Synopsys Completes Acquisition of WhiteHat Security Learn More

close search bar

Sorry, not available in this language yet

close language selection
SOCKS Server Test Suite Data Sheet
Test Suite:
SOCKS Server Test Suite
Direction:
Server

SOCKS is a general-purpose proxy protocol for relaying messages between application client and application server via SOCKS proxy server. The SOCKS protocol is used between SOCKS client and SOCKS proxy server. SOCKS V4 supports only TCP CONNECT and TCP BIND commands, while in SOCKS V5 also UDP relaying is supported. Additionally, SOCKS V5 supports IPv6 addressing scheme and different authentication methods. This test suite can be used for testing security flaws and robustness of SOCKS proxy server implementations. The suite acts as a SOCKS client, and if wanted, it can act also as an application server, in which case an external application server is not needed. The test suite supports username-password authentication defined in RFC1929 and GSS-API authentication method defined in RFC1961. GSS-API authentication uses Kerberos v5 method.

Used specifications

Specification
Title
SOCKS 4

SOCKS: A protocol for TCP proxy across firewalls

SOCKS 4a

SOCKS 4A: A Simple Extension to SOCKS 4 Protocol

RFC1928

SOCKS Protocol Version 5

RFC1929

Username/Password Authentication for SOCKS V5

RFC1961

GSS-API Authentication Method for SOCKS Version 5

Tool-specific information

Tested messages
Specifications
Notes
SOCKS 4 Command Request
SOCKS 4
CONNECT and BIND
SOCKS 4A Command Request
SOCKS 4A
CONNECT and BIND
SOCKS 5 Authentication Method Request
RFC1928
SOCKS 5 Command Request
RFC1928
CONNECT, BIND and UDP ASSOCIATE
SOCKS 5 UDP Request
RFC1928
Username-Password Request
RFC1929
Security Context Request
RFC1961
Message Protection Subneg Request
RFC1961
Wrapped Command Request
RFC1961

Supported protocol features
Specifications
Notes
SOCKS 4 Connect
SOCKS 4
SOCKS 4 Bind
SOCKS 4
SOCKS 4A Domain name addressing scheme
SOCKS 4A
SOCKS 5 IPv4 addressing scheme
RFC1928
SOCKS 5 Domain name addressing scheme
RFC1928
SOCKS 5 IPv6 addressing scheme
RFC1928
SOCKS 5 Username-Password authentication
RFC1929
SOCKS 5 GSS-API Authentication
RFC1961
Also NEC reference implementation supported. Kerberos 5 Utilized. Tested with AES128-CTS encryption.
Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis