Plain and Simple – SOCKS5 Protocol Explained

5 min

SOCKS5, despite sounding like the name of a piece of clothing we wear on our feet, is actually an Internet protocol. You might have heard of it in the VPN context because some of their properties are indeed similar. Here we’ll explain it in more detail, without flooding you with technical jargon.

What is SOCKS5?

Let’s talk about the definition first. SOCKS5 stands for Socket Secure version 5. It’s a networking protocol designed to provide connectivity between a client and a server, with an intermediate proxy between them. It was developed in the early 1990s as a closed project and released to the public in 1992 when the owning company got sold. That’s why the earliest versions weren’t ever widely available. The current standard No. 5 was approved in 1996. Yes, it’s that old and still in use. Actually, many IT solutions that are even older still exist, and many older standards simply prevail, barely modified over the years. Sometimes changing things just doesn’t pay off.

SOCKS5 as a firewall

The primary function of SOCKS5 was to administer a firewall. Let’s see how such a blockade works. In a typical situation, it begins with a client making a request to access the server. The SOCKS5 proxy on the way demands authentication of the requesting party. There are several methods supported, including username/password or specialized authentication protocols and programming interfaces. If the client successfully proves its identity, it is granted access to the server. The proxy remains in place, but now it passes all the communication freely.

SOCKS5 works in the 5th layer of the OSI/ISO network model, called the session layer. Too much jargon? The point is that SOCKS5 operates ‘below’ application protocols. This makes it a multipurpose solution. It can handle any kind of TCP and UDP traffic, which covers about all of your online transfers. There are other types of proxies, like an HTTP proxy. It operates in the highest, 7th layer of the OSI/ISO stack, the application layer. It’s capable of forwarding HTTP requests only. What does it mean in practice? SOCKS5 can proxy data carried by many Internet protocols: HTTP, IMAP, POP3, FTP, SMTP, and others. So, it covers emailing, file sharing, online games, etc., not only WWW browsing. This makes it similar to a VPN. Indeed, there are VPNs SOCKS5 helps to run.

Administrators set up proxies for specific purposes. Some examples are measuring data usage to calculate payments, filtering content for child protection, and gathering maintenance logs. Many proxies are nicknamed “invisible” because the end user isn’t supposed to know about their existence. A SOCKS5 proxy working on the session level can’t directly access the transferred information, so it’s not fit for detailed filtering. Sounds like a serious drawback, but it just means that such firewalls operate differently. The blockade is maintained thanks to user authentication. That’s why such solutions are called circuit-level gateways. Quite a logical choice of words: a gate in a wall is constructed out of SOCKS.

SOCKS5 proxy for anonymity

Another purpose of proxies is to change your apparent IP address to bypass regional locking. Such systems are online services. The providers own servers around the world to offer many locations to choose from. This is what makes proxies similar to VPNs. But there is one crucial difference you mustn’t overlook.

Every VPN necessarily applies end-to-end connection encryption. This is what constitutes the virtual tunnel, which is the essence of VPN architecture. Thanks to this feature, nobody can snoop on the data transfer all the way from a VPN-enabled device (like your laptop) to the remote server. Thus, you get hidden from nearby hackers, unsafe Wi-Fi, and your ISP. Sadly, none of this applies to any proxy by its nature. To put it simply: VPN offers all of what a proxy does and more. It comes with the price of a little slower connection, as the encryption algorithm must take some time. Moreover, a reliable VPN is a paid service, whereas it’s not so hard to find a free SOCKS5 proxy. This is quite reasonable, as maintaining hundreds (sometimes thousands) of VPN servers spread around the world is costly. Choose proxies over VPNs only if you don’t wish to upgrade your security.

How to use SOCKS5?

Setting up and configuring the SOCKS5 proxy server so that it can serve a given network according to requirements isn’t a job for an ordinary Internet user. That’s for the network administrators. If you’re not one of them, you can only specify a proxy server in your network settings. This will link your device to it. That is if the admin has given you its IP address and port number. How exactly that is done depends on your operating system. Search in Local Area Network (LAN) settings.

As mentioned, many proxies operate in an invisible way. Users don’t use SOCKS5 proxies directly. They are one of the many network technologies that work beyond common knowledge and interest. It’s a delivery chain. After all, you don’t need to know how your favorite cookies end up waiting for you at a store, you just trust someone makes them and puts them in place. And the Internet has a massively complex delivery and maintenance system. Many smart people work hard to facilitate Web access for all of us. SOCKS5 is their tool.


While remembering the vital difference between VPN and proxy, there is an interesting point to make. Every VPN operates on one of the tunneling protocols. Examples of those are L2TP/IPSec, IKEv2/IPSec, OpenVPN, and WireGuard. But with SOCKS5, it’s also possible to construct a tunnel architecture. There are even tricks to quickly establish a provisional SOCKS5 proxy on the computer you’re using and use it together with a secure connection to a remote server. SSH (Secure Shell) protocol provides protection, while SOCKS5 provides tunneling. It’s a replacement for a real VPN. A little makeshift, but functional solution.

This example might sound odd: proxy is not remote, but local, and two protocols are running instead of one. But the reality is that dozens of protocols are running all the time inside any ordinary PC. Moreover, IT developers rarely design a new system from scratch. They prefer taking ready, reliable solutions and combining them into something new. That’s how SOCKS-based VPNs came to be.

A full SOCKS5 VPN system

Several VPN services happen to run on more than one protocol. Did you notice? IPSec has been joined with L2TP or IKEv2 to create functional VPNs. The former manages encryption, the latter redirects the transfer. It is also possible to run a VPN based on SOCKS5. That is precisely what Tuxler VPN does. How does it work?

You already know that SOCKS5 redirects data to a specific remote server. It also changes the IP on the way. The OpenSSL library is responsible for the encryption part. It’s an extensive, open-source collection of programming tools for securing online communication. Its versatility and efficiency has paved the way for it being the foundation of millions of websites. With Tuxler VPN, the military-grade 256-bit ciphering algorithm is employed to guarantee your online safety.

SOCKS5 is generally more lightweight than many typical VPN tunneling protocols. This facilitates a feature Tuxler has to offer: residential VPN. In this system, users share IPs in a common pool instead of connecting to servers in data centers. So, everyone has small residential SOCKS5 proxies. They’re easily established on any device. Tuxler’s app handles it after you click a switch on the user interface. At the same time, you join the IP pool. You use somebody’s IP from an approximate location and in turn, become a mini-server for someone else.

Now you have an idea about proxies and their similarities to VPNs. SOCKS5 is an old, but very useful technology. It allows constructing proxy services, helps in administrating networks, and even constitutes some VPN services. You can make an informed choice of a solution for your needs!

BackNext article