Scribd
Upload
90 views3 pages

DNS Report

This document discusses capturing DNS packets and analyzing their contents. It provides details on the source and destination ports, IP addresses, flag bits, and question/answer sections of DNS query and response messages. The document explains that DNS messages use UDP, the query message ID is echoed in the response, and the first bit of the flag field indicates if a message is a query or response.

Uploaded by

keerthu raj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
90 views3 pages

DNS Report

This document discusses capturing DNS packets and analyzing their contents. It provides details on the source and destination ports, IP addresses, flag bits, and question/answer sections of DNS query and response messages. The document explains that DNS messages use UDP, the query message ID is echoed in the response, and the first bit of the flag field indicates if a message is a query or response.

Uploaded by

keerthu raj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
You are on page 1/ 3

figure.

Capturing DNS packets

Questions and Answers:

PART-I
1 IP address of your campus: 10.1.25.250
2 Name and IP addresses of DNS servers who can provide and
authoritative answers to the your query: 192.168.43.1
3 Result and interpretation of query with trace option:

One common address to use for testing is 8.8.8.8 which is


the Google DNS servers using tracert-d
8.8.8.8 . The –d tells tracert not to convert the IP addresses it
gets into names. The first hop is your router, the second hop is
the far end of your Internet connection (your ISP). The numbers
in columns 2 3 and 4 represent how fast the connection to that
host is. Any numbers which are replaced with * are hops where
a response wasn’t received, and it’s fairly safe to say that this is
where the network fault lies.
4 IP of your mail server: 192.168.43.1
PART=II
1
Do DNS messages use the service of UDP or TCP? UDP
2 Source and destination port numbers of the query
message: Src port: 58543 Dst port: 53
3 Source and destination port numbers of the response message:
Src port :53 Dst port: 58543
4
IP address and network to which the query message is sent:
192.168.43.1

5 Query message ID number: 0x91c4 Response message ID


number? 0x91c4 Purpose of ID number: The DNS client can
match responses to requests.

6 Number of bits in flag fields in DNS message:16 bits

7 Which bit determines if the message is query or response?


First bit
0- Message is query 1- message is response

8 Which bits are only used in the response message?


Purpose of these bits:

Authoritative – service is not an authority for domain Recursion

available – server can do recursive queries

Answer authenticated – answer/authority portion was not


authenticated by the server

Reply code – server status

9 Number of question records in the query: 1 Number of answer


records in the query: 0

Number authority records in the query: 0 Number of addition


records in the query: 0

10 Interpret the information in the Question and Answer


sections of the packets:

Question contains information about the query being made


Answer section contains the resource records for the name that
was originally queried

You might also like