The internet is in a strange place right now. It’s no longer the open, free place it used to be. Increasingly, users are being subject to website blocks, attacks, and surveillance. For true safety or anonymity, precautions must be taken. Thankfully, there many ways for you to protect yourself, one of them being Socket Secure (SOCKS) proxies.
While many have heard about SOCKS Proxies not many truly understand their purpose, how they work and the security-privacy levels they can offer. SOCKS proxies are often mistakenly considered an alternative or equivalent to VPNs causing major confusion amongst users and providing false sense of security.
In this article we'll be covering a wealth of topics relating to SOCKS Proxies, SSL, Configuration advise, Torrenting via SOCK, compare them with VPNs and much more so let's take a quick look at what we have in store before diving deeper:
Introduction to SOCKS Proxies
Like HTTP, SOCKS is an internet protocol, but it offers a further degree of anonymity. Connecting to a SOCKS proxy routes your traffic through a third-party server via TCP, assigning you a new IP address in the process. Because the IP address is different, web hosts can’t determine the physical location.
This has the add-on effect of bypassing regional filtering. However, unlike a VPN, SOCKS doesn’t provide encryption. This means users don’t have true privacy and aren’t safe from attacks on Public WiFi and government surveillance. In addition, SOCKS doesn’t run through every application, meaning regular browsing is not always safe.
However, this lack of encryption does provide some benefits. The main one is speed. A SOCKS proxy doesn’t need resources to encrypt traffic and has far less overhead, so it’s usually faster than a VPN. Though proxies don’t provide protection from monitoring, they are a nice middle ground between HTTP and VPNs.
The security of a SOCKS proxy also depends on the version it utilizes. Most modern proxies use either SOCKS4 or SOCKS5 to protect users, and there are some fundamental differences. As you would expect from a lesser version, SOCKS4 has fewer features.
One example is the lack of support for UDP protocol-based applications. This cuts out programs that need faster, more efficient transfers, like games. SOCKS5 also supports IPv6 and Domain Name Resolution. This means the client can specify a URL rather than an IP address. This feature is also supported by SOCKS4a.
As well as SOCKS, users can utilize the HTTP/HTTPS proxy method. HTTP proxies work similarly to SOCKS5, but utilize the HTTP protocol instead. This is the same method that transfers data to your computer when you type http://www.firewall.cx. These proxies fetch and receive primarily in HTTP and are generally used for web browsers. Some applications support HTTP proxy, others SOCKS proxy, and many both. HTTP is more intelligent than SOCKS5, but also less secure.
Due to lack of UDP support and limited TCP support, HTTP proxies don’t fully support torrenting. Often, they will filter out this type of data or block it. This blocking is especially prevalent in public HTTP proxies. In addition, HTTP tries to re-write the headers of the data in transit. The result is extremely slow or non-existent torrenting.
Understanding How HTTPS Encryption - SSL & HTTPS Proxies Work
HTTPS proxies utilize something called the Secure Socket Layer. In your browser, you’ll notice this as a green padlock next to the URL bar:
In short, SSL creates a secure connection between the web server and the user’s browser. When you request a URL, the server sends your browser a copy of its SSL certificate. The browser verifies that it’s authentic, and the server then sends back a signed acknowledgment. Upon arrival, both start an SSL encrypted session and can share data safely.
This encryption uses a method called public key cryptography. A server using SSL has both a public key and a private key. When a server first negotiates an SSL session with a client, it sends a copy of its public key. The client’s browser verifies the certificate and then uses the public key to create a symmetric key which is then sent to the server. The private key is never sent and always kept secret.
The symmetric key is unique to the SSL session and used to encrypt/decrypt data exchanged between the client and server.
HTTPS proxy works slightly differently. Using the CONNECT method, requests are converted to a transparent tunnel. However, this feature isn’t available in a lot of proxies and, when it is, users can still be vulnerable.
Some versions of SSL are still open to attack through the Heartbleed bug. This serious vulnerability was discovered in 2014 and allows attackers to steal private keys from servers, eavesdropping on communications and gaining access to passwords, emails and instant messages. Vulnerabilities in SSL and its predecessor TLS have been found several times since then, including man-in-the-middle attacks that downgrade the user to a less secure version.
How SOCKS5 Proxy Works
While an HTTP proxy is designed to work in the web browser, a SOCKS5 proxy is more wide-reaching. SOCKS sits on the higher levels of the OSI model, below SSL, which sits on the seventh application layer, and above TCP and UDP on the transport layer (Layer 4). This offers several advantages. TCP works by forming a physical connection between the client and the server, trying to guarantee that every packet arrives at the destination in the same order it was sent. To do this, it puts all the content into a fixed format.
Another use of UDP is in the Domain Name System (DNS), which allows for translation of URLs into IP addresses. The combination of both TCP and UDP creates a more flexible and reliable experience.