1

In what circumstances a SOCKS proxy is vulnerable and a VPN is not?

Babr
  • 277
  • 2
  • 6
  • Are you talking about a local SOCKS proxy which then opens an encrypted tunnel to a remote server (that's how Tor works), or a remote SOCKS proxy? – CodesInChaos May 28 '17 at 08:48
  • A good middle-ground between SOCKS and VPN would be a HTTPS proxy. I have Squid set up with the https_port directive, which Firefox connects to using a PAC URI like this. It creates a secure tunnel between your browser and the proxy server without a VPN; encryption is applied even for non-HTTPS requests. – Cauterite May 28 '17 at 09:35
  • @CodesInChaos I mean creating a SOCKS5 tunnel from terminal to remote server (i.e my VPS). – Babr May 29 '17 at 21:26

1 Answers1

0

SOCKS doesn't add any additional encryption by default. If your traffic is already encrypted then it will stay that way. While a VPN can encrypt everything leaving your machine, such as DNS.

SOCKS also does not protect against traffic analysis

I know you didn't ask benefits, but to help balance my argument for others, SOCKS can be a lot faster because of the lack of additional overhead encrypting.

ISMSDEV
  • 3,270
  • 13
  • 22
  • Few people have fast enough network for the encryption overhead to matter. A typical desktop CPU can AES-GCM encrypt a 10 Gbit connection without breaking a sweat. – CodesInChaos May 28 '17 at 08:50