An in-depth exploration of the SOCKS4 protocol, its history, technical characteristics, and modern relevance.
SOCKS4 was developed by David Koblas in 1994 as part of the SOCKS project aimed at providing secure interaction through firewalls. Initially used within corporate networks for external resource access, it became a public standard in 1996.
In 1998, SOCKS4 was succeeded by SOCKS5 (RFC 1928), which introduced advanced features like UDP support and authentication mechanisms.
Includes version (0x04), command code, destination port, IPv4 address, and user ID.
Returns status code (0x5A for success) and reserved fields for backward compatibility.
Supports only TCP connections, lacks encryption, and requires client-side DNS resolution.
A modification of SOCKS4 that supports domain names instead of IP addresses, offloading DNS resolution to the proxy server.
Introduces UDP support, authentication mechanisms, and IPv6 compatibility, making it more versatile than SOCKS4.
Used to access resources blocked by network-level restrictions, such as corporate firewalls.
Masks the client's real IP address, though without traffic encryption.
Still relevant in outdated software where modern standards are not required.
Despite being superseded by SOCKS5 in 1998, SOCKS4 maintains operational relevance through:
Modern implementations often combine SOCKS4 with:
Example configuration for encrypted tunnel:
stunnel.conf: [socks4-secure] accept = 1080 connect = 127.0.0.1:1081 protocol = socks4 cert = /etc/stunnel/socks.pem
Metric | SOCKS4 | SOCKS5 | HTTPS Proxy |
---|---|---|---|
Connection setup (ms) | 12-15 | 18-22 | 25-30 |
Throughput (Gbps) | 9.2 | 8.7 | 7.1 |
Used in lightweight blockchain nodes to:
Implemented in:
Potential development vectors: