Difference between revisions of "En/docs/api/socks"
Jump to navigation
Jump to search
(Created page with " <div class="title"> = SOCKS = </div> <div class="inner" role="main"> <div class="fluid"> == SOCKS and SOCKS proxies == The SOCKS proxy is working as of release 0.7.1. S...") |
AGentooCat (talk | contribs) (fix redlink, copy summary from wikipedia, and remove unnecessary html tags) |
||
| Line 4: | Line 4: | ||
= SOCKS = |
= SOCKS = |
||
| + | Copying from [https://en.wikipedia.org/wiki/SOCKS Wikipedia]: |
||
| + | <pre>SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.</pre> |
||
| − | </div> |
||
| − | <div class="inner" role="main"> |
||
| − | |||
| − | <div class="fluid"> |
||
== SOCKS and SOCKS proxies == |
== SOCKS and SOCKS proxies == |
||
| Line 14: | Line 12: | ||
The SOCKS proxy is working as of release 0.7.1. SOCKS 4/4a/5 are supported. Enable SOCKS by creating a SOCKS client tunnel in i2ptunnel. Both shared-clients and non-shared are supported. There is no SOCKS outproxy so it is of limited use. |
The SOCKS proxy is working as of release 0.7.1. SOCKS 4/4a/5 are supported. Enable SOCKS by creating a SOCKS client tunnel in i2ptunnel. Both shared-clients and non-shared are supported. There is no SOCKS outproxy so it is of limited use. |
||
| − | As it says on the [ |
+ | As it says on the [http://i2p-projekt.i2p/en/faq#socks FAQ]: |
<pre>Many applications leak sensitive |
<pre>Many applications leak sensitive |
||
| Line 24: | Line 22: | ||
this, thus using I2P to 'socksify' existing applications is possible, but |
this, thus using I2P to 'socksify' existing applications is possible, but |
||
extremely dangerous.</pre> |
extremely dangerous.</pre> |
||
| + | |||
And quoting from a 2005 email: |
And quoting from a 2005 email: |
||
| Line 31: | Line 30: | ||
developers of anonymity and security software to have the safety of |
developers of anonymity and security software to have the safety of |
||
our end users foremost in our minds.</pre> |
our end users foremost in our minds.</pre> |
||
| + | |||
Hoping that we can simply strap an arbitrary client on top of I2P without auditing both its behavior and its exposed protocols for security and anonymity is naive. Pretty much *every* application and protocol violates anonymity, unless it was designed for it specifically, and even then, most of those do too. That's the reality. End users are better served with systems designed for anonymity and security. Modifying existing systems to work in anonymous environments is no small feat, orders of magnitude more work that simply using the existing I2P APIs. |
Hoping that we can simply strap an arbitrary client on top of I2P without auditing both its behavior and its exposed protocols for security and anonymity is naive. Pretty much *every* application and protocol violates anonymity, unless it was designed for it specifically, and even then, most of those do too. That's the reality. End users are better served with systems designed for anonymity and security. Modifying existing systems to work in anonymous environments is no small feat, orders of magnitude more work that simply using the existing I2P APIs. |
||
| Line 37: | Line 37: | ||
=== See Also === |
=== See Also === |
||
| − | * The notes for [[en/meetings/81| |
+ | * The notes for meetings [[en/meetings/81|#81]] and [[en/meetings/82|#82]] in March 2004. |
* [http://www.abenteuerland.at/onioncat/ Onioncat] |
* [http://www.abenteuerland.at/onioncat/ Onioncat] |
||
| − | * [http://zzz.i2p/ zzz.i2p] |
+ | * [http://zzz.i2p/ search for "socks" on zzz.i2p] |
=== If You Do Get Something Working === |
=== If You Do Get Something Working === |
||
Please let us know. And please provide substantial warnings about the risks of socks proxies. |
Please let us know. And please provide substantial warnings about the risks of socks proxies. |
||
| − | |||
| − | |||
| − | </div> |
||
| − | |||
| − | </div> |
||
| − | |||
| − | </div> |
||
Latest revision as of 15:57, 24 January 2023
SOCKS
Copying from Wikipedia:
SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.
SOCKS and SOCKS proxies
The SOCKS proxy is working as of release 0.7.1. SOCKS 4/4a/5 are supported. Enable SOCKS by creating a SOCKS client tunnel in i2ptunnel. Both shared-clients and non-shared are supported. There is no SOCKS outproxy so it is of limited use.
As it says on the FAQ:
Many applications leak sensitive information that could identify you on the Internet. I2P only filters connection data, but if the program you intend to run sends this information as content, I2P has no way to protect your anonymity. For example, some mail applications will send the IP address of the machine they are running on to a mail server. There is no way for I2P to filter this, thus using I2P to 'socksify' existing applications is possible, but extremely dangerous.
And quoting from a 2005 email:
... there is a reason why human and others have both built and abandoned the SOCKS proxies. Forwarding arbitrary traffic is just plain unsafe, and it behooves us as developers of anonymity and security software to have the safety of our end users foremost in our minds.
Hoping that we can simply strap an arbitrary client on top of I2P without auditing both its behavior and its exposed protocols for security and anonymity is naive. Pretty much *every* application and protocol violates anonymity, unless it was designed for it specifically, and even then, most of those do too. That's the reality. End users are better served with systems designed for anonymity and security. Modifying existing systems to work in anonymous environments is no small feat, orders of magnitude more work that simply using the existing I2P APIs.
The SOCKS proxy supports standard addressbook names, but not Base64 destinations. Base32 hashes should work as of release 0.7. It supports outgoing connections only, i.e. an I2PTunnel Client. UDP support is stubbed out but not working yet. Outproxy selection by port number is stubbed out.
See Also
- The notes for meetings #81 and #82 in March 2004.
- Onioncat
- search for "socks" on zzz.i2p
If You Do Get Something Working
Please let us know. And please provide substantial warnings about the risks of socks proxies.