search

CoffeeITWorks / ansible_burp2_server

Ansible role to deploy burp2 server
MIT License
10 stars 9 forks source link

Why burp client is named "monitor"? #72

Closed marcin-github closed 3 years ago

marcin-github commented 4 years ago

Hi! I'd like to ask why client is named "monitor" instead hostname of server where burp server is installed? I can't modify settings of client monitor, I can't add includes etc. Maybe I have wrong assumption and server with burp server should be backuped in different way? But it looks that ansible_burp2_client shouldn't be installed on the same host with ansible_burp2_server because it overwrite some files (like burp.conf) in /etc/burp/.

pablodav commented 4 years ago

Hello!

I didn't have time to reply properly but here is short answer :

Monitor is normally used as super client and in many cases by burp-ui agent to be able to see and operate over every client (using burp server config directives)

To backup your burp server makes sense yo use some external service or another burp server and export data outside your burp server, could be to external disk, tape remote storage, cloud, whatever.

More details will be added if needed.

El mar., 9 de junio de 2020 12:41 p. m., Marcin notifications@github.com escribió:

Hi! I'd like to ask why client is named "monitor" instead hostname of server where burp server is installed? I can't modify settings of client monitor, I can't add includes etc. Maybe I have wrong assumption and server with burp server should be backuped in different way? But it looks that ansible_burp2_client shouldn't be installed on the same host with ansible_burp2_server because it overwrite some files (like burp.conf) in /etc/burp/.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/CoffeeITWorks/ansible_burp2_server/issues/72, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCA7H6MR2MKJKETWL2Q7YTRVZJY3ANCNFSM4NZQ5G4Q .

marcin-github commented 4 years ago

Hi, thank you for anwser.

To backup your burp server makes sense yo use some external service or another burp server and export data outside your burp server, could be to external disk, tape remote storage, cloud, whatever.

Even if I want to do backup to external burp-server there is file collision with client configuration /etc/burp/burp.conf Also I think that backup on the same host has advantages, it's easy to go back and recover deleted/modified files on burp-server host.

pablodav commented 4 years ago

ok, you can manually setup another client or try to burp2_client role, first try in a test server as I have not tested it really but should work:

https://github.com/CoffeeITWorks/ansible_burp2_client/blob/master/defaults/main.yml#L5

Add these vars to your host_vars or group_vars or playbook:

I need to review one option later as I'm now editing with my phone

burp_client_etc: "/etc/burp-client"
# This with correct server name and IP, password, etc:
burp_client_server: "192.168.0.1"
burp_client_ssl_peer_cn: "burpserver"
burp_client_password: "password"

Also check others options you have in burp2_client setup.

So basically, you will setup a client in a different /etc directory than the burp server.

pablodav commented 3 years ago

In these steps I have separated the client and the monitor here: https://github.com/CoffeeITWorks/ansible_burp2_server/blob/master/tasks/10_local_client.yml#L21

So you will have to use burp -c /etc/burp/monitor.conf -a S