Hi,
A proxy will typically transmit packets on certain ports to and from
hosts. A proxy can also cache data and do NAT (Network Address
Translation) to give multiple hosts access to the Internet. You need
to configure a proxy server for each application and port. Regular
proxy servers are not geared towards security but more for performance
reasons (caching) and restricting access to certain resources (prevent
access to certain websites at a school).
A SOCKS server is a type of proxy server that allows each host behind
the server to communicate transparently with hosts on the other side
of the server. It allows the use of all sorts of applications. There
are two main versions for SOCKS: version 4 and version 5.
"The SOCKSv4 protocol defines the message format and conventions to
allow TCP-based application users transparent access across a
firewall."
SOCKSv5 adds authentication and UDP support.
I hope this short introduction was useful to understanding the basic
difference between SOCKS and regular proxies.
From a security point of view, SOCKS can be made more secure between
the clients and server by setting up an SSL connection. Therefore any
data transmitted between the clients and the server is done so
securely. Between the SOCKS server and the Internet the data will only
be secure if the application using it is secure.
For example if you connect to Amazon to purchase a product through a
SSL configured SOCKS server, the communication from your machine to
the SOCKS server will be secure. But when you browse items, Amazon
doesn't provide SSL, therefore the connection is no longer secure
between the SOCKS server and the Internet. However once you decide to
purchase an item, Amazon switches you to secure mode (notice the HTTPS
in the address bar and the padlock or key at the bottom right of the
browser). In that case the whole communication between your client and
Amazon is secure.
You can also set up a SSL enabled proxy server for secure
applications, but you would still need to provide a regular one for
non-secure applications. A SOCKS server is a more flexible solution.
Another type of security feature that is used in both cases of a
regular proxy and a SOCKS proxy, is the fact that you can set up the
range of IP addresses that can connect to your server to avoid leaving
your server as an "open proxy". Such servers can be used to relay
spam, or for other malicious activities such as Denial of Service
attacks.
For example if you want your server only for your home network, then
you would configure its allowable IP range to whatever IP addresses
your home network uses.
From the point of view of a client, both a regular proxy server and a
SOCKS server allow the client to hide its true IP from the Internet,
therefore allowing a certain degree of anonymity and increased
security from Internet "attacks".
I've included some links for further reading; I hope you find them useful.
If anything is unclear or you require any more information, please do
not hesitate to ask.
Thanks.
endo
Links:
Setting up a Secure SOCKS Proxy
http://www.jestrix.net/tuts/sslsocks.html
SOCKS: A protocol for TCP proxy across firewalls
http://archive.socks.permeo.com/protocol/socks4.protocol
SOCKS
http://www.socks.permeo.com/AboutSOCKS/SOCKSOverview.asp
SOCKS Proxy + SSL Tunnel
http://www.codeproject.com/java/socksproxy.asp
Proxy Server
http://en.wikipedia.org/wiki/Proxy_server
SOCKS
http://en.wikipedia.org/wiki/SOCKS
Proxy Servers FAQ
http://www.stayinvisible.com/index.pl/proxy_servers_faq
Search Strategy:
proxy socks security
://www.google.com/search?q=proxy+socks+security&btnG=Search
proxy ssl
://www.google.com/search?q=proxy+ssl
secure proxy
://www.google.com/search?q=secure+proxy |
,
0 Comments
)