SOCKS Proxy Problems
The SOCKS Proxy service is used to allow non-Windows clients
access to the Internet via the Proxy Server. If you are running a Windows only
environment, it would be best to completely ignore the SOCKS Proxy service.
Better yet, disable the SOCKS Proxy. You can stop the SOCKS Proxy service via the
Internet Services Manager interface, but when you restart the machine, it will
just “grow back”.
A better solution for eradicating the SOCKS Proxy service is
to whack it via the Registry. The key is:
HKLMSystemCurrentControlSetServicesW3ProxyParametersSocks
Change the value for SocksServiceEnabled to 0, and say goodbye
to SOCKS.
If you must run the SOCKS Proxy Service, keep in mind that the
default rule is to deny all connection requests. Access controls for the SOCKS
Proxy are not integrated with the SAM or Active Directory as they are with the
Web and WinSock Proxies. To control access, you identify source and destination
port and IP addresses, as seen in the shot of the SOCKS configuration interface
below.
It is best policy to deny all requests, and then create
specific rules for those ports that you want accessible to the SOCKS Proxy
clients. When configuring the rule, you must set the action (deny or permit),
the source and destination IP addresses or network IDs, and the port number for
the destination machine. To see the rules interface click HERE.
Next Week…
Check out Basic To Basics next week, when we’ll go over the
issue of using PING behind a Proxy Server and also how to configure your Proxy
Server on a DMZ subnet.