Monday, September 03, 2007

SOCKS Fucking

The updates went well. There were no issues at all. I got out of bed at around 6:15AM and no one was on either server, so I nailed it.

I spent most of the rest of the morning on my current project, fucking around with anonymous SOCKS proxy servers. Several weeks ago I ran across sockcheck.c and started hacking away at it.

Proxies have been the bane of my existence for the last ten years. It started when the company I used to consult for sent me to a class on Microsoft Proxy Server 1.0. After that, proxy servers became my problem.

1.0 was a piece of crap that was soon replaced by Proxy 2.0. Proxy 2.0 was yet another a piece of dookie until Microsoft rewrote the whole damned turd pile and decided to call it Microsoft Internet Security and Acceleration Server 2000 (or ISA Server 2000, as we poor IT folk know it).

Of course that was a piece of shit as well and was replaced four years later by ISA Server 2004.

And continuing their anal expulsive tradition last year Microsoft shat out ISA Server 2006. At the moment the next version is just now beginning to poke its little turtle head out of Microsoft's ass and will be delivered, complete with a new name (which escapes me at the moment) sometime in '08.

While Microsoft was exercising its bowels over the years I spread out, transferring my mad proxy skillz to SQUID, Dante, and mod_proxy for Apache.

Except for Dante, all these products are variations on the original CERN http proxy. That is, they are basically Web servers that take http and ftp requests for other Web servers. Those requests are stored (cached) to disk and wait to be fetched by the next user, who hopefully experiences a faster retrieval time since the request is served locally.

Dante is a SOCKS server. SOCKS servers don't typically cache Web requests and can proxy much, much more than http and ftp. The catch is the client program must know how to deal with a SOCKS proxy server. This must be built in to the software itself or additional software needs to be used in order to socksify the client program.

Unfortunately, 99% of Web traffic (that isn't SPAM) is http. As a result SOCKS servers tended to fall out of style outside of their traditional Unix environments.

But they persisted for years. In fact in the '90s anonymous SOCKS proxies were a bit of a problem, since they were used to distribute SPAM. This problem was so bad most major ISPs went on a search & destroy mission to eradicate them. And they did a fairly good job.

They still exist, but most won't proxy SMTP mail anymore. No matter, the SPAMmers have gone on to bigger and better things.

If you like anonymity and you don't like having your IP address known, SOCKS proxies are the way to go. Problem is, they are hard to find. Once found, they need to be tested.

And that's what got me interested in sockcheck.c.

I have been collecting SOCKS IP addresses and I've learned some interesting things I will be sharing with you about the state of anonymous SOCKS proxies in the 21st century.

No comments:

Post a Comment