Yahoo Tips and Tricks : What are SOCKS 4 AND SOCKS 5

Today I am going to give a brief Explanation About Socks, here we go

        When an application client,program,request or data needs to connect to an application server, the client connects to a SOCKS proxy server. The proxy server connects to the application server on behalf of the client, and relays data between the client and the application server. For the application server, the proxy server is the client.

TYPES OF SOCKS

There are two versions of the SOCKS protocol 

1. SOCKSv4 
2. SOCKSv5

The SOCKSv4 protocol performs some of the functions

• Makes connection requests
• Set up proxy circuits
•  Relays application data

The SOCKSv5 protocol adds authentication to the above functions.

       The SOCKSv4 protocol defines the message format and conventions to allow TCP-based application,as a result users transparent access across a firewall. During proxy connection setup, the SOCKS server allow access based on TCP header information including IP addresses, and source and destination host port numbers. The SOCKS server also authorizes users using ident (rfc1413) information.

        The SOCKS user community proposed and implemented a protocol extension to SOCKSv4 that eliminates the requirement for SOCKSv4 clients to resolve internal and external domain names. By appending the unresolved domain names to the SOCKSv4 client requests, SOCKSv4 servers can attempt to resolve domain names.as a result, it is very simple, SOCKSv4 is often used widely as a network firewall.

       There are few weaknesses in SOCKSv4 protocol: lack of strong authentication and the requirement to recompile applications with SOCKSv4 client library. An IETF (Internet Engineering Task Force) working group drafted and approved a new version of SOCKS, SOCKSv5. The working group completed three SOCKSv5-related standards: rfc1928, rfc1929, and rfc1961.

        The SOCKSv5 protocol, also called as authenticated firewall traversal (AFT), is an open Internet standard (rfc1928) for performing network proxies at the transport layer. It resolves several issues that SOCKS version 4 protocol did not fully address or omitted:

•  Strong authentication
•  Authentication method negotiation
•  Address resolution proxy
•  Proxy for UDP-based applications

Authentication Method Negotiation

1. The application client declares to the SOCKSv5 server the authentication methods it can support.

2. The SOCKSv5 server sends a message to the client announcing the method the client should use.

3. The SOCKSv5 server determines the authentication method based on the security policy defined in the SOCKSv5 server's configuration. If the client's declared methods fail to meet the security requirement, the SOCKSv5 server drops communication. 

Address Resolution Proxy

        SOCKSv5's built-in address resolution proxy simplifies DNS administration and facilitates IP address hiding and translation. SOCKSv5 clients can pass the name, instead of the resolved address, to the SOCKSv5 server and the server resolves the address for the client.