Transcript SOCKS (SOCKet Secure) Presentation by: Group KangKong

SOCKS
(SOCKET SECURE)
PRESENTATION BY:
GROUP KANGKONG
CMPE209
Members:
Eddy Kang
Leo Kong
SOCKS AGENDA
 What
is SOCKS?
 Characteristic/Advantages of SOCKS
 Applications
 Security
 Case Study
 Reference
 Q&A
2
WHAT IS SOCKS?
 SOCKS
= Secured Over Credential-based
Kerberos Services
 Proxy
definition: Server that relays request
from a client to a server
 SOCKS
is protocol that defines the
communication from user to the proxy
 SOCKS
relays a user’s TCP/UDP session
over a firewall.
 Allow
users.
transparent access for the application
3
WHAT IS SOCKS?

Similar to a HTTP Proxy
User
Web Server
Internet
SOCKS Proxy
4
CHARACTERISTICS AND ADVANTAGES OF
SOCKS
SOCKS is part of Session
layer.
 Transparent support for
any protocols above of
Session layers.

5
CHARACTERISTICS AND ADVANTAGES OF
SOCKS

Two versions of SOCKS



SOCKSv4
SOCKSv5
How does it work: 3 steps




Generation of connection requests
Establishment of proxy circuits
Relaying applicative data
Authentication (only in version 5)
6
CHARACTERISTICS AND ADVANTAGES OF
SOCKS

Any applications can use SOCKS

Support UDP (version 5)

Proxy bi-directional


Use domain name (DNS) instead of IP address
Authentication is available in version 5 to assure
user identity and its privileges.
7
APPLICATIONS
 SOCKS
can be use by anyone, companies or
individual
 Sample



SS5 Socks Server
OpenSSH (support SOCKS)
WinSocks - Socks Proxy Server
 Sample



Servers available online:
Clients available online:
WideCap
HTTP-Tunnel Client
ProxyCap
8
SECURITY ABOUT SOCKS
ONLY a protocol that routes network packets
between client and the SOCKS proxy server
 No built-in security feature besides
Authentication in Version 5
 Needs to pair with security protocol to secure
communication: ex, SSH, HTTPS, etc.

Security Goal
Features
Confidentiality
None
Integrity
None
Authentication
Available in V5
9
SOCKS CASE STUDY:
HTTP PROXY WITH FIREWALL
User
FireWall
Web Server
Internet
Web/HTTP
Proxy
Control by Administrator
Contents are readable by Administrator.
Use for controlling user access to external sites.
10
SOCKS CASE STUDY:
SOCKS PROXY WITH FIREWALL
User
FireWall
Unapproved
Web Server
Internet
Web/HTTP
Proxy
SOCKS Proxy
Use SSH to connect with
SOCKS Proxy to prevent
snooping by Administor
11

SOCKS Proxy overview behind firewall
SOCKS CASE STUDY:
SOCKS PROXY
User
Web Server
Internet
SOCKS Proxy
SOCKS only provides limited anonymity.
Mask traffic-source with socks proxy.
=> Information sent are still NOT secured.





Data sent between User and SOCKS Proxy are not secured.
No Confidentiality/Integrity is guaranteed
Authentication is available in Version 5 only.
Recommend to use SSH Tunnel between User and SOCKS Proxy.
HTTP Request still in clear text leaving SOCKS Proxy => Use HTTPS.
12
SOCKS CASE STUDY:
ANONYMITY SOFTWARE USING SOCKS
Remote
Server
User
Node
SOCKS Proxy

Node
Node
Node
Node
Node
TOR uses SOCKS proxy to provide anonymity to
users.
13
REFERENCE

Wikipedia:


RFC 1929


Username/Password Authentication for SOCKS ver 5
RFC1928


http://en.wikipedia.org/wiki/SOCKS
SOCKS Protocol ver 5
RFC 1961

GSS-API Authentication Method for SOCKS ver 5
14
?
15