2021-09-13计算机网络自顶向下WireShark Lab（三）DNS

最新推荐文章于 2023-10-18 21:50:23 发布

weixin_51187533

最新推荐文章于 2023-10-18 21:50:23 发布

阅读量1.3k

点赞数 2

分类专栏：计算机网络文章标签： wireshark 网络协议

本文链接：https://blog.csdn.net/weixin_51187533/article/details/120275668

版权

计算机网络专栏收录该内容

3 篇文章 1 订阅

订阅专栏

在这里插入图片描述
win10 使用 cmd 下的 nslookup 得在管理员模式下运行。

在这里插入图片描述
Name和Value的的具体含义取决于Type：

Type = A，则Name是主机名，Value是该主机名对应的IP地址。例如：（relay1.bar.foo.com,145.37.93.126, A）
Type = NS,则Name是域（如foo.com）,而Value是知道如何获取该域中主机IP地址的权威DNS服务器的主机名，如（foo.com, dns.foo.com, NS）
Type = CNAME, 则Value是别名为Name的主机对应的规范主机名，如（foo.com,relay1.bar.foo.com）

不成功的例子：
在这里插入图片描述
一个成功的例子

nslookup

(1)Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of that server?
在这里插入图片描述

(2)Run nslookup to determine the authoritative DNS servers for a university in Europe.

University of Cambridge
https://www.cam.ac.uk/
在这里插入图片描述
下图多加了一个www.不知道为什么这两个会有区别，也不知道区别在哪里。

(3)Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail. What is its IP address?

2. ipconfig
ipconfig \all
在这里插入图片描述

ipconfig /displaydns

ipconfig /flushdns

3. Tracing DNS with Wireshark
使用ipconfig来获取本机的ip地址

(4)Locate the DNS query and response messages. Are then sent over UDP or TCP?

(5) What is the destination port for the DNS query message? What is the source port of DNS response message?

destination port for the DNS is 53
在这里插入图片描述

(6) To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?
在这里插入图片描述

is the same

(7) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
在这里插入图片描述
No,it didn’t.

(8)Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
在这里插入图片描述
5 answers.
domain name,type ,class, IP address

(9)Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?

the first
在这里插入图片描述
(10) This web page contains images. Before retrieving each image, does your host issue new DNS queries?

no,it didn’t.

Now let’s play with nslookup.
在这里插入图片描述
(11)What is the destination port for the DNS query message? What is the source port of DNS response message?

They are 53.

(12) To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
在这里插入图片描述
The DNS query message sent to 58.200.168.8.
Yes,it is.

(13) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
在这里插入图片描述
A(ipv4) and AAA(ipv6).
No it didn’t.

(14) Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?

2 answers.
在这里插入图片描述

(15) Provide a screenshot.

Now repeat the previous experiment, but instead issue the command:
nslookup –type=NS mit.edu

Answer the following questions :

(16)To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
在这里插入图片描述
The DNS query message sent to 58.200.168.8.
Yes,it is.

(17) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
在这里插入图片描述
NS
No,it didn’t.

（18) Examine the DNS response message. What MIT nameservers does the response message provide? Does this response message also provide the IP addresses of the MIT namesers?

name,class, 权威域服务器的名字，权威域服务器的IPv4地址和部分IPv6的地址
在这里插入图片描述
（19）Provide a screenshot.

Now repeat the previous experiment, but instead issue the command:
先放一个不成功的：
nslookup www.aiit.or.kr bitsy.mit.edu
在这里插入图片描述

（20）To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?

First ,it was sent to default local DNS to get the internet address of bitsy.mit.edu.
And them it was sent to bitsy.mit.edu.

（21）Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
A and AAA
No.it did’t.
在这里插入图片描述

（22）Examine the DNS response message. How many “answers” are provided? What does each of these answers contain?

2 answer provide.
在这里插入图片描述
【SOA 资源记录表明此 DNS 名称服务器是为该 DNS 域中的数据的信息的最佳来源。

SOA 记录与 NS 记录的区别：简单讲，NS记录表示域名服务器记录，用来指定该域名由哪个DNS服务器来进行解析；SOA记录设置一些数据版本和更新以及过期时间的信息。

dns服务器无法响应dns请求时，会默认响应soa记录，所以从抓包看soa响应就是查询失败的意思。】
在这里插入图片描述
对于www.aiit.or.kr后面的询问一直没有得到回复
（23） Provide a screenshot

再放一个成功的
在这里插入图片描述

（20） To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?

First ,it was sent to default local DNS to get the internet address of dns.baidu.com
And them it was sent to dns.baidu.com

(21) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
A and AAA
在这里插入图片描述

(22) Examine the DNS response message. How many “answers” are provided? What does each of these answers contain?

respond
在这里插入图片描述
疑惑：为什么这个dns响应报文不包括答案

在这里插入图片描述

在这里插入图片描述

(23) Provide a screenshot

weixin_51187533

关注

2
点赞
踩
20

收藏

觉得还不错? 一键收藏
0
评论
2021-09-13计算机网络自顶向下WireShark Lab（三）DNS

win10 使用 cmd 下的 nslookup 得在管理员模式下运行。nslookup(1)Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of that server?(2)Run nslookup to determine the authoritative DNS servers for a university in Europe.(3)Run nslooku.
复制链接

扫一扫

专栏目录