Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.
A SOCKS server accepts incoming client connection on TCP port 1080, as defined in RFC 1928.
It was approved by the IETF in 1996 as RFC 1928 (authored by: M. Leech, M. Ganis, Y. Lee, R. Kuris, D. Koblas, and L. Jones).
[5] SOCKS is sometimes defined as an acronym for "socket secure" from at least 2001,[6][7][8][9][10] although it was not originally defined as such in the SOCKS Protocol Version 5 RFC in 1996[11] or the UNIX Security Symposium III paper in 1992[2] but simply referred to a specific proxy protocol designed to facilitate communication between clients and servers through a firewall.
If it represents address 0.0.0.x with nonzero x, the server must read in the domain name that the client sends in the packet.
It is an incompatible extension of the SOCKS4 protocol; it offers more choices for authentication and adds support for IPv6 and UDP, the latter of which can be used for DNS lookups.
Due to lack of request and packets exchange encryption it makes SOCKS practically vulnerable to man-in-the-middle attacks and IP addresses eavesdropping which in consequence clears a way to censorship by governments.