许多人可能认为http代理就是只为web服务提供的,其实他们还忽略了http代理的connect作用。以下引用一段文字作为解析。
HTTP Tunneling
HTTP is a text-based protocol to retrieve Web pages through a Web browser. Mostly, if you are on a LAN connection, you are behind a proxy server; this proxy server has one HTTP proxy running on some defined port. In your Internet Explorer's Connection option, you specify LAN settings as required. This proxy server is definitely running on a text-based protocol, and you can only get HTTP-related data from the outside network, right!! Well, there is a small loophole from which you can go through HTTP and connect to the outside world and get any data you want in binary protocol, or even your own protocol. It's through HTTPS.
HTTPS Explanation
In HTTPS, data is transferred from browser to server and server to browser in a secure manner. It's a binary protocol; when it goes through a proxy, the proxy doesn't understand anything. The proxy just allows a binary stream to open and lets both server and client exchange the data. Now, we can fool the proxy server and connect to any server and exchange data. The proxy server will think that we are doing some secure HTTP session.
对于HTTP代理,不少人有认识上的误区,有必要说明一下,不是所有的HTTP代理都只能代理HTTP的,HTTP CONNECT代理服务器是一种能够允许用户建立TCP连接到任何端口的代理服务器,这意味着这种代理不仅可用于HTTP,还包括FTP、IRC、RM流服务等,甚至扫描、攻击。
ISA防火墙会默认封阻SSL端口443以外的其他connect的端口,以防止被人滥用作扫描,攻击或发垃圾邮件。如果我们需要穿透ISA的封阻,我们可以connect 443端口,然后把443映射为我们需要连接的真正端口。
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
