DESCRIPTION LAST UPDATED: 2023-12-29
DEFAULT SEVERITY LEVEL: MEDIUM
This report identifies hosts that have a SOCKS proxy version 4 or SOCKS proxy version 5 service running on port 1080/TCP and accessible from the Internet. The SOCKS protocol enables the exchange of packets between a client and server through a proxy server. These proxy servers can optionally support authentication.
Open proxy servers allowing proxying of services without authentication are often subject to abuse. Others, even with authentication, may also have security implications.
As with all remote access tools, care should be taken to make sure a SOCKS proxy service is configured in a secure manner and the security implications of making it accessible from anywhere on the Internet taken into account.
This report contains all SOCKS 4/5 instances found on a given network/constituency. Open SOCKS 4/5 (ie. ones that do not require any form of authentication in order to be used) are tagged with an -open suffix.
You can track latest SOCKS 4/5 scan results on the Shadowserver Dashboard.
Severity levels are described here.
For more information on our scanning efforts, check out our Internet scanning summary page.
Filename: scan_socks