实验四利用wireshark分析DNS
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
计算机网络实验报告年级:姓名:学号:实验日期:
实验名称:利用wireshark分析DNS
一、实验目的
1、学会使用nslookup工具查询并分析Internet 域名信息或诊断DNS 服务器。学
会使用ipconfig工具进行分析。
2、会用wireshark分析DNS协议。对DNS协议有个全面的学习与了解。
二、实验器材
1、接入Internet的计算机主机;
2、抓包工具wireshark和截图工具snagit。
三、实验内容
1. Run nslookup to obtain the IP address of a Web server in Asia.
the IP address of :166.111.4.100
2. Run nslookup to determine the authoritative DNS servers for a university in Europe.
实验结果如下图:
3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail.
实验结果如下图:
4. Locate the DNS query and response messages. Are then sent over UDP or TCP?
答:DNS query and response messages如下图标注,
They ate sent over UDP ;
5. What is the destination port for the DNS query message? What is the source port of DNS response message?
答:the destination port is:64211(64211)
the source port is:domain(53)
6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?
答:ip地址10.0.163.199 ,这两个IP地址是一样的。试验截图如下
7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
答:“Type” of DNS query is(host address)
没有包含“answer”;
8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
答:“answers”如下图:
9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in
the DNS response message?
答:
10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?
答:my hostissue don’t issue new DNS queries。
11. What is the destination port for the DNS query message? What is the source port of DNS response message?
答:the destination port for the DNS query message:
the source port of DNS response message:
他们是相同的。
12. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
IP address:202.117.144.2
This is the IP address of my default local DNS server(202.117.144.2)
13. Ex amine the DNS query message. What “Type” of DNS query is it? Does the
query message contain any “answers”?
答:“Type” of DNS query
“answers”:
14. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
答:
15. Provide a screenshot.