• Home
  • InfoBase
  • Dictionaries
  • Member
  • News
    • 中文网站
     Advanced Search
    Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
    HomeProtocolsSecurity

    Socks: Protocol for sessions traversal across firewall securely


    Socks protocol provides a framework for client-server applications in both the TCP and UDP domains to conveniently and securely use the services of a network firewall. The protocol is conceptually a "shim-layer" between the application layer and the transport layer, and as such does not provide network layer gateway services, such as forwarding of ICMP messages.

    The use of network firewalls, systems that effectively isolate an organizations internal network structure from an exterior network, such as the INTERNET is becoming increasingly popular. These firewall systems typically act as application-layer gateways between networks, usually offering controlled TELNET, FTP, and SMTP access. Socks provides a general framework for these protocols to transparently and securely traverse a firewall.

    Socks version 5 provides strong authentication of such traversal, while SOCKS Version 4 provides only unsecured firewall traversal for TCP-based client-server applications, including TELNET, FTP, and protocols such as HTTP, WAIS and GOPHER.

    SOCKS version 5 extends the SOCKS Version 4 model to include UDP, and extends the framework to include provisions for generalized strong authentication schemes. It also adapts the addressing scheme to encompass domain-name and V6 IP addresses.

    The implementation of the SOCKS protocol typically involves the recompilation or relinking of TCP-based client applications to use the appropriate encapsulation routines in the SOCKS library.

     

    Protocol Structure - Socks version 5

     

    Socks v5 has a few messages with different formats as follows.

    Version identifier/method selection message:

     

    1 byte 1 byte 1-225 bytes
    Version NMethods Methods

     

    The Socks request message:

     

    1 byte 1 byte Value of 0 1 byte Variable 2 bytes
    Version CMD Rsv ATYP DST addr DST port

     

    The method selection message:

     

    1 byte 1 byte
    Version Method

     

    The reply message

     

    1 byte 1 byte Value of 0 1 byte Variable 2 bytes
    Version REP RSV ATYP BND addr BND port

     

    UDP request header:

     

    2 bytes 1 byte 1 byte Variable 2 Variable
    RSV FRAG ATYP DST addr DST port DATA

     

    Related protocols:TCP, UDP, ICMP, HTTP, TELNET, FTP

    Sponsor Source:The latest version (v5) of Socks is defined by IETF (http://www.ietf.org) in RFC 1928.

    Reference:http://www.javvin.com/protocol/rfc1928.pdf: SOCKS Protocol Version 5.

    ‹ Radius: Remote Authentication Dial In User ServiceupSSH: Secure Shell Protocol Overview ›