1 / 15

SOCKS (SOCK ET S ECURE ) PRESENTATION BY: GROUP KANGKONG

SOCKS (SOCK ET S ECURE ) PRESENTATION BY: GROUP KANGKONG. CMPE209. Members: Eddy Kang Leo Kong. SOCKS Agenda. What is SOCKS? Characteristic/Advantages of SOCKS Applications Security Case Study Reference Q&A. WHAT IS SOCKS?. SOCKS = Secured Over Credential-based Kerberos Services

Patman
Download Presentation

SOCKS (SOCK ET S ECURE ) PRESENTATION BY: GROUP KANGKONG

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SOCKS (SOCKET SECURE)PRESENTATION BY:GROUP KANGKONG CMPE209 Members: Eddy Kang Leo Kong

  2. SOCKS Agenda • What is SOCKS? • Characteristic/Advantages of SOCKS • Applications • Security • Case Study • Reference • Q&A

  3. WHAT IS SOCKS? • SOCKS = Secured Over Credential-based Kerberos Services • Proxy definition: Server that relays request from a client to a server • SOCKS is protocol that defines the communication from user to the proxy • SOCKS relays a user’s TCP/UDP session over a firewall. • Allow transparent access for the application users.

  4. WHAT IS SOCKS? • Similar to a HTTP Proxy

  5. Characteristics and advantages of SOCKS • SOCKS is part of Session layer. • Transparent support for any protocols above of Session layers.

  6. Characteristics and advantages of SOCKS • Two versions of SOCKS • SOCKSv4 • SOCKSv5 • How does it work: 3 steps • Generation of connection requests • Establishment of proxy circuits • Relaying applicative data • Authentication (only in version 5)

  7. Characteristics and advantages of SOCKS • Any applications can use SOCKS • Support UDP (version 5) • Proxy bi-directional • Use domain name (DNS) instead of IP address • Authentication is available in version 5 to assure user identity and its privileges.

  8. Applications • SOCKS can be use by anyone, companies or individual • Sample Servers available online: • SS5 Socks Server • OpenSSH (support SOCKS) • WinSocks - Socks Proxy Server • Sample Clients available online: • WideCap • HTTP-Tunnel Client • ProxyCap

  9. Security about SOCKS • ONLY a protocol that routes network packets between client and the SOCKS proxy server • No built-in security feature besides Authentication in Version 5 • Needs to pair with security protocol to secure communication: ex, SSH, HTTPS, etc.

  10. SOCKS Case Study: HTTP Proxy With Firewall

  11. SOCKS Case Study: SOCKS Proxy with Firewall • SOCKS Proxy overview behind firewall

  12. SOCKS Case Study: SOCKS Proxy • Data sent between User and SOCKS Proxy are not secured. • No Confidentiality/Integrity is guaranteed • Authentication is available in Version 5 only. • Recommend to use SSH Tunnel between User and SOCKS Proxy. • HTTP Request still in clear text leaving SOCKS Proxy => Use HTTPS.

  13. SOCKS Case Study: Anonymity Software using SOCKS • TOR uses SOCKS proxy to provide anonymity to users.

  14. Reference • Wikipedia: • http://en.wikipedia.org/wiki/SOCKS • RFC 1929 • Username/Password Authentication for SOCKS ver 5 • RFC1928 • SOCKS Protocol ver 5 • RFC 1961 •  GSS-API Authentication Method for SOCKS ver 5

  15. ?

More Related