1 / 18

SOCKS

SOCKS. Richard Bhuleskar Atul Patil Vinit Mahedia Virendra Kucherriya Vasanthnag Vasili. Team: Unison. Abbreviation for “SOCKetS”. Allows client-server applications to transparently use the services which are behind network firewall. General Proxy for TCP/IP based applications.

upton
Download Presentation

SOCKS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SOCKS Richard Bhuleskar Atul Patil Vinit Mahedia Virendra Kucherriya Vasanthnag Vasili Team: Unison

  2. Abbreviation for “SOCKetS”. Allows client-server applications to transparently use the services which are behind network firewall. General Proxy for TCP/IP based applications. What is SOCKS

  3. Need generic framework to transparently and securely traverse firewall. Need strong authentication for traversal. Conveniently and Securely use firewall services. Why socks?

  4. SOCKS and OSI Application Transport Physical Application Transport Physical Transport Physical Server Client Firewall (SOCKS Proxy)

  5. SOCKS Connection SOCKS request SOCKS SERVER Internet Web server Amazon.com Firewall Corporate network

  6. Packet changes Destination address: amazon.com Destination port: 80 (HTTP) Data: "GET /page.html“ Destination address: socks_server.com Destination port: TCP 1080 (SOCKS) Data: Destination address = amazon.com, Destination port = TCP 80 (HTTP), Data = "GET /page.html"

  7. SOCKS Flexibility HTTP Server SOCKS (HTTP) SOCKS SERVER Internet SOCKS (FTP) FTP Server Firewall

  8. SOCKS in your system

  9. Client Sends The Message to Server : Server Says : SOCKS: Client Server Rendezvous

  10. SOCKS : Request Structure Where, VER : protocol version : X'05' CMD : CONNECT : X'01' BIND : X'02' UDP ASSOCIATE : X'03' RSV : RESERVED ATYP : address type of following address IP V4 address : X'01‘ DOMAINNAME : X'03‘ IP V6 address : X'04‘ DST.ADDR desired destination address DST.PORT desired destination port in network octet order

  11. SOCKS : Reply Structure Where, VER : protocol version : X'05' CMD : X'00' succeeded X'01' general SOCKS server failure X'02' connection not allowed by ruleset X'03' Network unreachable X'04' Host unreachable X'05' Connection refused X'06' TTL expired X'07' Command not supported X'08' Address type not supported X'09' to X'FF' unassigned BIND.ADDR : Server Bound Address DST.PORT : Server Bound port in network octet order

  12. Features Transparent network access across multiple servers. Hides internal network addresses. Only SOCKS server have IP address. Simple network security policy management. Rapid deployment of new network application

  13. Security Considerations Designed for application layer protocols to traverse across the firewalls. Authentication and encapsulation - negotiated between SOCKS server and client. Authentication mechanisms supported by server are configurable.

  14. Benefits Adds value to security-oriented product. Only allows configured users to communicate transparently across firewall. Authenticates user and establishes communication channel. Use with TCP/UDP. Supports ICMP redirection Handles all application (HTTP, Telnet, FTP….)

  15. Drawbacks Non Transparent Proxy: Client software needs to be modified. connect()  Rconnect() listen()  Rlisten() Non Caching Proxy: Does not cache or log, URL that are accessed.

  16. Conclusion SOCKS enhances Firewall usability. In addition to rule based access, provides user based authentication for external network access. Useful for corporate networks.

  17. References RFC 1928 - http://faqs.org/rfcs/rfc1928.html Firewall: In and Out on the net -www.medialab.di.unipi.it/doc/JNetSec/jns_ch12.htm Tech View: Ten myths about SOCKS -http://www.commsdesign.com/main/1999/06/9906topten.htm What is SOCKS? http://www.infosecwriters.com/text_resources/pdf/what_is_socks.pdf SOCKS: Protocol for sessions traversal across firewall securely - http://www.networkdictionary.com/protocols/socks.php SOCKS - http://en.wikipedia.org/wiki/SOCKS

More Related