Protocol Shorts: MITM Proxies and Transparent L4 Interception

Season 1 · Episode 31 · 16:13

Show notes

episode 31 — Protocol Shorts: MITM Proxies and Transparent L4 Interception.

In this second "Protocol Shorts" episode, we look at man-in-the-middle proxies from the transport layer up. The episode explains how HTTP proxies, HTTP CONNECT, and SOCKS5 differ, why they all assume a proxy-aware client, and what changes when a transparent layer 4 proxy is inserted by the operating system instead.

From there, we dig into protocol detection from the first bytes on the wire and into the BridgeIo abstraction in Rama: a way to relay and inspect stacked handshakes incrementally instead of terminating every protocol upfront.

Learn more

Rama

If you like this podcast you might also like our modular network framework in Rust: https://ramaproxy.org

Chapters

  • Intro
  • Understanding Proxies: The Basics
  • Diving Deeper into Proxy Types
  • Layer 4 Proxies: A New Approach
  • Challenges of Transparent Proxies
  • Bridging Conversations: A New Insight
  • Example: HTTPS request within a SOCKS5 tunnel
  • Layer 4 Proxies and Protocol Reconstruction
  • Outro

Netstack.FM

Music for this episode was composed by Dj Mailbox. Listen to his music at https://on.soundcloud.com/4MRyPSNj8FZoVGpytj

Transcript

Loading transcript…

Transcript

On this page

← All episodes