Nt1330 Unit 3 Exercise 1 Case Analysis
Bozhidar Mochev
LAB1
NSLOOKUP
1. Run nslookup to obtain the IP address of a Web server in Asia.
2. Run nslookup to determine the authoritative DNS servers for a university in
Europe.
3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail.
I assume that taking screens of IPConfig section 2 of the LAB is pointless, because that’s just too easy and time wasting. Better to skip onto the next one.
Tracing DNS with Wireshark
4. Locate the DNS query and response messages. Are then sent over UDP or TCP?
TCP
5. What is the destination port for the DNS query message? What is the source port of DNS response message?
Destination port for the DNS query message is 8080 . …show more content…
6. To what IP address is the DNS query message sent? Use ipconfig to determine the
IP address of your local DNS server. Are these two IP addresses the same?
12.22.58.30 is IP address the DNS query message sent. But local DNS server is 192.168.0.12
7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
It is GET from HTTP request the page of http://www.ietf.org/ , not contain any answer.
8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
One answer is provided, the answer contain the HTML code of http://www.ietf.org/ webpage.
9. Consider the subsequent TCP SYN packet sent by your host. Does the destination
IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?
Yes.
10. This web page contains images. Before retrieving each image, does your
LAB1
NSLOOKUP
1. Run nslookup to obtain the IP address of a Web server in Asia.
2. Run nslookup to determine the authoritative DNS servers for a university in
Europe.
3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail.
I assume that taking screens of IPConfig section 2 of the LAB is pointless, because that’s just too easy and time wasting. Better to skip onto the next one.
Tracing DNS with Wireshark
4. Locate the DNS query and response messages. Are then sent over UDP or TCP?
TCP
5. What is the destination port for the DNS query message? What is the source port of DNS response message?
Destination port for the DNS query message is 8080 . …show more content…
6. To what IP address is the DNS query message sent? Use ipconfig to determine the
IP address of your local DNS server. Are these two IP addresses the same?
12.22.58.30 is IP address the DNS query message sent. But local DNS server is 192.168.0.12
7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
It is GET from HTTP request the page of http://www.ietf.org/ , not contain any answer.
8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
One answer is provided, the answer contain the HTML code of http://www.ietf.org/ webpage.
9. Consider the subsequent TCP SYN packet sent by your host. Does the destination
IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?
Yes.
10. This web page contains images. Before retrieving each image, does your