Part 1: nslookup
1. nslookup 2chan.net
Server: ecsu-sv26.easternct.edu
Address: 10.40.4.44
2. nslookup -type=ns ox.ac.uk
Authoritive:
ns2.ja.net 193.63.105.17
3. This particular question caused a time out each time.
Part 3: Tracing DNS with Wireshark
4. They are both sent over UDP.
5. The destination port for the query is 53. The source port is also 53.
6. The DNS request is sent to 10.40.4.44. This is the same as my local DNS server.
7. It is a "standard query". There is no "answer" in the request.
8. There is one answer. It contains the site's hostname, IP address, time to live, and a few other things.
9. Yes, they are sent to the IP that is in the DNS query response.
10. Yes, there is a new DNS query for each image.
11. The destination port for the query is 53. The response port is also 53.
12. The query was sent to 10.40.4.44, which is the same as my local DNS server.
13. It is a standard DNS query. There are no "answers" in the DNS query.
14. The query response contains one answer, which has the same info as the other one. Hostname, IP address, time to live and other things.
15. Screenshot: http://img205.imageshack.us/img205/3815/wiresharkscreenshotq15.png
16. The DNS query is sent to 10.40.4.44, same as the others. Yes, this is my local DNS server.
17. It is a standard query, and doesn't contain any "answers"
18. The MIT nameservers it contains are: bitsy.mit.edu, strawb.mit.edu and w20ns.mit.edu. Yes, the IP addresses are also included.
19.Screenshot: http://img28.imageshack.us/img28/581/wiresharkscreenshotq19.png
20. As with the others before, the query is sent to 10.40.4.44, which is my local DNS server.
21. It is a standard query. It contains no answers.
22. The response contains one answer. The info in the answer is the same as all the other answers: Hostname, IP address, time to live and others.
23. Screenshot: http://img269.imageshack.us/img269/728/wiresharkscreenshotq23.png
No comments:
Post a Comment