Scribd
Upload
11 views12 pages

Lab 03

This document discusses a Wireshark lab analyzing DNS queries and responses for various servers and domains. It contains 23 questions asking the student to run nslookup commands, examine DNS query and response packets in Wireshark, identify fields like query type, number of answers, destination/source ports, and IP addresses involved. The student provides short answers identifying details about each DNS transaction analyzed.

Uploaded by

Eduardo Monzani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
11 views12 pages

Lab 03

This document discusses a Wireshark lab analyzing DNS queries and responses for various servers and domains. It contains 23 questions asking the student to run nslookup commands, examine DNS query and response packets in Wireshark, identify fields like query type, number of answers, destination/source ports, and IP addresses involved. The student provides short answers identifying details about each DNS transaction analyzed.

Uploaded by

Eduardo Monzani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 12

GSI023 – Redes de Computadores

WireShark Lab 03 – HTTP v7.0

João Pedro Cruz Espíndola - 12111BSI245 – [email protected]

Arthur Ferreira da Silva – 12111BSI259 – [email protected]

Leonardo Saponi de Souza - 11921bsi202 - [email protected]

1. Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of
that server?

2. Run nslookup to determine the authoritative DNS servers for a university in Europe.

3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail
servers for Yahoo! mail. What is its IP address?

O endereço IP é 2804:1bc:114::2006.
4. Locate the DNS query and response messages. Are then sent over UDP or TCP?

É enviada por UDP.

5. What is the destination port for the DNS query message? What is the source port of DNS
response message?

Destination Port: 53854 e Port: 53.


6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP
address of your local DNS server. Are these two IP addresses the same?

Para o IP 192.168.100.6, sim, é o mesmo endereço IP.

7. Examine the DNS query message. What “Type” of DNS query is it? Does the query
message contain any “answers”?

O DNS é do tipo AAAA. Não contém respostas, apenas perguntas.

8. Examine the DNS response message. How many “answers” are provided? What do each of
these answers contain?

Provê 2 respostas, são 2 endereços.


9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP
address of the SYN packet correspond to any of the IP addresses provided in the DNS
response message?

http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zipand

10. This web page contains images. Before retrieving each image, does your host issue new
DNS queries?

http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zipand

11. What is the destination port for the DNS query message? What is the source port of DNS
response message?

destination port: 53 e source port: 40110.

12. To what IP address is the DNS query message sent? Is this the IP address of your default
local DNS server?

o endereço de ip na mensagem de requisão DNS é 192.168.3.1.


13. Examine the DNS query message. What “Type” of DNS query is it? Does the query
message contain any “answers”?

Type A, tem 3 respostas.

14. Examine the DNS response message. How many “answers” are provided? What do each
of these answers contain?

São oferecidas 3 respostas.

16. To what IP address is the DNS query message sent? Is this the IP address of your default
local DNS server?
A mensagem foi enviada para 192.168.43.1, meu servidor de dns padrão.

17. Examine the DNS query message. What “Type” of DNS query is it? Does the query
message contain any “answers”?

É uma consulta DNS do tipo NS que não contém respostas.


18. Examine the DNS response message. What MIT nameservers does the response message
provide? Does this response message also provide the IP addresses of the MIT namesers?

Como mostrado no print abaixo, no Additional record das Awnsers encontramos os nomes:

ns1-173, asia1,use5,asia2,ns1-37,usw2,eur5,use2

19. Provide a screenshot.


20. To what IP address is the DNS query message sent? Is this the IP address of your default
local DNS server? If not, what does the IP address correspond to?

A mensagem foi enviada ao dns 18.0.72.3, o qual não é meu servidor DNS padrão e
corresponde a bitsy.mit.edu.
21. Examine the DNS query message. What “Type” of DNS query is it? Does the query
message contain any “answers”?

É uma consulta padrão do tipo A que não contém nenhuma resposta.

22. Examine the DNS response message. How many “answers” are provided? What does
each of these answers contain?

O servidor retornou timeout após 5 tentativas


23. Provide a screenshot.

You might also like