SOCKS (SOCKET SECURE)PRESENTATION BY:GROUP KANGKONG

Members: Eddy Kang

Leo Kong

CMPE209

SOCKS AGENDA

What is SOCKS? Characteristic/Advantages of SOCKS Applications Security Case Study Reference Q&A

2

WHAT IS SOCKS? SOCKS = Secured Over Credential-

based Kerberos Services

Proxy definition: Server that relays request from a client to a server

SOCKS is protocol that defines the communication from user to the proxy

SOCKS relays a user’s TCP/UDP session over a firewall.

Allow transparent access for the application users.

3

Similar to a HTTP Proxy

WHAT IS SOCKS?

User

SOCKS Proxy

Internet

Web Server

4

SOCKS is part of Session layer.

Transparent support for any protocols above of Session layers.

CHARACTERISTICS AND ADVANTAGES OF SOCKS

5

Two versions of SOCKS SOCKSv4 SOCKSv5

How does it work: 3 steps Generation of connection requests Establishment of proxy circuits Relaying applicative data Authentication (only in version 5)

CHARACTERISTICS AND ADVANTAGES OF SOCKS

6

CHARACTERISTICS AND ADVANTAGES OF SOCKS

Any applications can use SOCKS

Support UDP (version 5)

Proxy bi-directional Use domain name (DNS) instead of IP address

Authentication is available in version 5 to assure user identity and its privileges.

7

APPLICATIONS

SOCKS can be use by anyone, companies or individual

Sample Servers available online:SS5 Socks ServerOpenSSH (support SOCKS)WinSocks - Socks Proxy Server

Sample Clients available online:WideCapHTTP-Tunnel ClientProxyCap 8

SECURITY ABOUT SOCKS

ONLY a protocol that routes network packets between client and the SOCKS proxy server

No built-in security feature besides Authentication in Version 5

Needs to pair with security protocol to secure communication: ex, SSH, HTTPS, etc.

Security Goal Features

Confidentiality None

Integrity None

Authentication Available in V5

9

SOCKS CASE STUDY:HTTP PROXY WITH FIREWALL

User

FireW

all

Web/HTTP Proxy

Internet

Web Server

Contents are readable by Administrator.Use for controlling user access to external sites.

Control by Administrator

10

SOCKS CASE STUDY:SOCKS PROXY WITH FIREWALL

SOCKS Proxy overview behind firewall

User

FireW

all

SOCKS Proxy

Internet

Unapproved Web Server

Use SSH to connect with SOCKS Proxy to prevent snooping by Administor

Web/HTTP Proxy

11

SOCKS CASE STUDY: SOCKS PROXY

Data sent between User and SOCKS Proxy are not secured. No Confidentiality/Integrity is guaranteed Authentication is available in Version 5 only. Recommend to use SSH Tunnel between User and SOCKS Proxy. HTTP Request still in clear text leaving SOCKS Proxy => Use HTTPS.

User

SOCKS Proxy

Internet

Web Server

SOCKS only provides limited anonymity.Mask traffic-source with socks proxy.

=> Information sent are still NOT secured.

12

SOCKS CASE STUDY:ANONYMITY SOFTWARE USING

SOCKS

TOR uses SOCKS proxy to provide anonymity to users.

User

SOCKS Proxy

Remote Server

Node

Node

Node

Node

NodeNode

13

REFERENCE

Wikipedia: http://en.wikipedia.org/wiki/SOCKS

RFC 1929 Username/Password Authentication for SOCKS

ver 5 RFC1928

SOCKS Protocol ver 5 RFC 1961

 GSS-API Authentication Method for SOCKS ver 5

14

?15