Network protocol: Still using HTTP proxy? Weak! Try SOCKS5

Introduction

Existence is reasonable. The emergence of SOCKS5 is to solve the big problem that SOCKS4 does not support identity authentication. After all, everyone is paying more and more attention to security in the network. A network without authentication is like a life living under a camera. There is no privacy at all, which is really terrible.

Today, I will give you an in-depth explanation of SOCKS5 and its applications.

Why use SOCKS

SOCKS is a proxy service agreement, why is there a proxy service agreement?

Because in modern networks, in many cases, due to the network or firewall, it is difficult for us to directly access the other party's network, so we need a proxy mechanism to act as a gateway between the local network and the large network.

The proxy server works by intercepting the connection between the sender and the receiver. All incoming data enters through one port and is forwarded to the target network through another port.

Of course, traffic forwarding is the most basic function of a proxy server. The proxy server can also hide the IP address of the client or server to achieve network access security. In addition, because the proxy server acts as a proxy for the target server, the proxy server can be used as a cache server for the target server, thereby improving the efficiency of network access.

In addition, the proxy server can also perform some special operations by intercepting the data, such as encrypting the data, so as to ensure the security of data transmission. In addition, the proxy server can also control the client's access, for example, it can prevent the client from accessing a certain IP address or website.

And SOCKS is a proxy protocol standard, through this protocol, standard proxy services can be realized.

In an enterprise-level network, in order to ensure the security of the enterprise network, a firewall is usually installed. Although this ensures the security of the enterprise network, it also prevents the client from accessing the external network. Therefore, a SOCKS proxy server is needed to replace the connection and data communication between the client and the target website.

The SOCKS proxy can bypass the firewall to relay the user's TCP and UDP sessions.

SOCKS5

Because SOCKS runs on the fifth layer of the OSI seven-layer protocol, it can handle a variety of request types including HTTP, HTTPS, POP3, SMTP, and FTP, so you can use the SOCKS protocol for mail sending, web browsing, and File transfer, etc.

Compared with SOCK4, SOCKS5 adds an authentication mechanism, so a complete TCP connection can be established through identity verification. SOCKS5 is usually used with SSH to relay traffic by using the SSH encrypted tunnel method.

So why do we need to use SOCKS5?

First, we can access the services behind the firewall through SOCKS5.

Generally speaking, for security reasons, the servers are placed behind a firewall, but there are two ways for outsiders to access the server. The first is to remove the firewall and open the service to the public, but this will bring security risks. The second is to filter illegal access requests by setting the client's IP whitelist. However, the client's IP address usually changes, so this approach is not feasible.

If you use the SSH proxy of SOCKS5, you can access the services behind the firewall through the proxy server to ensure service security.

In addition, by establishing an SSH tunnel, in which the SOCKS5 protocol is used to route various TCP and UDP traffic to their respective services, then only SSH is required, and no other VPN networks are required. So it is relatively simple to use.

Finally, because SOCKS5 only forwards data, there is less possibility of errors and higher performance.

Use of SOCKS5

We have introduced the various advantages of SOCKS5 above, so how should SOCKS5 be used? Next, I will introduce to you a simple SOCKS5 proxy server that uses the ssh command to build.

First look at the SSH command to establish a SOCKS service:

ssh -f -C -N -D bindaddress:port name@server

-f means SSH enters the background as a daemon.

-N means do not execute remote commands, only for port forwarding.

-D means dynamic forwarding on the port. This command supports SOCKS4 and SOCKS5.

-C means to compress data before sending.

bindaddress The bind address of the local server.

port represents the designated listening port of the local server.

name represents the login name of the ssh server.

server represents the address of the ssh server.

The above command means to establish port binding on the local machine, and then forward it to the remote proxy server.

For example, we can open a port 2000 on the local machine and forward it to the remote machine 168.121.100.23:

ssh -f -N -D 0.0.0.0:2000 root@168.121.100.23

Once you have a proxy server, you can use it. First, I will introduce how to use a SOCKS proxy in the curl command.

We want to access www.flydean.com through a proxy server, what should we do?

curl -x socks5h://localhost:2000 -v -k -X GET http://www.flydean.com:80

To detect the SOCKS connection, you can also use the netcat command as follows:

ncat –proxy 127.0.0.1:2000 –proxy-type socks5 www.flydean.com 80 -nv

Summarize

SOCKS5 is a very useful proxy protocol, you can use it when you need it. You know!

This article has been included in http://www.flydean.com/10-socks5-more/

The most popular interpretation, the most profound dry goods, the most concise tutorial, and many tips you don't know are waiting for you to discover!

Welcome to pay attention to my official account: "programs, those things", know the technology, know you better!