Once you have downloaded the trace you can load it into Wireshark and view the

Once you have downloaded the trace you can load it

This preview shows page 5 - 7 out of 7 pages.

computers, while performing the steps indicated in the Wireshark lab. Once you have downloaded the trace, you can load it into Wireshark and view the trace using the Filepull down menu, choosing Open, and then selecting the dns-ethereal-trace-1 trace file.
Image of page 5
Now let’s play with nslookup 2 . Start packet capture. Do an nslookup on Stop packet capture. You should get a trace that looks something like the following: We see from the above screenshot that nslookup actually sent three DNS queries and received three DNS responses. For the purpose of this assignment, in answering the following questions, ignore the first two sets of queries/responses, as they are specific to nslookup and are not normally generated by standard Internet applications. You should instead focus on the last query and response messages. 2 If you are unable to run Wireshark and capture a trace file, use the trace file dns-ethereal-trace-2 in the zip file
Image of page 6
11.What is the destination port for the DNS query message? What is the source port of DNS response message? 12.To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? 13.Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? 14.Examine the DNS response message. How many “answers” are provided? What do each of these answers contain? 15.Provide a screenshot. Now repeat the previous experiment, but instead issue the command: nslookup –type=NS mit.edu Answer the following questions3: 16.To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? 17.Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? 18.Examine the DNS response message. What MIT nameservers does the response message provide? Does this response message also provide the IP addresses of the MIT namesers? 19.Provide a screenshot. Now repeat the previous experiment, but instead issue the command: nslookup bitsy.mit.edu Answer the following questions4: 20.To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to? 21.Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? 22.Examine the DNS response message. How many “answers” are provided? What does each of these answers contain? 23. Provide a screenshot. 3 If you are unable to run Wireshark and capture a trace file, use the trace file dns-ethereal-trace-3 in the zip file 4 If you are unable to run Wireshark and capture a trace file, use the trace file dns-ethereal-trace-4 in the zip file
Image of page 7

You've reached the end of your free preview.

Want to read all 7 pages?

  • Fall '06
  • Zahid
  • IP address, Domain Name System, Nslookup, local DNS server

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture