Scribd Logo
Upload

Welcome to Scribd!

  • Isaa Lab Da6

    Uploaded by

    K 9
    10 views12 pages
    The document is a report on tasks completed using nslookup and Wireshark to analyze DNS queries and responses. It includes: 1. Performing nslookups on websites and finding IP addresses 2. Clearing the DNS cache and verifying the local IP address 3. Analyzing DNS query and response packets in Wireshark including port numbers, request types, and address information returned. 4. Sending the first SYN packet to the IP address from the DNS response. 5. Additional nslookups on websites and analyzing the DNS information returned.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document is a report on tasks completed using nslookup and Wireshark to analyze DNS queries and responses. It includes: 1. Performing nslookups on websites and finding IP addresses 2. Clearing the DNS cache and verifying the local IP address 3. Analyzing DNS query and response packets in Wireshark including port numbers, request types, and address information returned. 4. Sending the first SYN packet to the IP address from the DNS response. 5. Additional nslookups on websites and analyzing the DNS information returned.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    10 views12 pages

    Isaa Lab Da6

    Uploaded by

    K 9
    The document is a report on tasks completed using nslookup and Wireshark to analyze DNS queries and responses. It includes: 1. Performing nslookups on websites and finding IP addresses 2. Clearing the DNS cache and verifying the local IP address 3. Analyzing DNS query and response packets in Wireshark including port numbers, request types, and address information returned. 4. Sending the first SYN packet to the IP address from the DNS response. 5. Additional nslookups on websites and analyzing the DNS information returned.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 12

    (DIGITAL ASSIGNMENT-6)

    WIRESHARK TASK 3 – DNS

    CSE3501 (INFORMATION SECURITY ANALYSIS AND AUDIT)

    OCTOBER 21, 2022


    RAJARSHI SAHA
    20BCT0163
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    1. nslookup
    TASKS:

    ANSWER:
    1. I performed nslookup for www.alibaba.com. Its IP address is 49.44.161.253.
    2. I performed nslookup for a European University in Cambridge, United Kingdom.
    Its IP address is 128.232.132.8
    3. The server obtained in Question2 is queried for mail servers for Yahoo mail and
    no response was found.

    OUTPUT SCREENSHOT:

    1
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    2. ifconfig and flush DNS cache


    TASKS:

    OUTPUT SCREENSHOT:

    2
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    ip.addr == 192.168.223.128

    3
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    TASKS:

    ANSWER:
    4. DNS query and response messages are sent over UDP.

    5. Destination port for the DNS message is Port 53

    4
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    6. Destination IP address of the DNS message is 192.168.223.2 No, it is not the IP


    Address of the local DNS server.

    7. It’s a type A standard query and it doesn’t contain any answer.

    8. There were 3 answers containing information about the name of the host, the
    type of address, class, the TTL, the data length and the IP address.

    5
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    TASKS:

    ANSWER:
    9. The first SYN packet was sent to 104.16.45.99 which corresponds to the first IP
    address provided in the DNS response message.

    6
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    10. No, before retrieving each image, the host doesn’t issue new DNS queries.

    TASKS: nslookup www.mit.edu

    7
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    ANSWER:
    11. The Destination port for DNS query message is 53. The source port of DNS
    response message is 53.

    12. It’s sent to 192.168.223.2 which is not the default local DNS server.

    13. The query is of type A and it doesn’t contain any answers.

    8
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    14. The response DNS message contains three answer containing the name of the
    host, the type of address, the class, and the IP address.

    15. Screenshot

    9
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    TASKS: nslookup –type=NS mit.edu

    ANSWER:
    16. It was sent to 192.168.223.2 which is not my default DNS server.
    17. It’s a type NS DNS query that doesn’t contain any answers.

    10
    RAJARSHI SAHA
    (DIGITAL ASSIGNMENT-6)

    18. There are 8 nameservers in the DNS response message.


    • ns1-173
    • asia-1
    • eur5
    • use2
    • use5
    • ns1-37
    • asia2
    • usw2
    The response message does not provide the IP addresses of the MIT nameservers.
    19. screenshot

    11

    You might also like