I’m going to need an ELI5 because I have read several explanations online, and I still don’t fully understand what makes them different. Why would you want to use one over the other? Don’t they both just forward your internet traffic? How do they work, in general?

  • TootSweet@lemmy.world
    link
    fedilink
    English
    arrow-up
    25
    ·
    3 months ago

    Ooo. This is a good one.

    A computer can have more than one network interface, right? (Like, you can be plugged into ethernet at home but also connected to the WIFI of the coffee shop across the street.)

    A VPN gives you a whole new network device (“virtual ethernet card” if you will) that works as if that card was connected to some LAN somewhere else. Typically, you’d forward “all” of your computer’s/smartphone’s/etc traffic through the VPN so that your computer “thinks it’s on that remote LAN” rather than on your home WIFI or whatever.

    Proxies… well the term can mean a few different things in different contexts, really. But generally you’re not forwarding “all” traffic through them, just HTTP traffic (and usually only a subset of all HTTP traffic) or just traffic that is specifically told to be forwarded through them.

    An opaque web proxy is one that you can point your browser (or other HTTP interface) to. It won’t handle protocols other than HTTP. And when you want to use an opaque web proxy, your HTTP client has to know how to do that. (Whereas with VPN’s, it’s your operating system, not your individual applications, that need to know how to forward through it.)

    A transparent web proxy can be something you (and your apps and OS) don’t know you’re even using. When you point your browser or app to a Lemmy instance, it’s almost certain that the domain is pointed not at an application server that actually runs the Lemmy code, but rather at a transparent web proxy that does stuff on the instance-owner’s end like preventing spamming or whatever. This type of proxy is sometimes called a “reverse web proxy” and can also only work with HTTP.

    A SOCKS proxy, like an opaque web proxy, requires applications to know how to use it. (Ok, technically that’s not 100% true. It’s possible in some cases to have a transparent proxy of some sort forward through a SOCKS proxy in a way that the application doesn’t know SOCKS is involved. There are also some cool OS-level hacks that can force an app to go through a SOCKS proxy without the app knowing anything about SOCKS. But if you’re doing those things, you’re a hacker.) And with a SOCKS proxy, your computer doesn’t “think” it’s connected to a whole different LAN. Individual applications know that they’re forwarding through SOCKS. SOCKS supports more protocols than just HTTP. Probably all TCP-based protocols, but I don’t think it has any support for UDP. So you won’t be torrenting through SOCKS.

    That’s all I can think to say at the moment. There are special-purpose proxies for things like security auditing (like Burp Suite, for instance.) But I’m guessing that’s not the sort of thing you’re asking about.

    • OtterA
      link
      fedilink
      English
      arrow-up
      4
      ·
      3 months ago

      Very detailed, thank you for writing it up :)

    • takeheart@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      3 months ago

      Never knew about transparent web proxies. Neat. Do they play a part in commercial DDOS protection? I’m thinking of those please wait while we’re evaluating your request messages that you get on some sites. But also about any methods used to prove that you are human.

      • TootSweet@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        3 months ago

        Do they play a part in commercial DDOS protection?

        Absolutely! As well as mitigating other types of threats. “Web Application Firewalls” (don’t be fooled, they’re not like regular firewalls really) are a type of transparent web proxy that watch requests for anything that “looks like” a SQL injection or XSS payload and block those requests if necessary. Transparent web proxies may also do things like caching or even “honeypot” functionality that may shunt likely bot traffic to a fake version of the website to prevent scraping of real site content.