Monitors network and devices for health and performance.
Detects & fixes issues with intelligent alerts and inbuilt diagnostics tools.Checks for SQLi, XSS and 4500 other web vulnerabilities.
Integrated Vulnerability Management to prioritize and manage vulnerabilities.
The internet is in a strange place right now. It’s no longer the open, free place it used to be. Increasingly, users are being subject to website blocks, attacks, and surveillance. For true safety or anonymity, precautions must be taken. Thankfully, there many ways for you to protect yourself, one of them being Socket Secure (SOCKS) proxies.
While many have heard about SOCKS Proxies not many truly understand their purpose, how they work and the security-privacy levels they can offer. SOCKS proxies are often mistakenly considered an alternative or equivalent to VPNs causing major confusion amongst users and providing false sense of security.
In this article we'll be covering a wealth of topics relating to SOCKS Proxies, SSL, Configuration advise, Torrenting via SOCK, compare them with VPNs and much more so let's take a quick look at what we have in store before diving deeper:
Like HTTP, SOCKS is an internet protocol, but it offers a further degree of anonymity. Connecting to a SOCKS proxy routes your traffic through a third-party server via TCP, assigning you a new IP address in the process. Because the IP address is different, web hosts can’t determine the physical location.
This has the add-on effect of bypassing regional filtering. However, unlike a VPN, SOCKS doesn’t provide encryption. This means users don’t have true privacy and aren’t safe from attacks on Public WiFi and government surveillance. In addition, SOCKS doesn’t run through every application, meaning regular browsing is not always safe.
However, this lack of encryption does provide some benefits. The main one is speed. A SOCKS proxy doesn’t need resources to encrypt traffic and has far less overhead, so it’s usually faster than a VPN. Though proxies don’t provide protection from monitoring, they are a nice middle ground between HTTP and VPNs.
The security of a SOCKS proxy also depends on the version it utilizes. Most modern proxies use either SOCKS4 or SOCKS5 to protect users, and there are some fundamental differences. As you would expect from a lesser version, SOCKS4 has fewer features.
One example is the lack of support for UDP protocol-based applications. This cuts out programs that need faster, more efficient transfers, like games. SOCKS5 also supports IPv6 and Domain Name Resolution. This means the client can specify a URL rather than an IP address. This feature is also supported by SOCKS4a.
As well as SOCKS, users can utilize the HTTP/HTTPS proxy method. HTTP proxies work similarly to SOCKS5, but utilize the HTTP protocol instead. This is the same method that transfers data to your computer when you type http://www.firewall.cx. These proxies fetch and receive primarily in HTTP and are generally used for web browsers. Some applications support HTTP proxy, others SOCKS proxy, and many both. HTTP is more intelligent than SOCKS5, but also less secure.
Due to lack of UDP support and limited TCP support, HTTP proxies don’t fully support torrenting. Often, they will filter out this type of data or block it. This blocking is especially prevalent in public HTTP proxies. In addition, HTTP tries to re-write the headers of the data in transit. The result is extremely slow or non-existent torrenting.
HTTPS proxies utilize something called the Secure Socket Layer. In your browser, you’ll notice this as a green padlock next to the URL bar:
In short, SSL creates a secure connection between the web server and the user’s browser. When you request a URL, the server sends your browser a copy of its SSL certificate. The browser verifies that it’s authentic, and the server then sends back a signed acknowledgment. Upon arrival, both start an SSL encrypted session and can share data safely.
This encryption uses a method called public key cryptography. A server using SSL has both a public key and a private key. When a server first negotiates an SSL session with a client, it sends a copy of its public key. The client’s browser verifies the certificate and then uses the public key to create a symmetric key which is then sent to the server. The private key is never sent and always kept secret.
The symmetric key is unique to the SSL session and used to encrypt/decrypt data exchanged between the client and server.
HTTPS proxy works slightly differently. Using the CONNECT method, requests are converted to a transparent tunnel. However, this feature isn’t available in a lot of proxies and, when it is, users can still be vulnerable.
Some versions of SSL are still open to attack through the Heartbleed bug. This serious vulnerability was discovered in 2014 and allows attackers to steal private keys from servers, eavesdropping on communications and gaining access to passwords, emails and instant messages. Vulnerabilities in SSL and its predecessor TLS have been found several times since then, including man-in-the-middle attacks that downgrade the user to a less secure version.
While an HTTP proxy is designed to work in the web browser, a SOCKS5 proxy is more wide-reaching. SOCKS sits on the higher levels of the OSI model, below SSL, which sits on the seventh application layer, and above TCP and UDP on the transport layer (Layer 4). This offers several advantages. TCP works by forming a physical connection between the client and the server, trying to guarantee that every packet arrives at the destination in the same order it was sent. To do this, it puts all the content into a fixed format.
