-
- SOCKS is a networking proxy protocol that enables hosts on one side of SOCKS server to gain full access to hosts on the other side of the SOCKS server without requiring direct IP reachability. SOCKS redirects connection requests from hosts on opposite sides of a SOCKS server. The SOCKS server authenticates and authorizes the requests, establishes a proxy connection, and relays data.
SOCKS is commonly used as a network firewall that enables hosts behind a SOCKS server to gain full access to the Internet, while preventing unauthorized access from the Internet to the internal hosts.
There are two major versions of SOCKS: SOCKS V4 and socksv5. David Koblas is the original author.
Refer to http://www.socks.nec.com/ for more information.
-
- The main differences between socksv5 and SOCKS V4 are:
-
- The socksv5 protocol does not include a provision to support SOCKS V4 protocol. NEC's socksv5 implementation supports the SOCKS V4 protocol. The server supports socksv5 and SOCKS V4 clients, and can communicate with other version 5 and 4 servers.
-
- SOCKS V4 is available through anonymous ftp from ftp://ftp.nec.com:/pub/socks/. socksv5 is available through http at http://www.socks.nec.com/.
Both packages include clients for telnet, ftp, finger, and whois. NEC's SOCKS5 implementation includes archie, ping, and traceroute.
Several other clients are available in the same ftp.nec.com directory and at http://www.socks.nec.com/.
Hewlett Packard provides an internal implementation of SOCKS, available at ftp://ftp.cup.hp.com/dist/socks/socks.tar.gz
Many commercial products also include built-in SOCKS protocol support.
-
- Yes, there are three SOCKS related mailing lists: socks, socks5, and sockscap. To join the SOCKS mailing list, send an E-mail message to:
[email protected]
with no subject line and a one line body:
subscribe <mailing-list> <[email protected]>
Correspond with members of the list by sending E-mail to:
<mailing-list>@socks.nec.com
All three mailing lists are archived at
http://www.socks.nec.com/
-
- Yes, NEC provides a Windows NT version of socks5 server, available at http://www.socks.nec.com/.
A number of WinSock DLL extensions enable WinSock-based applications to use SOCKS:
There are also socksified WinSock Stacks, such as Peter Tattam's Trumpet WinSock at http://www.trumpet.com.au/wsk/winsock.htm.
Many commercial WinSock applications support SOCKS protocol.
-
- Netscape's Navigator, NCSA's Mosaic, Fetch 3.0 (ftp client), Anarchie (archie/ftp client), Microsoft's Internet Explorer, and PointCast's client support SOCKS.
-
- Refer to
http://www.socks.nec.com/how2socksify.html for specific socksification details. You need to recompile the sources with pre-processor directives to intercept some calls such as bind(). The socks5 library can socksify TCP and UDP applications and the SOCKS V4 library can socksify TCP-based programs.
NEC's socks5 package includes some UNIX socks5 client shared libraries that can dynamically socksify programs without modifying or recompiling them. Refer to
http://www.socks.nec.com/.
See also Question 6.
-
- socks5 does, SOCKS4 does not.
NEC's socks5 package includes a socksified archie client program that is a UDP application. The RealAudio Player works with runsocks (UNIX) and SocksCap (Windows).
-
- For SOCKS version 4.2 and earlier, SOCKS V4 clients MUST resolve local and internet host IP addresses. Configure DNS so that the SOCKS clients' resolver can resolve the addresses. Multiple DNS servers require special arrangements.
For the extended SOCKS version 4.3, SOCKS V4 clients can pass the unresolved addresses to the SOCKS V4 extended servers for resolution.
For socksv5, the clients can pass unresolved host names to socksv5 servers to resolve. SOCKS will work if the socksv5 client or socksv5 servers can resolve a host.
-
- A multi-homed firewall has multiple network interfaces and does not forward packets. Single-homed firewalls have one network interface card. Use a single-homed firewall with a choke router that filters packets not originating from the SOCKS server.
-
- There is no official RFC for Version 4 of the protocol. There are
two documents describing Version 4:
SOCKS V4 protocol
and extension to SOCKS V4 protocol.
There are three RFCs for socksv5 related protocols:
- RFC1928 - Describes SOCKS Version 5 protocol, also known as Authenticated Firewall Traversal (AFT).
- RFC1929 - Describes Username/Password authentication
for socksv5.
- RFC1961 - Describes GSS-API authentication for socksv5
-
- SOCK-et-S - an internal development names that remained after release
-
- The password only echoes for anonymous ftp. This is considered a feature.
-
- Using the socksified SOCKS V4 server, rsockd, included in the socks 4.3 beta release. See the README file in the release.
NEC's socksv5 package includes support to traverse multiple SOCKS servers. Refer to http://www.socks.nec.com/ for additional details.
-
- When the socks server running from inetd receives too many connection requests, it displays this message. Run the socks server as a standalone daemon to solve the problem.
-
- Warp 4.0 has SOCKS V4 support integrated in the TCP/IP stack.
-
- socks displays this log message when someone tries to use the SOCKS server as an HTTP proxy. Ascii code 71 is the letter "G", the first letter of an
HTTP/1.0 request.