SOCKS Proxies
SOCKS is an Internet protocol which presents a special kind of proxy server. The default port for SOCKS proxies is 1080, but they may also be available on other ports. The practical difference to normal HTTP proxies is that SOCKS proxies work not only for Web browsing, but also for other applications like video games, file transfer or instant messenger clients. Similar to a VPN, they work as a secure tunnel.
Common SOCKS versions include 4, 4a and 5. The version 4 always needs the IP address to create a connection, so the DNS resolution still has to take place on the client. This make it useless for many circumvention needs. Version 4a usually uses hostnames. Version 5 includes newer techniques such as authentication, UDP and IPv6, but it often uses IP addresses, so it might also not be the perfect solution. See also the section "DNS leaks" at the end of this chapter.
A variety of software can take advantage of a SOCKS proxy to bypass filters or other restrictions not only Web browsers, but also other Internet software like instant messaging and e-mail applications.
Although public SOCKS proxies do exist, in many cases SOCKS proxies will run locally on your computer, and will be provided by a software application. Because SOCKS tunnels are so flexible, some censorship circumvention software creates a local proxy running on your own computer (which is usually referred to by the name localhost or the IP address 127.0.0.1). This local proxy is a way to let applications such as a Web browser take advantage of the circumvention software. Tools that can work in this way include Tor, Your-Freedom and SSH tunnels set up with PuTTY.
Local proxy enthusiast T-shirt (get it?)
In order to use an application proxy for circumventing censorship, you must tell software on your computer that you want to use that proxy when communicating with other systems on the Internet.
Some Internet applications don't ordinarily work with a proxy because their developers didn't create them with proxy support. However, many of these applications can be made to work with a SOCKS proxy using socksifier software. Some examples of such software include:
- tsocks (http://tsocks.sourceforge.net) on Unix/Linux
- WideCap (http://www.widecap.com) on Windows
- ProxyCap (http://www.proxycap.com) on Windows
Configuring your applications
In most cases configuring applications to use a SOCKS proxy is done in much the same way as configuring them to use HTTP proxies. Applications that support SOCKS proxies will have a separate entry in the menu or configuration dialog where HTTP proxies are configured which let you configure a SOCKS proxy. Some applications will ask you to choose between SOCKS 4 and SOCKS 5 proxy settings; in most cases SOCKS 5 is the better option, although some SOCKS proxies may only work with SOCKS 4.
Some applications, such as Mozilla Firefox, will allow you to configure both an HTTP proxy and a SOCKS proxy at the same time. In this case, normal web-browsing will happen through the HTTP proxy, and Firefox may use the SOCKS proxy for other traffic such as streaming video.
Mozilla Firefox
To configure Mozilla Firefox to use a SOCKS proxy:
- Select Tools > Options:
- The Options window appears:
- In the toolbar at the top of the window, click Advanced:
- Click the Network tab:
- Click Settings. The Connection Settings window opens:
- Select "Manual proxy configuration". The fields below that option become available.
- Enter the SOCKS proxy address and port number, choose SOCKS v5, then click OK.
Now Firefox is configured to use a SOCKS proxy.
Microsoft Internet Explorer
To configure Internet Explorer to use a SOCKS proxy:
- Select Tools > Internet Options:
- Internet Explorer displays the Internet Options window:
- Click the Connections tab:
- Click LAN Settings. Internet Explorer displays the Local Area Network (LAN) Settings window:
- Select "Use a proxy server for your LAN" and click Advanced.
Internet Explorer displays the Proxy Settings window:
- Clear "Use the same proxy server for all protocols" if it is selected:
- Enter the proxy address to use and port number in the Socks row and click OK:
Now Internet Explorer is configured to use a SOCKS proxy.
Configuring a SOCKS proxy for other applications
Many Internet applications other than Web browsers can use a SOCKS proxy to connect to the Internet, potentially bypassing blocking. Here is an example with the instant messaging software Pidgin. This is a typical example, but the exact sequence of steps to configure some other application to use a SOCKS proxy would be slightly different.
- Select Tools > Preferences:
- Pidgin displays the Preferences window:
- Click the Network tab:
- For Proxy type, select SOCKS 5. Additional fields appear under that option.
- Enter the host address and port number of your SOCKS proxy:
- Click Close.
Pidgin is now configured to use a SOCKS proxy.
When you're done with the proxy
When you are done using a proxy, particularly on a shared computer, return the settings you've changed to their previous values. Otherwise, those applications will continue to try to use the proxy. This could be a problem if you don't want people to know that you were using the proxy or if you were using a local proxy provided by a particular circumvention application that isn't running all the time.
DNS leaks
One important problem with SOCKS proxies is that some applications that support the use of SOCKS proxies may not use the proxy for all their network communications. The most common problem is that Domain Name System (DNS) requests may be made without going through the proxy. This DNS leak can be a privacy problem and can also leave you vulnerable to DNS blocking, which a proxy could otherwise have circumvented. Whether an application is vulnerable to DNS leaks may vary from version to version. Mozilla Firefox is currently vulnerable to DNS leaks in its default configuration, but you can avoid these by making a permanent configuration change to prevent DNS leaks:
- In the Firefox address bar, enter about:config as if it were a URL (you may see a warning about changing advanced settings):
- If necessary, click "I'll be careful, I promise!" to confirm that you want to modify your browser settings. The browser displays a list of configuration settings information.
- In the Filter field, enter network.proxy.socks_remote_dns. Only that setting is displayed:
- If this setting has the value false, double-click it to change its value to true.
There is no documented way to prevent DNS leaks within Microsoft Internet Explorer, without using an external program.
At the time of this writing there are no known DNS leaks in Pidgin when configured to use a SOCKS 5 proxy.