QUOTE(Topher @ Oct 12 2008, 11:59 PM) [snapback]65256[/snapback]
Search Ping Fu Iris on google.... 3 day free trial, let's you play nexus from anywhere.
Well, as great as that sounds, I can't figure out how that is safe, or any information about the software, or how exactly it works.
That just doesn't seem very legit.
QUOTE
CCProxy looks like a pretty good solution. What kind of security is it using though? Is it basically using a secure tunnel?
The SOCKS 5 protocol, an extension of the SOCKS 4 protocol that offers more choices of authentication, is defined in RFC 1928. The initial handshake now consists of the following:
* Client connects and sends a greeting which includes a list of authentication methods supported.
* Server chooses one (or sends a failure response if none of the offered methods are acceptable).
* Several messages may now pass between the client and the server depending on the authentication method chosen.
* Client sends a connection request similar to SOCKS 4.
* Server responds similar to SOCKS 4.
The authentication methods supported are numbered as follows:
* 0x00 - No authentication
* 0x01 - GSSAPI [6]
* 0x02 - Username/Password [7]
* 0x03-0x7F - methods assigned by IANA [8]
* 0x80-0xFE - methods reserved for private use
The initial greeting from the client is:
* field 1: SOCKS version number (must be 0x05 for this version)
* field 2: number of authentication methods supported, 1 byte
* field 3: authentication methods, variable length, 1 byte per method supported
The server's choice is communicated:
* field 1: SOCKS version, 1 byte (0x05 for this version)
* field 2: chosen authentication method, 1 byte, or 0xFF if no acceptable methods were offered
The subsequent authentication is method-dependent and described in RFC 1929:
The client's authentication request is:
* field 1: version number, 1 byte (must be 0x01)
* field 2: username length, 1 byte
* field 3: username
* field 4: password length, 1 byte
* field 5: password
Server response for authentication:
* field 1: version, 1 byte
* field 2: status code, 1 byte.
o 0x00 = success
o any other value = failure, connection must be closed
The client's connection request is:
* field 1: SOCKS version number, 1 byte (must be 0x05 for this version)
* field 2: command code, 1 byte:
o 0x01 = establish a TCP/IP stream connection
o 0x02 = establish a TCP/IP port binding
o 0x03 = associate a UDP port
* field 3: reserved, must be 0x00
* field 4: address type, 1 byte:
o 0x01 = IPv4 address
o 0x03 = Domain name
o 0x04 = IPv6 address
* field 5: destination address of
o 4 bytes for IPv4 address
o 1 byte of name length followed by the name for Domain name
o 16 bytes for IPv6 address
* field 6: port number in a network byte order, 2 bytes
Server response:
* field 1: SOCKS protocol version, 1 byte (0x05 for this version)
* field 2: status, 1 byte:
o 0x00 = request granted
o 0x01 = general failure
o 0x02 = connection not allowed by ruleset
o 0x03 = network unreachable
o 0x04 = host unreachable
o 0x05 = connection refused by destination host
o 0x06 = TTL expired
o 0x07 = command not supported / protocol error
o 0x08 = address type not supported
* field 3: reserved, must be 0x00
* field 4: address type, 1 byte:
o 0x01 = IPv4 address
o 0x03 = Domain name
o 0x04 = IPv6 address
* field 5: destination address of
o 4 bytes for IPv4 address
o 1 byte of name length followed by the name for Domain name
o 16 bytes for IPv6 address
* field 6: network byte order port number, 2 bytes
-Brant