The ProxyCheck plug-in allows detecting whether your customer uses an unauthorized proxy server or not. And if so, this may mean that you are dealing with potential spammer.
Proxy servers with unauthorized access (open proxies) accept and process requests from users outside the network they serve putting out the welcome mat for spammers who want to hide their true IP address. In many cases, spammers gain access to individual systems by taking advantage of open relays or open proxies.
As if that were not enough, however, some spammers now gain access to PCs by duping users into installing virus-laden applications. These viruses can install open proxies on otherwise secure systems and set up e-mail generators that surreptitiously exploit the victim's resources to foist a steady stream of spam on other people.
Most users learn that their systems have been invaded only occasionally (for example if their ISP traces the spam back to their computer and notifies them).
Carders also use viruses to redirect a victim's traffic via open proxies in order to steal credit card information a user enters on request.
Using the ProxyCheck, you can warn your clients whenever they are running insecure proxy services.
The ProxyCheck plug-in provided in HSPcomplete detects an open proxy by attempting to establish the connection to a particular probe host via a customer's host. As a probe host you can use one of your own servers available via the Internet and returning a pre-defined string while connecting to it. When a plug-in receives a pre-defined string from your probe host, this means that a customer's host runs open proxy since it has accepted your request without any authorization and let you go further to your destination (probe host).
To configure the ProxyCheck plug-in:
- Click the Edit button on the plug-in screen and fill the form that appears:
- Type your probe server URL into the Probe url field.
- Enter the pre-defined string your probe server returns on connection into the Reply field.
- Click the Save button.