I recently learned that there are plenty of services on the internet that offer/list free public proxies (freeproxylists.net, hidemyass.com, proxyscrape.com to name a few). Is this safe? Can't an attacker easily connect to multiple of these free proxies at once and essentially build a botnet?
Asked
Active
Viewed 389 times
0
-
1Yes, they can. Any resource can be abused. – schroeder Mar 14 '21 at 19:55
1 Answers
1
A bot (as in botnet) is something different than a proxy. While attackers can use proxies to hide their own IP address from the target they can not actually control the proxies with small commands to mount large attacks against some target. A proxy just passes through the original traffic, i.e. an attacker would need to have lots of bandwidth by its own to mount an attack against some target with the same bandwidth.
A bot instead provides a way for the attacker to run arbitrary actions. Specifically it is possible to control lots of bots with only little bandwidth, but let these bots then mount bandwidth-intensive attacks against the DDoS target.
Steffen Ullrich
- 184,332
- 29
- 363
- 424
-
I would add that bot nets, like proxies, can provide anonymity to the real attacker, so in that sense there is some overlap of malicious use case. However, as Steffen says its a totally different thing. The proxy gives you zero computer power, only anonymity, and perhaps it does some bad things to you on the way (beware free proxies ) – chad Apr 19 '21 at 20:27