ProfessionalCommunity Edition
Connections settings
-
Last updated: October 29, 2024
-
Read time: 4 Minutes
The Connections settings enable you to define how Burp handles network traffic. You can configure:
- Platform authentication.
- Timeouts.
- Upstream proxy servers.
- Hostname resolution overrides.
- SOCKS proxy.
Platform authentication
These settings enable Burp to carry out automatic platform authentication to destination web servers. You can configure authentication types and credentials for individual hosts, and disable platform authentication on a per-host basis.
To add platform authentication credentials, select Do platform authentication and select Add to display the Add platform authentication credentials dialog. From here, you can add the following information:
- Destination host.
- Authentication type - This can be either Basic, NTLMv1, or NTLMv2.
- Username.
- Password.
- Domain.
- Domain hostname.
You can also Edit and Remove credentials from the list if required.
If you select Prompt for credentials on platform authentication failure, then Burp displays an interactive popup whenever it encounters an authentication failure.
The Platform authentication settings can apply at both user and project level. If you select Override options for this project only, the selected settings only apply to the current project.
Timeouts
You can specify the timeout thresholds that Burp uses when performing various network tasks:
- Connect - Used when connecting to a server. This setting determines how long Burp waits for a response after opening a socket, before deciding that the server is unreachable.
- Normal - Used for most network communications. This setting determines how long Burp waits before abandoning a request and recording a timeout.
- Open-ended responses - Used where a response that does not contain a Content-Length or Transfer-Encoding HTTP header is being processed. Burp waits for the specified interval before determining that the transmission is complete.
- Domain name resolution - This setting determines how often Burp re-performs successful domain name look-ups. This should be set to a low value if target host addresses change frequently.
- Failed domain name resolution - This setting determines how often Burp reattempts unsuccessful domain name look-ups.
Values are in seconds. If you set any of these settings to zero or leave them blank, Burp will never time out when performing that function.
The Timeouts settings are project settings. They apply to the current project only.
Upstream proxy servers
These settings control whether Burp sends outgoing requests to an upstream proxy server, rather than sending them directly to the destination web server.
You can define rules that specify different proxy settings for different destination hosts. Burp uses the first rule in the table that matches the destination web server. If it cannot find an applicable upstream proxy rule, Burp uses a direct, non-proxied connection.
To add a new rule, click Add to display the Add upstream proxy rule dialog. You can specify the following information:
- Destination host - The destination host address. You can use wildcards:
*
matches zero or more characters, and?
matches any character except a dot. - Proxy host - The address of the proxy host. If this is left blank, Burp connects directly.
- Proxy port.
- Authentication type - This can be either Basic, NTLMv1, or NTLMv2.
- Username.
- Password.
- Domain - This is only used for NTLM authentication.
- Domain hostname - This is only used for NTLM authentication.
To send all traffic to a single proxy server, create a rule with *
as the destination host. To create an exception to this rule, create a destination host and leave the proxy host field empty.
You can also Edit individual rules, move them Up and Down the list, or Remove them altogether using the buttons to the side of the list.
The Upstream proxy servers settings can apply at both user and project level. If you select Override options for this project only, the selected settings only apply to the current project.
Hostname resolution overrides
These settings enable you to override your computer's DNS resolution by mapping hostnames to IP addresses. This can help you to make sure that requests are forwarded correctly when the Hosts file has been modified to invisibly proxy traffic from non-proxy-aware thick client components.
Each mapping comprises:
- A hostname.
- The IP address that should be associated with that hostname.
You can enable or disable rules individually using the checkbox on the list, and Edit or Remove rules using the buttons to the side.
The Hostname resolution overrides settings are project settings. They apply to the current project only.
SOCKS proxy
You can configure Burp to use a SOCKS proxy for all outgoing communications. This setting is applied at the TCP level, and all outbound requests are sent by the configured proxy.
To configure a SOCKs proxy, select Use SOCKS proxy and enter the following information into the field below:
- SOCKS proxy host.
- SOCKS proxy port.
- Username.
- Password.
If you configure rules for upstream HTTP proxy servers, any requests to upstream proxies are sent via the configured SOCKS proxy.
If you select Do DNS lookups over SOCKS proxy, all domain names are resolved by the proxy. Burp does not perform any local lookups if you select this setting.
The SOCKS proxy settings can apply at both user and project level. If you select Override options for this project only then the settings only apply to the current project.