top-rated free essay

Wireshark Tcp Lab

By bolkata May 15, 2012 705 Words
Bozhidar Mochev

LAB1

NSLOOKUP

1. Run nslookup to obtain the IP address of a Web server in Asia. 2. Run nslookup to determine the authoritative DNS servers for a university in Europe.
3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail.

I assume that taking screens of IPConfig section 2 of the LAB is pointless, because that’s just too easy and time wasting. Better to skip onto the next one.

Tracing DNS with Wireshark

4. Locate the DNS query and response messages. Are then sent over UDP or TCP?

TCP

5. What is the destination port for the DNS query message? What is the source port of DNS response message?

Destination port for the DNS query message is 8080 .
Source port of DNS response message is 2636 .

6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?

12.22.58.30 is IP address the DNS query message sent. But local DNS server is 192.168.0.12

7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

It is GET from HTTP request the page of http://www.ietf.org/ , not contain any answer.

8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?

One answer is provided, the answer contain the HTML code of http://www.ietf.org/ webpage.

9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?

Yes.

10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?
Yes.
Now let’s play with nslookup2.
 Start packet capture.
 Do an nslookup on www.mit.edu
 Stop packet capture.

11. What is the destination port for the DNS query message? What is the source port of DNS response message?

The destination port for the DNS query message is 53.
The source port of DNS response message is 2656.

12. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?

192.168.0.12 is IP address the DNS query message sent. Yes.

13. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

Type: PTR (Domain name pointer) , no.

14. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?

4 answers are provided, each contain Authoritative name server of mit.edu .

15. Screenshot above.

nslookup –type=NS mit.edu

16. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?

209.18.47.61 is IP address the DNS query message sent. Default local DNS server is 192.168.0.12

17. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

Type: A (Host address), no.

18. Examine the DNS response message. What MIT nameservers does the response message provide? Does this response message also provide the IP addresses of the MIT namesers?

Yes, and Yes.

19. Screenshot above.

nslookup www.aiit.or.kr bitsy.mit.edu

20. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?

18.72.0.3 IP address is the DNS query message sent. The IP address of your default local DNS server is 18.72.0.3 That IP address correspond to BITSY.MIT.EDU .

21. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

Type: A (Host address), no.

22. Examine the DNS response message. How many “answers” are provided? What does each of these answers contain?

2 answer, the answers contain the Authoritative nameserver of www.aiit.or.kr

23. Screenshot above.

Cite This Document

Related Documents

  • wireshark

    ... Wireshark Wireless Fred Grouper Kaplan University Systems Analysis and Design MSIT 530 Professor Robert March 3, 2013 Wireshark Wireless Capture Source MAC addresses, destination MAC addresses This screen shot shows the source address of the workstation and a destination address representing a broadcas...

    Read More
  • Lab 2.6.2: Using Wireshark

    ...Lab 2.6.2: Using Wireshark™ to View Protocol Data Units Learning Objectives • Be able to explain the purpose of a protocol analyzer (Wireshark). • Be able to perform basic PDU capture using Wireshark. • Be able to perform basic PDU analysis on straightforward network data traffic. • Experiment wit...

    Read More
  • Wireshark Lab Analysis

    ...Solution to Wireshark Lab: Ethernet and ARP 1. What is the 48-bit Ethernet address of your computer? The Ethernet address of my computer is 00:d0:59:a9:3d:68 2. What is the 48-bit destination address in the Ethernet frame? Is this the Ethernet address of gaia.cs.umass.edu? (Hint: the answer is no). What device has this as its Ethernet address?...

    Read More
  • Wireshark

    ...Organizing a new government is not an easy task. You cannot make everyone happy because everyone has different views and opinions. No one person sees a topic the same as another person. So when coming up with a system for a new government for a country you have many decisions that must be made. There is a country that needs a new government: We...

    Read More
  • Netw240 Week 7 Linux Wireshark Lab Report Essay Example

    ...Name: | William Salazar | DSI# | D03253901 | Date | 12/17/2012 | * NETW240 Week 7 Linux Wireshark Lab Report Use the ifconfig command to verify your IP address and subnet mask. Make a note of the interface (eth0 or eth1). Use the route command to determine the default gateway. Record this information in the table below. IP Address | S...

    Read More
  • Wireshark Useful

    ...Wireshark Lab: Getting Started Version: 2.0 © 2007 J.F. Kurose, K.W. Ross. All Rights Reserved Computer Networking: A Topth down Approach, 4 edition. “Tell me and I forget. Show me and I remember. Involve me and I understand.” Chinese proverb One’s understanding of network protocols can often be greatly deepened by “seeing prot...

    Read More
  • Tcp/Ip

    ...A crash course in TCP/IP At first glance, TCP/IP (Transmission Control Protocol/Internet Protocol) may seem baffling. Many other protocols, such as NetBEUI and IPX/SPX, require no configuration. TCP/IP is different. Due to the seemingly endless number of options that you can configure within TCP/IP, many people become intimidated at first. In r...

    Read More
  • Behavior of TCP

    ...back to the Lab Programme! In this lab, we’ll investigate the behavior of TCP in detail. We’ll do so by analyzing a trace of the TCP segments sent and received in transferring a 150KB file (containing the text of Lewis Carrol’ s Alice’s Adventures in Wonderland) from your computer to a remote server. We’ll study TCP’s use of seque...

    Read More

Discover the Best Free Essays on StudyMode

Conquer writer's block once and for all.

High Quality Essays

Our library contains thousands of carefully selected free research papers and essays.

Popular Topics

No matter the topic you're researching, chances are we have it covered.