Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Building a Robust Linux Security Solution: Page 6 of 15

The NEC SOCKS 5 implementation (
) includes a freely available and fully functional Linux version of the SOCKS proxy server, as well as the libraries needed to “SOCKSify” both Linux and Windows end-user applications. In addition to user authentication, SOCKS 5 lets security administrators compile detailed logs on user Internet access and includes a set of administration tools to manipulate and summarize these logs.

As network managers gear up for the upcoming conversion to IPv6 (albeit a long conversion), the NEC SOCKS 5 package is emerging as an invaluable transition tool due to its ability to speak IPv4 to the private network side while using IPv6 packets to communicate with the Internet. This translator feature is available as a free patch to the standard Linux SOCKS 5 server.

If you want to implement a SOCKS 5-based security solution for resale, NEC offers a commercial software toolkit called the SOCKS 5 Border Control Framework that enables security product implementers to develop turnkey hardware/software SOCKS 5 packages. For more information on this offering, go to

An alternative to SOCKS can be found in the Trusted Information Systems (TIS) Firewall Toolkit, the precursor to the commercial TIS Gauntlet firewall, now made available by Network Associates. The Firewall Toolkit (FWTK) includes a set of utilities (and full source code) that lets the security administrator set up proxies for any number of well-known TCP services (Telnet, SMTP, POP3, HTTP, and so on). Unlike the SOCKS proxy server, FWTK proxies can be set up on arbitrary ports, instead of the single TCP port number (1080) used to proxy connections through SOCKS. Client applications must be reconfigured to use the FWTK proxy port instead of the original service’s port number.

While SOCKS 5 offers a more comprehensive application proxy solution, the TIS toolkit is a useful alternative in cases where only a single service needs to be proxied. It is also a good alternative when the service is not one of the standard TCP ports (the toolkit includes a general-purpose
proxy that is designed for such applications). The TIS Firewall Toolkit can be obtained from