Another use of UDP is in the Domain Name System (DNS), which allows for translation of URLs into IP addresses. The combination of both TCP and UDP creates a more flexible and reliable experience.
Despite what some think, the internet is not private. Anonymous browsing and Internet Privacy are almost non-existent in today's online world. Websites collect personal information on every visit without your knowledge. Despite the free label, services come at a cost, and in many cases, it’s a lack of privacy.
The primary driver is the advertising industry. Most websites get paid if an ad is clicked or the product is purchased, not just for exposure. As a result, they want promotions that are relevant to the user. They get paid, and the user gets to see the products they’re interested in. It seems advantageous to both parties.
However, to target these ads, agencies need information about a website’s users. Companies like Facebook embed trackers across the web to build a detailed profile of individuals. This includes things like your gender, age, location, and websites you frequent. Information from multiple ad agencies can then be combined to build a detailed picture of your interests and personality.
Firefox's Lightbeam Plugin provides a visual map of sites visited during our session
Here’s the result of two hours of browsing activity with the Lightbeam plugin. The circle articles are sites we visited, while the triangles are third parties. Together, they can create an interconnected web of information. Visiting just 32 sites fed 371 third parties data.
They can do this across the web through identifying information like your IP address. When you connect to a network, your device is given a unique string of numbers by the ISP or mobile service provider. These can be cross-referenced across the internet to find your browsing habits.
If that’s not enough, there are also government agencies to worry about. IP addresses usually give websites a rough idea of your location by pointing to your service provider. That’s not a barrier for government. They can ask the ISP who the IP was assigned to and find your name and address. You would think that such power would be used sparingly, but unfortunately, it’s not.
Former NSA contractor Edward Snowden revealed that major powers are spying on citizens across the world on an unprecedented level. Authorities request all that tracking data we mentioned earlier and combine it with information from the internet service provider (ISP). From 2011-2012, Australian agencies requested ISP logs over 300,000 times. This can include every website the user has visited over a period of years.
And that’s someone who has the country’s best interests at heart. This kind of information is also accessible to a number of people who work for the ISP. Earlier this year, an ex-technician for Verizon pleaded guilty to selling phone call and location information to a private investigator. Web browsing information could equally be sold off to the highest bidder.
And that’s assuming they even have to buy it in the first place. In 2012, internet activist group anonymous hacked into the servers of telecommunications company AAPT. They stole over 40GB of information relating to business customers to show that the logs are not always safe. A redacted copy of the data was later published online.
With so many parties interested in such data, anonymous browsing is becoming difficult. The sad fact is that without protection from the Best VPN providers, you aren’t truly safe.
Firstly, there’s the threat of this information falling into the hands of hackers. Imagine a person with malicious intent having a record of your name, address, interests, habits, and every website you’ve been to. It could easily be used to blackmail someone or make threats to their friends and family.
It can also be used to identify potential weak points in your security. For example, if you regularly visit an insecure site, it could be hacked with an end goal of getting to you. Tools such as a key logger could then be used to collect usernames, passwords, and credit card data.
Furthermore, such access can be used for types of identity theft. Combined with an email account, an attacker has access to basically everything. Password resets for various accounts, name, age, date of birth. Bank details can be used to place illegal purchases on your behalf or commit fraud. Most of our lives are stored online, and the attack could gain access to all of it.
The same methods can be used by authorities in oppressive regimes. Even if the current government protects its citizens from such things, a power shift could change that. Because tracking information and ISP logs are kept for a long time, the data will still be around years into the future.
Then there’s the issue of illegal activities. Previously, nobody would know if you were breaking the law in the privacy of your own home. However, with the increase in logs, activities like torrenting can result in warnings, loss of service, or huge fines.
Without a VPN, torrents can be traced straight back to the user. Copyright holders hire companies to search through swarms of people torrenting their property. With an IP address, they can request a user’s details from the ISP and pursue legal action. The ISP is often compelled to do this or face legal repercussions themselves.
Though torrenting is a morally grey area, this can also affect customers who have done nothing wrong. WiFi networks can be hacked or information can be incorrect. In 2010, 53-year-old Cathi Paradiso ran into this problem when she was accused of downloading 18 films and TV shows illegally. In reality, her IP address was identified incorrectly, and her internet access cut off unjustly. It’s clear that even if you’re a regular internet user, anonymous browsing has its benefits.
Anonymous browsing is usually achieved by routing a normal internet connection through a virtual private network. We won’t go into too much detail here, as it’s been already covered in our Beginner’s Guide to VPNs.
