Blog | G5 Cyber Security

Burp Suite: Protecting Your IP Address

G5 Cyber Security

TL;DR

Burp Suite hides your real IP address from websites by routing your traffic through its proxy server. This makes it harder for sites to track you directly and can help protect against certain attacks. However, it’s not foolproof – things like WebSockets or misconfigured browsers can leak your IP.

How Burp Suite Protects Your IP

  1. The Proxy Server: When you browse with Burp Suite enabled, all your web requests go to the Burp proxy server first.
  2. IP Masking: The Burp server then makes the request *to* the website on your behalf. The website sees Burp’s IP address, not yours.
  3. Response Handling: When the website responds, Burp receives it and forwards it back to you.

Setting Up Burp Suite as a Proxy

  1. Install and Launch: Download and install Burp Suite Community Edition (free) or Professional from PortSwigger (https://portswigger.net). Then, launch the application.
  2. Configure Browser Proxy Settings: You need to tell your web browser to use Burp as its proxy.
    • Firefox: Go to Settings > General > Network Settings > Settings… Select ‘Manual proxy configuration’. Enter 127.0.0.1 for HTTP Proxy and Port 8080. Check ‘Use this proxy server for all protocols’.
    • Chrome/Edge: You’ll likely need an extension like “Proxy SwitchyOmega” to manage proxy settings easily. Configure it to use 127.0.0.1 and port 8080.
  3. Install Burp’s CA Certificate: This is crucial for intercepting HTTPS traffic.
    • In Burp Suite, go to the ‘Proxy’ tab and then ‘Options’.
    • Under ‘Proxy Listeners’, find your listener (usually on 127.0.0.1:8080). Click ‘Import/Export CA certificate’.
    • Save the certificate (.der file) to a location you remember.
    • Firefox: Go to Settings > Privacy & Security > Certificates > View Certificates… Click ‘Import…’ and select the saved .der file. Trust it for identifying websites.
    • Chrome/Edge: In your operating system’s certificate manager (search for “Manage certificates” in Windows or macOS Keychain Access), import the certificate and trust it.

Verifying Burp Suite is Working

  1. Browse a Website: Open your browser and visit any website (e.g., google.com).
  2. Check the Proxy History: In Burp Suite, go to the ‘Proxy’ tab and then ‘HTTP history’. You should see all the requests you’ve made listed there. This confirms traffic is going through Burp.

Potential IP Leaks

  1. WebSockets: WebSockets are a different protocol than HTTP/HTTPS, and may bypass the proxy if not configured correctly. Burp Suite Professional has better WebSocket support.
  2. Direct Connections (e.g., via JavaScript): Some websites use JavaScript to make direct connections that ignore the proxy settings.
  3. Browser Extensions: Certain browser extensions might also bypass the proxy.
  4. Misconfigured Browser: Double-check your browser’s proxy settings are correct and haven’t been accidentally changed.

Advanced Considerations

  1. Burp Suite Professional: Offers more advanced features for handling WebSockets, DNS requests, and other potential leak vectors.
  2. Upstream Proxy Servers: If you’re already using a VPN or another proxy server, Burp Suite will route traffic through *that* first, then its own proxy.
Exit mobile version