Socks protocol provides a framework for client-server applications in both the TCP and UDP domains to conveniently and securely use the services of a network firewall. The protocol is conceptually a "shim-layer" between the application layer and the transport layer, and as such does not provide network layer gateway services, such as forwarding of ICMP messages.

The use of network firewalls, systems that effectively isolate an organizations internal network structure from an exterior network, such as the INTERNET is becoming increasingly popular. These firewall systems typically act as application-layer gateways between networks, usually offering controlled TELNET, FTP, and SMTP access. Socks provides a general framework for these protocols to transparently and securely traverse a firewall.

Socks version 5 provides strong authentication of such traversal, while SOCKS Version 4 provides only unsecured firewall traversal for TCP-based client-server applications, including TELNET, FTP, and protocols such as HTTP, WAIS and GOPHER.

SOCKS version 5 extends the SOCKS Version 4 model to include UDP, and extends the framework to include provisions for generalized strong authentication schemes. It also adapts the addressing scheme to encompass domain-name and V6 IP addresses.

The implementation of the SOCKS protocol typically involves the recompilation or relinking of TCP-based client applications to use the appropriate encapsulation routines in the SOCKS library.

Protocol Structure

Socks v5 has a few messages with different formats as follows.

Version identifier/method selection message:

The Socks request message:

The method selection message:

The reply message:

UDP request header:

Related protocols: TCP, UDP, ICMP, HTTP, TELNET, FTP

Sponsor Source: The latest version (v5) of Socks is defined by IETF (http://www.ietf.org) in RFC 1928.

Reference: http://www.javvin.com/protocol/rfc1928.pdf: SOCKS Protocol Version 5.