VPN (Virtual Private Network) is a well-known acronym amongst regular internet users. Initially used within businesses to securely connect to the corporate network, nowadays it’s being used by almost any type of user for anonymous browsing, protecting their privacy and stopping ISPs and government agencies tracking their online activities and transactions who are looking to capture users performing illegal file sharing of movies, music albums, torrenting or even trying to access geo-restricted content such as Netflix, Hulu and other streaming services.
With the exponential rise of internet security threats it doesn’t really matter what type of device you’re using - whether it’s a PC, MAC, tablet, iPhone, Android device or smartphone - the risk is the same. Every single one of these devices can be tracked and their precise location known without any effort.
For example, the screenshot below was taken from a mobile phone. It shows a website visited that is able to track the mobile device’s IP address (49.185.251.16) and retrieve a significant amount of information regarding its location. It’s detected the country (Australia), the state (VIC), City (Melbourne), ISP/Mobile carrier (Optus) plus location and geographic coordinates (latitude and longitude)!
Information captured from a non-VPN internet user
As you can appreciate, the amount of information websites can capture is alarming. In a similar way ISPs, hackers and government agencies can intercept and capture traffic to and from a user’s mobile device or PC at home.
Now that we appreciate how exposed we really are, let’s take a look at how VPNs help protect our identity and personal information.
A VPN can offer a number of substantial advantages and, depending on your internet activities, can prove to be mandatory.
A VPN service will allow you to “hide” your physical location by masking the IP address assigned by your internet service provider (ISP). In addition, a VPN provides a basic level of security and confidentiality as all information to and from your computer or mobile device is encrypted. This prevents hackers or ISPs from monitoring your online activities.
Users typically require a VPN service for any of the following activities:
The TOR network is an alternative VPN solution used also by the Dark-Web. Readers interested on how TOR VPN works and compares against VPN can also check our TOR vs VPN article.
Below is a diagram showing a typical user accessing the internet without a VPN. The user’s IP address is assigned by the ISP and is visible to the internet. Any online resource accessed by the user is completely visible to the ISP and anyone monitoring the user’s IP address:
Unencrypted internet traffic is visible and easily monitored
Of course resources such as Internet Banking usually encrypt the data transferred between the client and the server but the traffic source (user IP) and destination (server IP) are still fully visible. Similarly other activities such as Torrent Downloads are fully traceable back to the user.
It should also be noted that ISPs always keep log files of their users’ IP addresses. This means that the ISP is fully aware of the IP address assigned to each of its users. By law, these logs are stored for years and can be used as evidence in the event of a law suit or investigation. This applies to home and mobile users.
To use a VPN service provider you must first register with a VPN Service Provider of your choice. VPN subscriptions start from a low $3US - $8US per month making them affordable for any user. Once you’ve purchased a VPN subscription you are able to download and install the provided VPN Client on to your devices.
VoIP/ IP PBXs and Unified Communication systems have become extremely popular the past decade and are the No.1 preference when upgrading an existing or installing a new phone system. IP PBXs are based on the IP protocol allowing them to use the existing network infrastructure and deliver enhanced communication services that help organizations collaborate and communicate from anywhere in the world with minimum or no costs.
This article explains the fundamentals of IP PBX systems, how IP PBXs work, what are their critical VoIP components, explains how they can connect to the outside world and shows how companies can use their IP PBX – Unified Communications system to save costs. We also take a look at the best Free VoIP PBX systems and explain why they are suitable for any size small-to-medium organization.
Traditional, Private Branch Exchange (PBX) telephone systems have changed a lot since the spread of the internet. Slowly but surely, businesses are phasing out analogue systems and replacing them with IP PBX alternatives.
A traditional PBX system features an exchange box on the organization’s premises where analogue and digital phones connect alongside external PSTN/ISDN lines from the telecommunication company (telco). It gives the company full ownership, but is expensive to setup and most frequently requires a specialist technician to maintain, repair and make changes.
A typical Analogue-Digital PBX with phones and two ISDN PRI lines
Upgrading to support additional internal extensions would usually translate to additional hardware cards being installed in the PBX system plus more telephone cabling to accommodate the new phones. When a company reached its PBX maximum capacity (either phones or PSTN/ISDN lines) it would need to move to a larger PBX, resulting in additional costs.
IP PBXs, also known as VoIP systems or Unified Communication solutions, began penetrating the global PBX market around 2005 as they offered everything a high-end PBX offered, integrated much better with desktop applications and software (e.g outlook, CRMS etc) and supported a number of important features PBXs were not able to deliver. IP PBX and Unified Communication systems such as 3CX are able to deliver features such as:
The features offered by IP PBXs made them an increasingly popular alternative for organizations that were seeking to reduce telecommunication cost while increasing productivity and moving away from the vendor-proprietary solutions.
