Examining the generic Socks version 5 proxy protocol
SOCKS FOR PROXY
Socks is a universal proxy protocol for TCP and UDP that allows internal hosts to securely pass the firewall and authenticates users. This article describes the latest version of the Socks proxy protocol and shows how to implement it.
Many firewall admins allow direct access to the Web from the internal network but are more restrictive with other services such as FTP or SMTP. They rightfully argue that filter rules that allow a minimum of services and ports are easier to track and manage. Application Level Gateways (ALGs) provide even more granular control and are typically implemented as proxies (Figure 1a). However, the application firewall needs a proxy for each service. The Socks protocol  (RFC 1928, Figure 1b) treads a path between the stateful packet filter and the ALG. Socks is implemented in the Dante package , for example. The generic Socks proxy technology leaves the firewall in control of applications, separating networks in the Transport Layer and giving clients a fixed request port (typically 1080).