this post was submitted on 09 Sep 2024
76 points (100.0% liked)

No Stupid Questions

35716 readers
1470 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.



Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.



Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- Majority of bots aren't allowed to participate here.



Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 1 year ago
MODERATORS
 

I'm going to need an ELI5 because I have read several explanations online, and I still don't fully understand what makes them different. Why would you want to use one over the other? Don't they both just forward your internet traffic? How do they work, in general?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 25 points 2 months ago (2 children)

Ooo. This is a good one.

A computer can have more than one network interface, right? (Like, you can be plugged into ethernet at home but also connected to the WIFI of the coffee shop across the street.)

A VPN gives you a whole new network device ("virtual ethernet card" if you will) that works as if that card was connected to some LAN somewhere else. Typically, you'd forward "all" of your computer's/smartphone's/etc traffic through the VPN so that your computer "thinks it's on that remote LAN" rather than on your home WIFI or whatever.

Proxies... well the term can mean a few different things in different contexts, really. But generally you're not forwarding "all" traffic through them, just HTTP traffic (and usually only a subset of all HTTP traffic) or just traffic that is specifically told to be forwarded through them.

An opaque web proxy is one that you can point your browser (or other HTTP interface) to. It won't handle protocols other than HTTP. And when you want to use an opaque web proxy, your HTTP client has to know how to do that. (Whereas with VPN's, it's your operating system, not your individual applications, that need to know how to forward through it.)

A transparent web proxy can be something you (and your apps and OS) don't know you're even using. When you point your browser or app to a Lemmy instance, it's almost certain that the domain is pointed not at an application server that actually runs the Lemmy code, but rather at a transparent web proxy that does stuff on the instance-owner's end like preventing spamming or whatever. This type of proxy is sometimes called a "reverse web proxy" and can also only work with HTTP.

A SOCKS proxy, like an opaque web proxy, requires applications to know how to use it. (Ok, technically that's not 100% true. It's possible in some cases to have a transparent proxy of some sort forward through a SOCKS proxy in a way that the application doesn't know SOCKS is involved. There are also some cool OS-level hacks that can force an app to go through a SOCKS proxy without the app knowing anything about SOCKS. But if you're doing those things, you're a hacker.) And with a SOCKS proxy, your computer doesn't "think" it's connected to a whole different LAN. Individual applications know that they're forwarding through SOCKS. SOCKS supports more protocols than just HTTP. Probably all TCP-based protocols, but I don't think it has any support for UDP. So you won't be torrenting through SOCKS.

That's all I can think to say at the moment. There are special-purpose proxies for things like security auditing (like Burp Suite, for instance.) But I'm guessing that's not the sort of thing you're asking about.

[–] [email protected] 2 points 2 months ago (1 children)

Never knew about transparent web proxies. Neat. Do they play a part in commercial DDOS protection? I'm thinking of those please wait while we're evaluating your request messages that you get on some sites. But also about any methods used to prove that you are human.

[–] [email protected] 3 points 2 months ago* (last edited 1 month ago)

Do they play a part in commercial DDOS protection?

Absolutely! As well as mitigating other types of threats. "Web Application Firewalls" (don't be fooled, they're not like regular firewalls really) are a type of transparent web proxy that watch requests for anything that "looks like" a SQL injection or XSS payload and block those requests if necessary. Transparent web proxies may also do things like caching or even "honeypot" functionality that may shunt likely bot traffic to a fake version of the website to prevent scraping of real site content.

[–] [email protected] 4 points 2 months ago

Very detailed, thank you for writing it up :)