Transparent Proxy : Detect, Expose & Explain

This article has been simplified for a rather non-technical audience, as a result, security experts might find that some of the terms and concepts can be interpreted differently if looked upon from an experienced security expert’s point of view.

Transparent Proxy : The Risks

Detect a Transparent Proxy , protect your traffic using VPN

Detect a Transparent Proxy, protect your traffic using VPN

Please refer to the illustration above, as you can see you are sending your HTTP web traffic to any given website, your traffic is intercepted by your ISP  “a.k.a Internet Provider” and redirected to an ISP server which runs a proxy “a.k.a middleman” this ISP Proxy can and probably does log all your traffic, what you visited when you did visit and so on. More importantly, all of your unencrypted clear text traffic can easily be read by anyone who has access to that server, that includes passwords, emails, private messages and so on. Essentially, your ISP is pulling a MITM “Man In The Middle” attack on you using the ISP Proxy. It is probably bad enough that governments do this, but having an ISP employee looking at your traffic in a rather un-monitored environment is a different story.

This is more common in EU, the US and CA than you might think, I do interact with hundreds of users a week and I know for a fact that a lot of users in the mentioned regions are victims of Transparent proxies and DNS Hijacking. A thought to consider

Transparent Proxy – How to Detect

Depending on your ISP’s configuration of the transparent proxy it might be anywhere from easy to close to impossible to detect a transparent proxy. If the tests below show you do not have a transparent proxy, you might still be behind one. If you are on the paranoid side, see the protection mechanisms in the next section.

  • Visit whatismyip.network/proxy-check if it says you are behind a proxy or you are probably behind a proxy, then you are behind one.
  • If whatismyip.network/proxy-check does say “No Proxies Detected” go to whatismyip.network. If the two IPs reported by these two sites differ, you are certainly behind a transparent proxy.
  • There are more advanced ways that would require above average technical expertise and access to tools that can give a more confirmed result. However, keep in mind that the first two steps above are not 100% accurate.
  • One more way to detect you are behind a transparent proxy follows: If you try to use a Smart DNS Proxy such as Unlocator to unblock Netflix, Hulu, Amazon Instant Player or BBC IPlayer from within or outside the USA, it probably won’t work. The reason being that a transparent proxy breaks the Smart DNS logic.

Transparent Proxy – Protect your Privacy

Detect a Transparent Proxy , protect your traffic using VPN

Detect a Transparent Proxy, protect your traffic using VPN

The best way to protect your traffic from interception, tampering, and spying is by using a VPN. A VPN or Virtual Private Network creates an encrypted virtual tunnel between yourself and the VPN server, this encrypted tunnel is like a stealth shield for your traffic. A VPN will protect your traffic and thus your privacy. As a result, the ISP cannot intercept or decrypt your traffic and your traffic will NOT go through the ISP Transparent Proxy. Please have a look at the illustration above, once you have a VPN tunnel setup your traffic goes encrypted to the VPN server, and from there on it goes like normal to the website, the ISP can see that you are generating traffic but it does not know what it is, or what the final destination is. The best part is yet to come, all you need is a VPN subscription and a few minutes of your time and you can have VPN running on all supported devices you own “PC, Ipad, iPod, iPhone, Android, Supported routers and many more“. I personally use a VPN service called ExpressVPN, at the time of writing they encrypt the traffic using the highest available commercial standards, it takes a few minutes from signup to being protected from spying and tampering.ExpressVPN does provide applications for IOS – Android – Windows and Macs.

You can use any of the VPN providers beneath to bypass transparent proxies.

Transparent Proxies – Solutions

Before you leave this post, I’d like to throw in one more bonus of using VPN. A VPN server can allow you to appear be coming from a lot of different locations, so you can get US content while not in the USA “Netflix, Hulu Plus, Pandora, US discounts for buying online” or content outside of the USA while in the USA such as “BBC Iplayer, NHL blackouts bypassing “. So if you decide to give VPN a try, please post updates on how it went.

Save