Questions tagged [socks5]

33 questions
22
votes
1 answer

Is SOCKS secure?

In order to create a VPN, I open an SSH tunnel with a command like ssh -D 9000 user@host, and then I set my system's proxy settings to use SOCKS5 through localhost:9000. Well, setting up my home server with OpenSSH was easy enough, so I'm able to do…
Ricket
  • 523
  • 1
  • 3
  • 9
14
votes
3 answers

SOCKS proxy security concerns

As claimed, "A socks proxy simply transfers data from a client to a server, not penetrating into this data contents (therefore it can work with HTTP, FTP, SMTP, POP3, NNTP, etc.)", I really can't buy it, can't a SOCKS proxy log data, analyze its…
Tawfik Khalifeh
  • 2,532
  • 6
  • 22
  • 27
7
votes
2 answers

Are SOCKS5 credentials safe during authentication on proxy server

I've read several tutorials, but not totally sure. If I'll set up my own SOCKS5 proxy server on VPS, configure it to use username and password. Will this credentials be safe while authentication on proxy via public wi-fi for example? If no, how it…
Storm
  • 173
  • 1
  • 6
5
votes
2 answers

Why is it dangerous to socksify a whole system?

Today, I configured my browser to use a ssh/SOCKS5 proxy setup to keep my web traffic confidential even when browsing from insecure networks (e.g. a public WLAN hotspot). I was then thinking that it would be even better for my privacy to do the same…
zinfandel
  • 1,233
  • 8
  • 10
3
votes
1 answer

What is a SOCKS proxy?

I am having a hard time understanding what a SOCKS proxy really is. I have been searching on Google, but so far, most websites compare SOCKS with an HTTP proxy, but they do not explain in detail what a SOCKS proxy is, and why it can be used to…
victor26567
  • 503
  • 4
  • 6
3
votes
1 answer

I use VPN+Socks5 proxy for torrents in Utorrent. What is the security risk?

So my setup is essentially MyPC -> VPN Server -> Remote SOCKS Server in Utorrent -> Destination torrent swarm The VPN server is a well known "no-logs" provider, the country is the Netherlands and i have a different gateway/entry and exit ip when i…
nomalokumi
  • 41
  • 1
  • 5
3
votes
1 answer

Telegram: Security risks for a user of using third-party socks5 proxy?

If a user decides to use a third-party SOCKS5 proxy for his Telegram client, what are possible security risks for the user? Specifically if the proxy suggests using the same login and password for anyone signing up (eg). In particular, is it…
yurkennis
  • 151
  • 1
  • 7
2
votes
2 answers

How do we use TLS/SSL to secure SOCKS5 protocol?

I'm researching about SOCKS5 protocol. After understanding it, I know that SOCKS5 does not encrypt data from clients to proxy server. Therefore, can we use TLS/SSL to encrypt data? secure SOCKS5?
2
votes
1 answer

Is the same key used for Authorization and Encryption? (SSH Tunnel)

I am a bit confused on how SSH encryption works. From reading this question, I see you can use a private key to authenticate with the -i flag. I also know think that SSH encrypts data using private and public keys. I am creating an application…
JBis
  • 640
  • 5
  • 17
2
votes
1 answer

2ip.io/privacy/ and 'Defining tunnel (two way ping)' on SOCKS5 proxy

I was able to setup my first proxy server on Ubuntu 14 using danted. However, when I visit 2ip.io/privacy/ and run their privacy test, they return: Defining tunnel (two way ping) found This is considered bad and reasoning the score 'Probability of…
Fadey Anomaly
  • 41
  • 1
  • 5
2
votes
1 answer

Shadowsocks: Doesn't communication with just one server look suspicious to the GFW?

From what I understand, Shadowsocks masks SOCKS5 traffic as HTTPS traffic, so that the GFW cannot detect it by packet inspection. Shadowsocks can be installed on my own server, naturally. For usage, I would establish a connection with a Shadowsocks…
feklee
  • 185
  • 1
  • 6
2
votes
1 answer

How can an attacker sniff a password with SOCKS5 proxy?

Do I have to fear a local man-in-the-middle attacker while entering password with tor? Say a victim is connecting to Facebook with tor Browser. How would an attacker build a man-in-the-middle attack that get its password? (what precise commands) If…
user123456
  • 520
  • 1
  • 4
  • 13
1
vote
1 answer

Questions about SOCKS5 security

I'm planning to start a distributed crawler in order to avoid common limitations imposed by servers/CDN like rate limit, region filter, and others. My idea is to have a central server and multiple agents that will run on different networks. These…
fenugurod
  • 13
  • 2
1
vote
0 answers

Securing a SOCKS5 to SSH Tunnel on Windows

In order to gain web access from the perspective of a remote device, it is very common to use the SOCKS5 to SSH Tunnel capability built into OpenSSH Client and Putty (detailed here). Both clients establish an SSH transport to the remote device and…
Liam Kelly
  • 117
  • 4
1
vote
1 answer

What are the security implications of connecting to Tor through an SSH SOCKS proxy?

Suppose I have a user account on a remote server run by a friend. I create a SOCKS tunnel on my computer that forwards connections from a local port to the remote server: ssh -N -D 12345 john@10.1.1.5 (i.e. all local connections to localhost:12345…
Flux
  • 593
  • 4
  • 10
1
2 3