SOCKS and DMZ

Can I assume taht a SOCKS server is normally placed within a DMZ

Can I also assume that SOCKS normally operates as a reverse proxy

Does SOCKS have the ability to turn on or off the tunneling (and in effect act  as port forwarding

Can SOCKS reject IP's

Thanks
Anthony LuciaAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Rich RumbleConnect With a Mentor Security SamuraiCommented:
It's not part of the RFC, so yes and no. This is the same for most protocols, TCP for example has no mandate for IP or MAC address filtering, but it's a feature of many products.
SOCKS is a protocol, and when you create a server based on that protocol you can tack on other features.
SOCKS proxies are typically, I think anyway, FWD proxies, when you are attempting to get out on one protocol to avoid being detected or seen as another protocol. SOCKS is a tunnel, and if you tunnel out port 80 to a SOCKS proxy on the internet, you are doing the FWD motion. If someone connect to a SOCKS proxy to get into your network, then it's a reverse proxy. The FWD/REV thing is relative, they are the same thing, only direction dictates the name. SOCKS proxies are mainly used as anonymizers, or restriction by-passes.
The other difference between a SOCKS and an HTTP proxy is that http doesn't wrap the requests in a secure tunnel, a socks connection is encrypted end to end so it can't be sniffed, unlike an http proxy.
-rich
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.