Download presentation
Presentation is loading. Please wait.
Published byDerek Pope Modified over 8 years ago
1
Team: Unison Richard Bhuleskar Atul Patil Vinit Mahedia Virendra Kucherriya Vasanthnag Vasili
2
Abbreviation for “SOCKetS”. Allows client-server applications to transparently use the services which are behind network firewall. General Proxy for TCP/IP based applications.
3
Need generic framework to transparently and securely traverse firewall. Need strong authentication for traversal. Conveniently and Securely use firewall services.
4
SOCKS and OSI Application Transport Physical Application Transport Physical Transport Physical ClientFirewall (SOCKS Proxy) Server
5
SOCKS Connection SOCKS SERVER Internet Web server Amazon.com SOCKS request Firewall Corporate network
6
Packet changes Destination address: amazon.com Destination port: 80 (HTTP) Data: "GET /page.html“ Destination address: socks_server.com Destination port: TCP 1080 (SOCKS) Data: Destination address = amazon.com, Destination port = TCP 80 (HTTP), Data = "GET /page.html"
7
SOCKS Flexibility SOCKS SERVER Internet SOCKS (HTTP) Firewall SOCKS (FTP) HTTP Server FTP Server
8
SOCKS in your system
9
SOCKS: Client Server Rendezvous Client Sends The Message to Server : Server Says : VERNMETHODSMETHOD 111 to 255 VERMETHOD 11
10
SOCKS : Request Structure VERCMD RSV ATYP DST.ADDRDST.PORT 11X’00’1Variable2 Where, VER : protocol version : X'05' CMD : CONNECT : X'01' BIND : X'02' UDP ASSOCIATE : X'03' RSV : RESERVED ATYP : address type of following address IP V4 address : X'01‘ DOMAINNAME : X'03‘ IP V6 address : X'04‘ DST.ADDR desired destination address DST.PORT desired destination port in network octet order
11
SOCKS : Reply Structure VERREP RSV ATYP BIND.ADDRBIND.PORT 11X’00’1Variable2 Where, VER : protocol version : X'05' CMD : X'00' succeeded X'01' general SOCKS server failure X'02' connection not allowed by ruleset X'03' Network unreachable X'04' Host unreachable X'05' Connection refused X'06' TTL expired X'07' Command not supported X'08' Address type not supported X'09' to X'FF' unassigned BIND.ADDR : Server Bound Address DST.PORT : Server Bound port in network octet order
12
Features Transparent network access across multiple servers. Hides internal network addresses. Only SOCKS server have IP address. Simple network security policy management. Rapid deployment of new network application
13
Security Considerations Designed for application layer protocols to traverse across the firewalls. Authentication and encapsulation - negotiated between SOCKS server and client. Authentication mechanisms supported by server are configurable.
14
Benefits Adds value to security-oriented product. Only allows configured users to communicate transparently across firewall. Authenticates user and establishes communication channel. Use with TCP/UDP. Supports ICMP redirection Handles all application (HTTP, Telnet, FTP….)
15
Drawbacks Non Transparent Proxy: Client software needs to be modified. connect() Rconnect() listen() Rlisten() Non Caching Proxy: Does not cache or log, URL that are accessed.
16
Conclusion SOCKS enhances Firewall usability. In addition to rule based access, provides user based authentication for external network access. Useful for corporate networks.
17
References RFC 1928 - http://faqs.org/rfcs/rfc1928.html Firewall: In and Out on the net - www.medialab.di.unipi.it/doc/JNetSec/jns_ch12.htm Tech View: Ten myths about SOCKS - http://www.commsdesign.com/main/1999/06/9906topten.htm What is SOCKS? http://www.infosecwriters.com/text_resources/pdf/what_is_socks.pdf SOCKS: Protocol for sessions traversal across firewall securely - http://www.networkdictionary.com/protocols/socks.php SOCKS - http://en.wikipedia.org/wiki/SOCKS
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.