Presentation is loading. Please wait.

Presentation is loading. Please wait.

SOCKS By BITSnBYTES (Bhargavi, Maya, Priya, Rajini and Shruti)

Published byShonda Strickland Modified over 8 years ago

Similar presentations

Presentation on theme: "SOCKS By BITSnBYTES (Bhargavi, Maya, Priya, Rajini and Shruti)"— Presentation transcript:

1 SOCKS By BITSnBYTES (Bhargavi, Maya, Priya, Rajini and Shruti)

2 Outline Definition History Major components Working Features Functions Applications

3 Need for protocol Widespread use of firewalls Need to provide a general framework for sophisticated application layer protocols to transparently and securely traverse a firewall with strong authentication capabilities Need to provide a framework for client-server applications in both TCP and UDP domains to conveniently and securely use the services of a network firewall

4 What is SOCKS? Acronym for SOCKet Secure Networking proxy protocol for TCP/IP based network applications Intermediate layer between application layer and transport layer

5 History Originally developed by David Koblas in 1992 Protocol extended to version 4 by Ying-Da Lee of NEC Designed to allow clients to communicate with Internet servers through firewalls Two major versions of SOCKS –  SOCKS V4  SOCKS V5

6 Components of SOCKS SOCKS server – implemented at the application layer SOCKS client – implemented between application and transport layer SOCKS Server SOCKS ClientApplication LayerTransport Layer Application Layer Secure Proxy data channel

7 How does it work? Establishes a secure proxy data channel between two computers in a client/server environment SOCKS server handles requests from clients inside a network's firewall and allows/rejects connection requests, based on the requested Internet destination or user identification Once a connection and a subsequent "bind" request have been set up, the flow of information exchange follows the usual protocol Client's perspective - SOCKS is transparent Server's perspective - SOCKS is a client

8 How does it work? SOCKS is typically implemented on proxy servers SOCKS uses sockets to represent and keep track of individual connections Client side of SOCKS is built into Web browsers Server side can be added to a proxy server The SOCKS server –  authenticates and authorizes requests  establishes a proxy connection  relays data between hosts

9 Relation with OSI reference model

10 Purpose of SOCKS Enables Hosts on one side of the SOCKS server to gain access to the other side of the SOCKS server without requiring direct IP-reachability Clients behind a firewall wanting to access exterior servers connect to a SOCKS proxy server which controls the eligibility of the client to access the external server and passes the request on to the server.

11 Major Functions The SOCKS protocol performs four functions:  Making connection requests  Setting up proxy circuits  Relaying application data  Performing user authentication (optional)

12 Two versions of SOCKS SOCKSv4  Makes connection request  Sets up proxy server  Relays application data SOCKSv5  Adds authentication to V4 - Username/Password (RFC 1929) - GSS-API (RFC 1961)  Authentication Method Negotiation  Address Resolution Proxy  UDP proxy

13 Control flow of SOCKS

14 Features Allows for transparent network access across multiple proxy servers Provides a flexible framework for developing secure communications by easily integrating other security technologies Rapid deployment of new network applications Simple network security policy management

15 Benefits Single communication protocol to authenticate users and establish communication channels Universal – works with several internet protocols Application-Independent proxy Can be used with either UDP or TCP based protocols Bi-directional proxy support

16 Benefits (continued..) Easy deployment of authentication and encryption methods Firewall tunneling service - allows many machines behind a firewall to access the Internet without actually being on the Internet themselves

17 Drawbacks SOCKS v4 does not support UDP and authentication The SOCKSv5 protocol does not support SOCKSv4 protocol SOCKS implementations do not support data encryption (except for some commercial software) making data transfers vulnerable to interception

18 Applications Most common use - Network firewall Authorized data relay between Hosts Supported as a proxy configuration option in popular Web browsers and instant messaging programs Found in some VPN implementations Emerging as one of the best ways to secure multimedia applications across the Internet

19 Summary SOCKS is easy to deploy and manage SOCKS is transparent to the user, while providing multiple layers of security Allows client-server applications to transparently use the services of a network firewall without requiring direct IP- rechability

20 References RFC 1928 - base SOCKS v5 specification RFC 1929, RFC 1961 - additional details http://www.socks.permeo.com/AboutSOCKS/SOCKSOverview.asp http://whatis.techtarget.com/definition/0,,sid9_gci213023,00.html http://www.socks.permeo.com/TechnicalResources/SOCKSFAQ/SO CKSGeneralFAQ/index.asp http://www.socks.permeo.com/TechnicalResources/SOCKSFAQ/SO CKSGeneralFAQ/index.asp

21 The SOCKS reference architecture and client are owned by Permeo Technologies, spin-off from NEC. NEC Corporation has promoted SOCKS. A SOCKSv4 implementation is available through anonymous ftp from ftp://ftp.nec.com:/pub/socks/ftp://ftp.nec.com:/pub/socks/ SOCKV5 Reference implementation by Permeo.

22 Questions?

Download ppt "SOCKS By BITSnBYTES (Bhargavi, Maya, Priya, Rajini and Shruti)"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.

Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Network Layer and Transport Layer.

Network Layer and Transport Layer.
The Aerospace Clinic 2002 Team Members Nick Hertl (Project Manager) Will Berriel Richard Fujiyama Chip Bradford Faculty Advisor Professor Michael Erlinger.

The Aerospace Clinic 2002 Team Members Nick Hertl (Project Manager) Will Berriel Richard Fujiyama Chip Bradford Faculty Advisor Professor Michael Erlinger.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
Remote Networking Architectures

Remote Networking Architectures
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.

Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
CLIENT A client is an application or system that accesses a service made available by a server. applicationserver.

CLIENT A client is an application or system that accesses a service made available by a server. applicationserver.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )

Similar presentations

Ads by Google