Upload
shonda-strickland
View
218
Download
2
Embed Size (px)
Citation preview
SOCKS
By BITSnBYTES
(Bhargavi, Maya, Priya, Rajini and Shruti)
Outline
Definition History Major components Working Features Functions Applications
Need for protocol
Widespread use of firewalls
Need to provide a general framework for sophisticated application layer protocols to transparently and securely traverse a firewall with strong authentication capabilities
Need to provide a framework for client-server applications in both TCP and UDP domains to conveniently and securely use the services of a network firewall
What is SOCKS?
Acronym for SOCKet Secure
Networking proxy protocol for TCP/IP based network applications
Intermediate layer between application layer and transport layer
History
Originally developed by David Koblas in 1992
Protocol extended to version 4 by Ying-Da Lee of NEC
Designed to allow clients to communicate with Internet servers through firewalls
Two major versions of SOCKS – SOCKS V4 SOCKS V5
Components of SOCKS
SOCKS server – implemented at the application layer
SOCKS client – implemented between application and transport layer
SOCKS Server
SOCKS Client
Application Layer
Transport Layer
Application Layer
Secure Proxy data channel
How does it work? Establishes a secure proxy data channel between two computers in
a client/server environment
SOCKS server handles requests from clients inside a network's firewall and allows/rejects connection requests, based on the requested Internet destination or user identification
Once a connection and a subsequent "bind" request have been set up, the flow of information exchange follows the usual protocol
Client's perspective - SOCKS is transparent
Server's perspective - SOCKS is a client
How does it work?
SOCKS is typically implemented on proxy servers
SOCKS uses sockets to represent and keep track of individual connections
Client side of SOCKS is built into Web browsers
Server side can be added to a proxy server
The SOCKS server – authenticates and authorizes requests establishes a proxy connection relays data between hosts
Relation with OSI reference model
Purpose of SOCKS
Enables Hosts on one side of the SOCKS server to gain access to the other side of the SOCKS server without requiring direct IP-reachability
Clients behind a firewall wanting to access exterior servers connect to a SOCKS proxy server which controls the eligibility of the client to access the external server and passes the request on to the server.
Major Functions
The SOCKS protocol performs four functions: Making connection requests Setting up proxy circuits Relaying application data Performing user authentication (optional)
Two versions of SOCKS
SOCKSv4 Makes connection request Sets up proxy server Relays application data
SOCKSv5 Adds authentication to V4
- Username/Password (RFC 1929)
- GSS-API (RFC 1961) Authentication Method Negotiation Address Resolution Proxy UDP proxy
Control flow of SOCKS
Features
Allows for transparent network access across multiple proxy servers
Provides a flexible framework for developing secure communications by easily integrating other security technologies
Rapid deployment of new network applications
Simple network security policy management
Benefits
Single communication protocol to authenticate users and establish communication channels
Universal – works with several internet protocols
Application-Independent proxy
Can be used with either UDP or TCP based protocols
Bi-directional proxy support
Benefits (continued..)
Easy deployment of authentication and encryption methods
Firewall tunneling service - allows many machines behind a firewall to access the Internet without actually being on the Internet themselves
Drawbacks
SOCKS v4 does not support UDP and authentication
The SOCKSv5 protocol does not support SOCKSv4 protocol
SOCKS implementations do not support data encryption (except for some commercial software) making data transfers vulnerable to interception
Applications Most common use - Network firewall
Authorized data relay between Hosts
Supported as a proxy configuration option in popular Web browsers and instant messaging programs
Found in some VPN implementations
Emerging as one of the best ways to secure multimedia applications across the Internet
Summary
SOCKS is easy to deploy and manage
SOCKS is transparent to the user, while providing multiple layers of security
Allows client-server applications to transparently use the services of a network firewall without requiring direct IP-rechability
References
RFC 1928 - base SOCKS v5 specification
RFC 1929 , RFC 1961 - additional details
http://www.socks.permeo.com/AboutSOCKS/SOCKSOverview.asp
http://whatis.techtarget.com/definition/0,,sid9_gci213023,00.html
http://www.socks.permeo.com/TechnicalResources/SOCKSFAQ/SOCKSGeneralFAQ/index.asp
The SOCKS reference architecture and client are owned by Permeo Technologies, spin-off from NEC. NEC Corporation has promoted SOCKS.
A SOCKSv4 implementation is available through anonymous ftp from ftp://ftp.nec.com:/pub/socks/
SOCKV5 Reference implementation by Permeo.
Questions?