Thursday, September 20, 2018

SOCKS proxies - how they are different from Terminal Servers?

I guess it's a strange question, but I can't understand this - how SOCKS proxies do work.

OK, as a networking guys, we have got few of areas in our network which we access with using Terminal Server or SSH TS (because there's no routing or for security reasons or it's a small branch):

- Terminal Server usually has got one interface with global IP address and another interface(s) which resides on the remote network. It's a Windows machine, you just RDP on it, start putty and perform some actions in the remote network

- SSH TS - the same thing, but it's a LINUX/BSD box which you ssh onto and then ssh to devices from it. Sometimes, in case of small branch office, we just ssh onto Internet-facing router (which NATs all the inside users) and ssh to the switches inside directly from the 'border' router

This cases are understandable for me.

But looks like SOCKS proxies work not in the same manner. I just can't get the idea. Our partners use it for remote connection, remote administration and often I receive requests to add some ACL entries on the firewall(s) to allow these connections. Usually it looks like:

allow access from Internet to Proxy on Internet-facing Firewalls

and

allow access from Proxy to server pools on internal Firewalls

And I'm just trying to understand how it's different from TS/SSH TS which I described earlier?

Can't find any article or youtube video clearly explaining the concept of SOCKS proxies. No idea how it all works and sometimes this misunderstanding raises issues and conflicts.

Thanks a lot for your help.

PS: our partners also use some app called ProxyCap - to create some proxy rules, etc. May be someone of you can explain this also.



No comments:

Post a Comment