According to surveys made back in 2013, 96% of Australian businesses were already using IP PBXs. Today it’s clear that the solution has huge advantages. IP PBX offers businesses increased flexibility, reduced running costs, and great features, without a premium. There are so many advantages that it’s difficult for organizations to justify traditional analogue/digital PBXs. Even market leaders in the PBX market such as Siemens, Panasonic, Alcatel and others had to adapt to the rapidly changing telecommunications market and produce hybrid models that supported IP PBX features and IP phones, but these were still limited when compared with a full IP PBX solution.
When an IP PBX is installed on-site it uses the existing LAN network, resulting in low latency and less room for interference. It’s also much easier to install than other PBX systems. Network engineers and Administrators can easily configure and manage an IP PBX system as most distributions come with a simple user interface. This means system and phone settings, call routing, call reporting, bandwidth usage and other settings can be seen and configured in a simple browser window. In some cases, employees can even configure their own preferences to suit their workflow.
Once installed, an IP PBX can run on the existing network, as opposed to a whole telephone infrastructure across business premises. That means less cable management and the ability to use existing Ethernet cables, resulting in smaller starting costs. This reduction in starter costs can be even more significant if the company has multiple branches in different places. Internet Leased Lines with unlimited usage plans mean voice calls can be transmitted over WAN IP at no extra cost.
In addition, firms can use Session Initiation Protocol (SIP) trunking to reduce phone bills for most calls. Communications are routed to the Telco using a SIP trunk via the IP PBX directly or a Voice Gateway. SIP is an IP-based protocol which means the Telco can either provide a dedicated leased line directly into the organization’s premises or the customer can connect to a Telco’s SIP server via the internet. Usually main Telco lines are provided via a dedicated IP-based circuit to ensure line stability and low latency.
With SIP trunks Telco providers usually offer heavily reduced prices over traditional methods such as PSTN or ISDN circuits. This is especially true for long-distance calls, where communication can be made for a fraction of a price when compared to older digital circuits.
Savings on calls via SIP trunk providers can be so significant that many companies with old Legacy PBXs have installed an IP PBX that acts as a Voice Gateway, which routes calls to a SIP provider as shown in the diagram below:
Connecting an Analogue-Digital PBX with a SIP Provider via a Voice Gateway
In this example an IP PBX with Voice Gateway (VG) capabilities is installed at the organization. The Voice Gateway connects on one end with the Analogue - Digital PBX using an ISDN BRI interface providing up to 2 concurrent calls while at the other end it connects with a SIP provider via IP.
The SIP provider can be reached via the internet, usually using a dedicated internet connection, or even a leased line if the SIP provider has such capabilities. The Analogue - Digital PBX is then programmed to route all local and national calls via the current telco while all international calls are routed to the SIP provider via the Voice Gateway.
The organization is now able to take advantage of the low call costs offered by the SIP provider.
The digital nature of IP PBX makes it more mobile. Softphone applications support IP PBX and let users make calls over the internet from their smartphone or computer. This allows for huge portability while retaining the same extension number. Furthermore, this often comes at a flat rate, avoiding per-minute fees. Advanced Softphones support a number of great features such as call recording, caller ID choice, transfer, hold, voice mail integration, corporate directory, just to name a few.
A great example is 3CX’s Free Windows softphone, which is a great compact application under continuous development that delivers everything a mobile desktop user would need to communicate with the office and customers while on the road or working from home:
Altaro has released Altaro VM Backup V7, a faster and lighter upgrade to its flagship Hyper-V and VMware backup solution, which now supports Windows Server 2016 and includes several highly-requested features including unique Augmented Inline Deduplication technology and boot from backup.
Altaro’s unique Augmented Inline Deduplication delivers faster backups and restores on local and offsite locations by making sure that only new data is transferred to the backup or offsite location. This augmented inline deduplication technology solves a common problem found in conventional backup solutions which deduplicates data after the transfer process. With Altaro VM Backup v7, that process happens before the data is transferred. This process not only provides quicker backups, but it also reduces the amount of storage needed to store said backups significantly more than any other solution on the market today.
"Version 7 is an important milestone at Altaro” said David Vella, CEO of Altaro. "Not only does it fully support Windows Server 2016, our new and unique Augmented Inline Deduplication technology offers our customers the best storage savings in the industry"
Boot from Backup is another innovation in Altaro VM Backup V7 that enables users to instantly boot any VM version from the backup location without affecting integrity of the backup. If disaster strikes, the VM can be booted up instantly from the backup drive with minimal downtime, while the VM is restored back to the Hypervisor in the background. A simple VM reboot completes the recovery process and preserves any changes done while the VM was booted.
For more information about Altaro VM Backup V7, visit altaro.com/vm-backup