SOCKS

1
SOCKS

• By
• BITSnBYTES
• (Bhargavi, Maya, Priya, Rajini and Shruti)

2
Outline

• Definition
• History
• Major components
• Working
• Features
• Functions
• Applications

3
Need for protocol

• Widespread use of firewalls
• Need to provide a general framework for
  sophisticated application layer protocols to
  transparently and securely traverse a firewall
  with strong authentication capabilities
• Need to provide a framework for client-server
  applications in both TCP and UDP domains to
  conveniently and securely use the services of a
  network firewall

4
What is SOCKS?

• Acronym for SOCKet Secure
• Networking proxy protocol for TCP/IP based
  network applications
• Intermediate layer between application layer and
  transport layer

5
History

• Originally developed by David Koblas in 1992
• Protocol extended to version 4 by Ying-Da Lee of
  NEC
• Designed to allow clients to communicate with
  Internet servers through firewalls
• Two major versions of SOCKS
• SOCKS V4
• SOCKS V5

6
Components of SOCKS
Secure Proxy data channel

• SOCKS server implemented at the application
  layer
• SOCKS client implemented between application
  and transport layer

7
How does it work?

• Establishes a secure proxy data channel between
  two computers in a client/server environment
• SOCKS server handles requests from clients inside
  a network's firewall and allows/rejects
  connection requests, based on the requested
  Internet destination or user identification
• Once a connection and a subsequent "bind" request
  have been set up, the flow of information
  exchange follows the usual protocol
• Client's perspective - SOCKS is transparent
• Server's perspective - SOCKS is a client

8
How does it work?

• SOCKS is typically implemented on proxy servers
• SOCKS uses sockets to represent and keep track of
  individual connections
• Client side of SOCKS is built into Web browsers
• Server side can be added to a proxy server
• The SOCKS server
• authenticates and authorizes requests
• establishes a proxy connection
• relays data between hosts

9
Relation with OSI reference model
10
Purpose of SOCKS

• Enables Hosts on one side of the SOCKS server to
  gain access to the other side of the SOCKS server
  without requiring direct IP-reachability
• Clients behind a firewall wanting to access
  exterior servers connect to a SOCKS proxy server
  which controls the eligibility of the client to
  access the external server and passes the request
  on to the server.

11
Major Functions

• The SOCKS protocol performs four functions
• Making connection requests
• Setting up proxy circuits
• Relaying application data
• Performing user authentication (optional)

12
Two versions of SOCKS

• SOCKSv4
• Makes connection request
• Sets up proxy server
• Relays application data
• SOCKSv5
• Adds authentication to V4
• - Username/Password (RFC 1929)
• - GSS-API (RFC 1961)
• Authentication Method Negotiation
• Address Resolution Proxy
• UDP proxy

13
Control flow of SOCKS
14
Features

• Allows for transparent network access across
  multiple proxy servers
• Provides a flexible framework for developing
  secure communications by easily integrating other
  security technologies
• Rapid deployment of new network applications
• Simple network security policy management

15
Benefits

• Single communication protocol to authenticate
  users and establish communication channels
• Universal works with several internet protocols
• Application-Independent proxy
• Can be used with either UDP or TCP based
  protocols
• Bi-directional proxy support

16
Benefits (continued..)

• Easy deployment of authentication and encryption
  methods
• Firewall tunneling service - allows many machines
  behind a firewall to access the Internet without
  actually being on the Internet themselves

17
Drawbacks

• SOCKS v4 does not support UDP and authentication
• The SOCKSv5 protocol does not support SOCKSv4
  protocol
• SOCKS implementations do not support data
  encryption (except for some commercial software)
  making data transfers vulnerable to interception

18
Applications

• Most common use - Network firewall
• Authorized data relay between Hosts
• Supported as a proxy configuration option in
  popular Web browsers and instant messaging
  programs
• Found in some VPN implementations
• Emerging as one of the best ways to secure
  multimedia applications across the Internet

19
Summary

• SOCKS is easy to deploy and manage
• SOCKS is transparent to the user, while providing
  multiple layers of security
• Allows client-server applications to
  transparently use the services of a network
  firewall without requiring direct IP-rechability

20
References

• RFC 1928 - base SOCKS v5 specification
• RFC 1929 , RFC 1961 - additional details
• http//www.socks.permeo.com/AboutSOCKS/SOCKSOvervi
  ew.asp
• http//whatis.techtarget.com/definition/0,,sid9_gc
  i213023,00.html
• http//www.socks.permeo.com/TechnicalResources/SOC
  KSFAQ/SOCKSGeneralFAQ/index.asp

21

• The SOCKS reference architecture and client are
  owned by Permeo Technologies, spin-off from NEC.
  NEC Corporation has promoted SOCKS.
• A SOCKSv4 implementation is available through
  anonymous ftp from ftp//ftp.nec.com/pub/socks/
• SOCKV5 Reference implementation by Permeo.

22
Questions?