An open proxy is a public proxy server that allows all Internet users to use its service and does not require a password to logon and use.
The so-called “anonymous” open proxies, allows a user to hide his IP address from the accessed service. Running as open proxies is a high risk because this allows abusers to hide behind someone else’s address. When using an open proxy server the computer makes a direct connection to a different computer that the user has no information about. Thus, the user may trust email messages, passwords or sensitive information to the person running the server. Further more there are the so-called “honey proxies” or “honey pots”, that trace and log everything that is done trough them.
Most of the attacks are using open proxies: as they are easy to use and there are plenty of lists available on the Internet. It is possible for a computer to run as an open proxy server and the owner doesn’t even know – due to misconfiguration of the proxy server. Novice administrators setup proxy servers with access rights that allow anyone to connect. A hacker can setup a proxy server on a victim’s computer and wait for a scanner to find it. Spammers prefer open proxies not just because they are anonymizing their identity while surfing through web pages, but also because they can send unsolicited emails and to connect to chat networks.