SOCKS _SOCKet Secure_ Presentation by Group KangKong

Document Sample
SOCKS _SOCKet Secure_ Presentation by Group KangKong Powered By Docstoc
					      SOCKS
      (SOCKET
      SECURE)
      PRESENTATION BY:
      GROUP KANGKONG


CMPE209
          Members:   Eddy Kang
                     Leo Kong
SOCKS AGENDA


 What  is SOCKS?
 Characteristic/Advantages of SOCKS

 Applications

 Security

 Case Study

 Reference

 Q&A

                                       2
WHAT IS SOCKS?
 SOCKS = Secured Over Credential-based
 Kerberos Services

 Proxydefinition: Server that relays request
 from a client to a server

 SOCKSis protocol that defines the
 communication from user to the proxy

 SOCKS   relays a user’s TCP/UDP session
 over a firewall.

 Allow   transparent access for the application
 users.
                                                   3
WHAT IS SOCKS?

   Similar to a HTTP Proxy



            User

                                         Web Server

                              Internet




          SOCKS Proxy




                                                      4
CHARACTERISTICS AND ADVANTAGES OF
SOCKS

                   SOCKS is part of Session
                    layer.
                   Transparent support for
                    any protocols above of
                    Session layers.




                                               5
CHARACTERISTICS AND ADVANTAGES OF
SOCKS
   Two versions of SOCKS
     SOCKSv4
     SOCKSv5


   How does it work: 3 steps
     Generation of connection requests
     Establishment of proxy circuits
     Relaying applicative data
     Authentication (only in version 5)




                                           6
CHARACTERISTICS AND ADVANTAGES OF
SOCKS
   Any applications can use SOCKS

   Support UDP (version 5)

   Proxy bi-directional
       Use domain name (DNS) instead of IP address


   Authentication is available in version 5 to assure
    user identity and its privileges.

                                                         7
APPLICATIONS

 SOCKS  can be use by anyone, companies or
 individual

 Sample    Servers available online:
     SS5 Socks Server
     OpenSSH (support SOCKS)
     WinSocks - Socks Proxy Server

 Sample    Clients available online:
   WideCap
   HTTP-Tunnel Client
   ProxyCap                                  8
SECURITY ABOUT SOCKS

 ONLY a protocol that routes network packets
  between client and the SOCKS proxy server
 No built-in security feature besides
  Authentication in Version 5
 Needs to pair with security protocol to secure
  communication: ex, SSH, HTTPS, etc.

    Security Goal          Features
    Confidentiality        None
    Integrity              None
    Authentication         Available in V5
                                                   9
SOCKS CASE STUDY:
   HTTP PROXY WITH FIREWALL


           User




                                                   FireWall
                                                                         Web Server

                                                              Internet




                              Web/HTTP
                               Proxy

                       Control by Administrator




  Contents are readable by Administrator.
  Use for controlling user access to external sites.

                                                                                      10
SOCKS CASE STUDY:
   SOCKS PROXY WITH FIREWALL


       User



                           FireWall                            Unapproved
                                                               Web Server



                                                    Internet


              Web/HTTP
               Proxy
                                      SOCKS Proxy




                         Use SSH to connect with
                         SOCKS Proxy to prevent
                         snooping by Administor
                                                                            11

   SOCKS Proxy overview behind firewall
SOCKS CASE STUDY:
   SOCKS PROXY
                      User

                                                                   Web Server

                                                        Internet




                    SOCKS Proxy




                     SOCKS only provides limited anonymity.
                     Mask traffic-source with socks proxy.

                     => Information sent are still NOT secured.


   Data sent between User and SOCKS Proxy are not secured.
   No Confidentiality/Integrity is guaranteed
   Authentication is available in Version 5 only.
   Recommend to use SSH Tunnel between User and SOCKS Proxy.                   12
   HTTP Request still in clear text leaving SOCKS Proxy => Use HTTPS.
SOCKS CASE STUDY:
    ANONYMITY SOFTWARE USING SOCKS


                                                       Remote
                                                       Server
User

                                                Node
                      Node            Node
                             Node



        SOCKS Proxy                      Node
                               Node




   TOR uses SOCKS proxy to provide anonymity to
    users.
                                                                13
REFERENCE

   Wikipedia:
       http://en.wikipedia.org/wiki/SOCKS
   RFC 1929
       Username/Password Authentication for SOCKS ver 5
   RFC1928
       SOCKS Protocol ver 5
   RFC 1961
       GSS-API Authentication Method for SOCKS ver 5



                                                           14
?
    15

				
DOCUMENT INFO