Firewall Wizards mailing list archives
Question re using socks for outside-to-inside connections
From: "Moore, James" <James.Moore () MSFC NASA GOV>
Date: Thu, 15 Jul 1999 13:46:27 -0500
Some folks in our organization have proposed using the socks server on our firewall to handle connections from an external webserver to various hosts behind the firewall. I'm not used to seeing socks used this way, and hoped I could get some informed opinions on the security implications. Here's the deal: Remote users obtain services by connecting to an external (outside our firewall) webserver. Software applications on the webserver then make connections to the required hosts behind the firewall. In the past, this has been handled by setting up "ip forwarders" on the firewall... I believe these are proxies that restrict source ip, destination ip, port and protocol. The socks daemon that runs on the firewall has traditionally been used to make inside-to-outside connections. Recently it has been proposed that we use the socks server on the firewall to facilitate outside-to-inside connections. As with the ip forwarder/proxies, the socks server would be configured to accept outside connections only from the webserver using specified protocols to designated inside hosts on specified ports. The rationale is that using socks presents no added risk (above the ip forwarder approach), and it's quicker and easier to set up. I'm not aware of any inherent weaknesses in socks, but I've never heard much about its strengths, either. Any informed opinions on the security of the proposed approach would be greatly appreciated. Best Regards, Jim Moore
Current thread:
- Question re using socks for outside-to-inside connections Moore, James (Jul 15)