SOCKS proxy and Security
SOCKS is an Internet protocol that allows client-server applications to transparently use the services of a network firewall. SOCKS is an abbreviation for "SOCKetS".
Clients behind a firewall, needing to access exterior servers, may connect to a SOCKS proxy server instead. Such proxy server controls the eligibility of the client to access the external server and passes the request on to the server. SOCKS can also be used in the opposite way, allowing the clients outside the firewall ("exterior clients") to connect to servers inside the firewall (internal servers).
A proxy server is a kind of buffer between your computer and the Internet resources you are accessing. They accumulate and save files that are most often requested by thousands of Internet users in a special database, called "cache". Therefore, proxy servers are able to increase the speed of your connection to the Internet. The cache of a proxy server may already contain information you need by the time of your request, making it possible for the proxy to deliver it immediately. The overall increase in performance may be very high. Also, proxy servers can help in cases when some owners of the Internet resources impose some restrictions on users from certain countries or geographical regions. In addition to that, among proxy servers there are so called anonymous proxy servers that hide your IP address thereby saving you from vulnerabilities concerned with it.
A proxy will typically transmit packets on certain ports to and from hosts. A proxy can also cache data and do NAT (Network Address Translation) to give multiple hosts access to the Internet. You need to configure a proxy server for each application and port. Regular proxy servers are not geared towards security but more for performance reasons (caching) and restricting access to certain resources (prevent access to certain websites at a school).
A SOCKS server is a type of proxy server that allows each host behind the server to communicate transparently with hosts on the other side of the server. It allows the use of all sorts of applications. There are two main versions for SOCKS: version 4 and version 5.
From a security point of view, SOCKS can be made more secure between the clients and server by setting up an SSL connection. Therefore any data transmitted between the clients and the server is done so securely. Between the SOCKS server and the Internet the data will only be secure if the application using it is secure.
For example if you connect to Amazon to purchase a product through a SSL configured SOCKS server, the communication from your machine to the SOCKS server will be secure. But when you browse items, Amazon doesn't provide SSL, therefore the connection is no longer secure between the SOCKS server and the Internet. However once you decide to purchase an item, Amazon switches you to secure mode (notice the HTTPS in the address bar and the padlock or key at the bottom right of the browser). In that case the whole communication between your client and Amazon is secure.
You can also set up a SSL enabled proxy server for secure applications, but you would still need to provide a regular one for non-secure applications. A SOCKS server is a more flexible solution.
Another type of security feature that is used in both cases of a regular proxy and a SOCKS proxy, is the fact that you can set up the range of IP addresses that can connect to your server to avoid leaving your server as an "open proxy". Such servers can be used to relay spam, or for other malicious activities such as Denial of Service attacks.
For example if you want your server only for your home network, then you would configure its allowable IP range to whatever IP addresses your home network uses.
From the point of view of a client, both a regular proxy server and a SOCKS server allow the client to hide its true IP from the Internet, therefore allowing a certain degree of anonymity and increased security from Internet "attacks".