Wireshark dns
CARLOS HENRIQUE CARDOSO JR
LAURO HOSMAN COSTA LOZICH
Analise e Desenvolvimento de Sistemas Arquitetura de Redes I
WIRESHARK: DNS
Uberlândia – MG
09/04/2013
1- Run nslookup to obtain the IP address of a Web server in Asia.
[pic]
2- Run nslookup to determine the authoritative DNS servers for a university in
Europe.[pic]
3- Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! Mail.
[pic]
4- Locate the DNS query and response messages. Are then sent over UDP or TCP?
São enviados por UDP
5- What is the destination port for the DNS query message? What is the source port of DNS response message?
[pic]
6- To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?
[pic]
7- Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
[pic]
8- Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
[pic]
9- Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?
Não, o TCP SYN: 12.22.58.30
O DNS Response: 200.225.197.34
10- This web page contains images. Before retrieving each image, does your host issue new DNS queries?
Não há novos DNS Queries!
11- What is the destination port for the DNS query message? What is the source port of DNS response message?
The destination port for the query is 53. The source port for the response is also 53
12- To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
Não, a mensagem de consulta foi enviada para 200.225.197.34, e meu DNS Local é 192.168.2.108