SOCKS stands for Socket Secure. It exchanges data packets between client and server via proxy. It operates on the Session Layer of the OSI model. It allows users to surf on the Internet anonymously. More than that It gives you accessibility of applications only one secure port connection. In this post, I will implement fundamental usage of SOCKS. On the client side we just need open-ssh client and tsocks. open-ssh client exists all Linux distributions. So We only need tsocks. tsocks is a library to implement SOCKS.

gns3@gns3:~/Programs$ sudo apt-get install tsocks

Configure tsocks(client)

Open /etc/tsocks.conf and add lines below at the end of the line.

server =
server_port = 1080

Initiate Connection(client) Initiate connection between client and SOCKS proxy. -D option is the most important argument for this purpose. It tells that whenever connection is made port 1080, connection is forwarded to the host istanbul over ssh

gns3@gns3:~$ ssh -ND 1080 username@istanbul
-N Do not execute a remote command. This is useful for just forwarding ports.

-D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on the
local side, optionally bound to the specified bind_address. Whenever a connection is made to this port, the connection is
forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the
remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root
can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file.

SOCKS server side Only thing we need is on SOCKS server side is permission for the ssh connection and ssh server up and running. Diagram: It is depicted below diagram to leverage to SOCKS service.


Without Socks

gns3@gns3:~$ tsocks firefox

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.