Solved

SOCKS and DMZ

Posted on 2014-04-23
1
381 Views
Last Modified: 2014-04-23
Can I assume taht a SOCKS server is normally placed within a DMZ

Can I also assume that SOCKS normally operates as a reverse proxy

Does SOCKS have the ability to turn on or off the tunneling (and in effect act  as port forwarding

Can SOCKS reject IP's

Thanks
0
Comment
Question by:Anthony Lucia
1 Comment
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 40018326
It's not part of the RFC, so yes and no. This is the same for most protocols, TCP for example has no mandate for IP or MAC address filtering, but it's a feature of many products.
SOCKS is a protocol, and when you create a server based on that protocol you can tack on other features.
SOCKS proxies are typically, I think anyway, FWD proxies, when you are attempting to get out on one protocol to avoid being detected or seen as another protocol. SOCKS is a tunnel, and if you tunnel out port 80 to a SOCKS proxy on the internet, you are doing the FWD motion. If someone connect to a SOCKS proxy to get into your network, then it's a reverse proxy. The FWD/REV thing is relative, they are the same thing, only direction dictates the name. SOCKS proxies are mainly used as anonymizers, or restriction by-passes.
The other difference between a SOCKS and an HTTP proxy is that http doesn't wrap the requests in a secure tunnel, a socks connection is encrypted end to end so it can't be sniffed, unlike an http proxy.
-rich
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now