Proxies can be used both for the good and the bad, anyway they are still being made – new and new proxies are coming in daily for this reason.

A proxy server is a software program that enables multiple computers to share a single internet connection. A properly functioning and secure proxy server only accepts connections from the local addresses on the local area network that it shares the Internet connection for, and then handles the sending and recieving of requests on the Internet.

An “open” or insecure proxy server will accept any requests from any computer (whether on the local area network it’s supposed to be sharing the internet connection for or any computer on the internet) to share the internet connection. This enables any user with sufficient knowlege to use your internet connection for whatever they want if you have an insecure proxy server running.

In most cases an open proxy is unknown to the server owner. This can result from misconfiguration of proxy software running on the computer, or from infection with malware (viruses, trojans or worms) designed for this purpose. There are hundreds of thousands of open proxies online. Many open proxies run very slowly, while other times the speed may change from fast to slow every minute.

Some proxy-websites actively scan for such open proxy servers. Proxy scanning is pretty much having software connect to every IP in a range on a given port to test them to see if they have SQUID or another proxy installed. Active scanning for proxies may be detected by Intrusion Detection Systems (IDS) and considered as illegal activity.  That’s why many proxy sites come and go very quickly, except for those sites that use legal methods to search for proxies: free online proxy lists, the headers of spam mail, web server log files etc.

The primary argument against open proxies is that their owners may not have intended for them to be used by the public. However, intent is a difficult thing to judge, especially when you’re talking to a computer. By running a service on a machine accessible to the public, without restricting access to that service, a proxy’s administrator is not explicitly denying that service to the public.

In a sense, a proxy server is just like a web server, an FTP server, or any other net service: if it’s running and accepting connections, it’s fair game. The internet is a public network, and if you’re running a server you can hardly be surprised when someone uses it.

According to to U.S. law, 18 U.S.C. § 1030 (Fraud and Related Activity in Connection with Computers) applies only when anyone who knowingly accesses a computer without authorization or has knowingly exceeds his authorized access on that computer. Because an opened proxy, by default, allows connections and use of the service by anyone in the WWW, its administrator has essentially authorized everyone to use the proxy.

Because open proxies are often implicated in abuse, a number of methods have been developed to detect them and to refuse service to them.