Full HTML for
Given by Sangmi Lee at Tango Group Internal Technology Seminars on Feb 19 99. Foils prepared May 19 99
Outside Index
Summary of Material
Denote Foils where Image Critical
Denote Foils where HTML is sufficient
SOCKS V5 for Proxy Server
Network security properties
Overview
What is a Proxy?
Proxy Server Terminology
What is SOCKS?
Place in OSI Layer
Using SOCKS for proxying
Advantage of SOCKS v5
Components of the SOCKS
What SOCKS does
--IP address to which the client requested to connect
What SOCKS does
Control flow of SOCKS v5
PPT Slide
Converting a client program
Converting a client program
Extended SOCKS functions
Modifying the program
"identd"protocol in SOCKS v5
SOCKS with Windows
Security Features of SOCKS V5
SOCKS: The next generation
Outside Index
Summary of Material
HTML version of Basic Foils prepared May 19 99 
Full HTML Index
| Sangmi Lee |
| TANGO Interaction |
| Feb.19,1999 Syracuse University |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Authentication : Process of reliably verifying the identity of someone or something |
| Authorization : Permission to access a resource |
| Integrity : Correctness, A system protects the integrity of data if it prevents unauthorized modification |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| SOCKS is a proxy protocol for client/server environments |
| SOCKS includes, |
| The SOCKS server |
| The SOCKS client library |
HTML version of Basic Foils prepared May 19 99 
Full HTML Index
| Proxy server makes a connection to the application server for the client. |
| Proxy server relays data between the client and the applications server. |
| Client |
| Real Server |
| Proxy Server |
| Perceived |
| Actual |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Application - Level Proxy |
| Circuit - Level Proxy |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| SOCKS is a networking proxy protocol that enables hosts to gain full access to the Internet, while preventing unauthorized access. |
| SOCKS server authenticates and authorizes the requests, establishes a proxy connection, and relays data |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Application |
| Transport |
| Transport |
| Application |
| Transport |
| Physical |
| Physical |
| Physical |
| Client |
| SOCKS |
| Server |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| HTTP Server |
| Telnet Server |
| Telnet Client |
| HTTP Client |
| GATE |
| Internet |
| The SOCKS server runs on the gate and allows clients inside the |
| firewall to communicate with servers outside the firewall |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Secure firewall traversal Support for user Datagram Protocol as well as Transmission Control Protocol applications |
| Support for a range of authentication, encryption, tunneling and key management schemes |
| Extremely flexible access controls Unified and coherent policy management |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| The SOCKS server |
| The SOCKS client library for UNIX machine |
| SOCKS-ified versions of standard UNIX client programs |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| SOCKS intercepts the connection attempts |
| Establish the connection |
| SOCKS client sends information |
| --Version number |
| --Connect request command |
| --Port number to which the client requested to connect |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| --IP address to which the client requested to connect |
| --Username of the person initiating request |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Checks its access control list |
| Decide accepted or rejected |
| Open connection/Close connection |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Application Client |
| SOCKS v5 |
| Application Server |
| Send method |
| herald |
| Check the policy |
| Verify the method |
| Send chosen |
| method |
| Authentication |
| process |
| Authentication |
| process |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Send proxy |
| request |
| Check proxy |
| status |
| Application |
| protocols |
| Process the |
| request |
| Setup proxy |
| circuit |
| Send circuit |
| status |
| Data relay |
| Accept |
| Connection |
| Application |
| protocol |
| SOCKS V5 |
| SOCKS V4 |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| The program should be modified to talk to the SOCKS server. |
| Programmer should replace all calls to standard network functions with calls to the SOCKS versions of those functions. |
| The program should be recompiled. |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Standard Network Function |
| connect() |
| getsockname() |
| bind() |
| accept() |
| listen() |
| select() |
| SOCKS Version |
| Rconect() |
| Rgetsockname() |
| Rbind() |
| Raccept() |
| Rlisten() |
| Rselect() |
| socks.h in /usr/local/lib |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| The SOCKS5 Internet Access Management Framework provides a comprehensive Application Programming Interface(API) |
| -- Special authentication and encryption methods |
| --Application protocol/content filters |
| -- Security policy definition modules |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Adding a few micro definitions to the CFLACS in Makefile |
| -Dconnect = Rconnect |
| -Dgentsockname=Rgetsockname |
| -Dbind=Rbind |
| -Daccept=Raccept |
| -Dlisten=Rlisten |
| Dselect=Rselect |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| "identd" allows SOCKS server to identify what user is controlling the port that the connection comes from. |
| "identd"(RFC1413) is used when user want to control access by user. |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| WinSock DLL extensions enable WinSock-based applications to use SOCKS. |
| --SocksCap from NEC |
| --AutoSOCKS from Aventail |
| --Hummingbird's SOCKS Client from Hummingbird |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| User based authentication |
| Intrusion/Extrusion Detection |
| Content/Protocol Filtering |
| Address Hiding |
HTML version of Basic Foils prepared May 19 99
Full HTML Index
| Support for IP Multicast-enabled clients |
| Improved Integration with Ipsec |
| Improved Management |
| --remote deployment of SOCKS client package |
| Improved Performance |