet. Sometimes, forward proxy
may even serve the requesting client with cached information rather than passing the
request towards the internet.

 Transparent Proxy –
Transparent proxy acts as intermediate between an end user and a web service. When an
end user connects to a service, the transparent proxy intercepts the request before passing
it on to the provider. Transparent proxies are called transparent because end user isn’t
aware of proxy in the path.
Ques 4. What are different deployment modes of proxies?

 Explicit Proxy (Browser configured)

 Explicit Proxy (PAC File configured)
 Transparent Proxy (WCCP)
 Transparent Proxy (Bridged)
 Transparent Proxy (PBR)

Ques 5. Share some names of commonly used Proxy servers?

 FreeProxy
 Squid
 Privoxy
 Polipo

Ques 6. What is the default port of squid and how to change its operating port?

By default, Squid launches listens on port 3128

With understanding that current port in use is 3128 and we need to change it to 3130, next
step is to find configuration file as below –
Step 1 –
locate squid.conf
You should receive a result similar to:
/etc/squid/squid.conf

Step 2 –
Edit the squid.conf file and change configuration from “http_port 3128” to “http_port 3130”

Step 3 –
Exit and save the file, and then restart Squid:

Step 4 –
Issue below command to view port number being used
netstat –plant

The output will show new port number 1337 on which Squid is listening.

Ques 7. How to clear cache in squid?

Windows –
Run MMC and load the services snap-in, kill the running squid process.
Empty Squid’s cache folder (e.g. C:\squid\vars\cache\).
Run Squid with the –z parameter to rebuild the cache folder structure (e.g.
C:\squid\sbin\squid.exe –z).
 From the services snap-in of MMC, restart the squid service

Linux –
Step 1 -
Stop squid
squid -k shutdown

Step 2-
Erase all the files in your cache directory
rm -fr /var/lib/squid/cache/*

Step 3 -
Re-create the swap directory structure:
squid -z

Step 4 -
start squid again...

Ques 8. Which browsers are supported by proxy?

Most of browsers are compatible with proxy like –

Mac - Safari, Firefox and Chrome
Windows - Internet Explorer, Firefox and Chrome

Ques 9. What are key considerations while selecting a proxy server?

Some of key considerations while selecting proxy server are -

 Does the proxy support all the protocol types like http and https
 Concurrent users supported
 Server Throughout
 Feature support like URL filtering, caching etc

Ques 10. What is HTTP proxy?

An HTTP Proxy is a server that receives requests from Client (i.e. web browser of end user)
and then makes the request to the Web Server on behalf of Client. It then returns the results
to the browser. It also caches the data for improved end user experience. In short, HTTP
Server receives request from a Client (in most cases a Browser) and then acting as an HTTP
Client and making requests on behalf of other HTTP Clients.
Ques 11. What is SOCKS proxy?

A SOCKS server is a general purpose proxy server that establishes a TCP connection to another
server on behalf of a client, then routes all the traffic back and forth between the client and the
server.
The SOCKS server does not interpret the network traffic between client and server in any way,
and is often used because clients are behind a firewall and are not permitted to establish TCP
connections to servers outside the firewall unless they do it through the SOCKS server

Ques 12. What is difference between proxy and NAT?

Difference between proxy and NAT has been enlisted below -

Ques 13. What is Proxy chaining?
Proxy chaining is merely connecting to more than one proxy and then to your intended
destination. We can use many proxy servers as required.

By using proxy chaining, we will have following setup -

Client computer => proxy1 => proxy2 => ... => proxy X => web-site

When using proxy chaining, we create one "virtual proxy". And when you want to use chain
proxy1 => proxy2 => ... => proxy X you need to use address of created "virtual proxy". This
address you will know when you set up your chain of proxies.
 Proxy chaining involves forwarding traffic from one proxy server to another. This method
leverages existing proxy servers, with no additional changes to the network.

Ques 14. What is PAC File?

A PAC file is a text file (coded in JavaScript) that instructs a web browser to determine whether
to send web traffic direct to the Internet or be sent via a proxy server .For example, a PAC file
can specify on what days of the week or what hours of the day traffic is sent to a proxy, or for
which domains and URLs traffic is not sent to a proxy.PAC files can control how a web browser
handles HTTP, HTTPS, and FTP traffic.

Ques 15. Which network ports need to be open in firewalls to allow use of the proxy service?

Generally proxy works on port 8080, 80 or 3128 which needs to be allowed on firewall.

Ques 16. How to manually configure proxy IP in Windows Operating system?

Set up a proxy manually in Windows 10 -

Step 1 -
Open Settings.

Step 2 -
Click Network & Internet.
The list of network- and Internet-related settings appears.

Step 3 -
Click Proxy.
The list of available proxy settings appears.

Step 4 -
In the Manual Proxy Setup section, set the Use a Proxy Server switch to On.

Step 5 -
In the Address field, type the IP address.

Step 6 -
In the Port field, type the port.

Step 7 -
Click Save; then close the Settings window.

Ques 17. What is the default port of squid and how to change its operating port?
 By default, Squid launches listens on port 3128.With understanding that current port in use is
3128 and we need to change it to 3130, next step is to find configuration file as below –

Step 1 –
locate squid.conf
You should receive a result similar to:
/etc/squid/squid.conf

Step 2 –
Edit the squid.conf file and change configuration from “http_port 3128” to “http_port 3130”

Step3 –
Exit and save the file, and then restart Squid:

Step 4 –
Issue below command to view port number being used
Netstat –plant

The output will show new port number 1337 on which Squid is listening.

Ques 18. What is reverse proxy?

A reverse proxy is usually an Internet-facing proxy used as a front-end to control and protect
access from outside Network to a server on a private network. A reverse proxy commonly
also performs tasks such as load-balancing, authentication, decryption or caching. A reverse
proxy accepts requests from external clients on behalf of servers stationed behind it.
In the general scenario, reverse proxy performs following tasks -
- Check for validity of request from Internet client (based on configured parameters).If
rejected, the client is supplied with error message
- If above request if accepted, reverse proxy looks in cache for requested information. If
information is available in cache, it is served to the Internet based client.
- If no cached information is available, the reverse proxy sends request to destination
Content server inside LAN and further relays the required data to the end client on Internet.
The information is cached for future reference.
Ques 19. What are the different filters that we can apply using proxy?

 URL
 DNS blacklists
 URL regex filtering
 MIME
 Content keyword filtering

Ques 20. In a standard Data Center setup, Proxy server should be provisioned in which security
Zone?

Proxy Server should be stationed in DMZ Security Zone within a Data Center. This way proxy
will protect critical internal user and Business applications from being directly vulnerable to
attack from Internet/outside world.