the client operating system must have SOCKS client capability (and ‘intercept’ specific network requests and divert to the SOCKS proxy).the client program must have a SOCKS client capability.However SOCKS can be a problem in real life : However, encrypted protocols can never be authenticated by firewall, only by a SOCKS Proxy. Anyone who has configured Authenticated Proxy on a Cisco firewall will understand this. by passes default routing in the internal networkĬonsider that protocols such as HTTP and Telnet support firewall authentication.provides authentication for protocols that cannot be authenticated.As such, it was often only way to access the Internet. SOCKS was originally developed by NEC before NAT was a possible solution. no changes to the client operating system – it is transparent to the user.inspection of the packet / application / data is much more difficult.the IP session initiation (three way handshake) is directly from the client to the server.The packet is inspected by the firewall, and the source address is modified (in the header usually, and in the payload depending on the application), the external server receives the packet and replies. The internal system forwards a packet through the firewall. The SOCKS server then acts as the IP Client for the connection request. The SOCKS protocol allows for authentication and logging of the connection requests. The SOCKS client will initiate a connection to a SOCKS server.
A users’ workstation must have a SOCKS client installed, either in the application (such as putty, Firefox), or deep in the TCP/IP stack where the client software will redirect packets into a SOCKS tunnel. The external server communicates with the SOCKS server as if it were the actual client.
When a connection is established, the client communicates with the SOCKS server using the SOCKS protocol. The client contact the SOCKS proxy server and, by exchanging messages defined by the SOCKS protocol, negotiates a proxy connection. The SOCKS protocol is roughly equivalent to setting up an IP tunnel with a firewall and the protocol requests are then initiated from the firewall. An example of this would be asking someone to pass you the salt at the dinner table, who then gets the salt shaker, and passes it to you.
For example, when you use a HTTP proxy you are actually forwarding the HTTP request, and the HTTP proxy server then performs the request on your behalf. It is very different from ‘normal’ proxy because they are application proxies. SOCKS is a protocol that is intended to act a circuit level proxy for applications. This is a fast introduction to what SOCKS is. In the Blue Coat forums I often see people ask questions about SOCKS that show they haven’t taken the time to learn what it is.
0 kommentar(er)
