Non-authoritative answer: home.web.cern.ch canonical name = drupalprod.cern.ch. Name: drupalprod.cern.ch Address: 137.138.76.28

Similar documents
Ethereal Lab: DNS PART 1. 1.Run nslookup to obtain the IP address of a Web server in Asia. I performed nslookup for

Wireshark Lab: DNS v6.01

Wireshark Lab: DNS. 1. nslookup

Wireshark DNS. Introduction. nslookup

Ethereal Lab: DNS. 1. nslookup

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.

DNS Resolving using nslookup

Domain Name System (DNS) Fundamentals

How to Add Domains and DNS Records

Domain Name System (DNS) Session-1: Fundamentals. Ayitey Bulley

3. The Domain Name Service

DNS. Computer Networks. Seminar 12

Lab - Observing DNS Resolution

PasserellesNumeriquesCambodia (PNC)

Domain Name System :49:44 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

DNS ActiveX Control for Microsoft Windows. Copyright Magneto Software All rights reserved

Tools for penetration tests 1. Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus.

CS3250 Distributed Systems

ARP and DNS. ARP entries are cached by network devices to save time, these cached entries make up a table

The Application Layer: DNS

Copyright

How-to: DNS Enumeration

Copyright

IP addresses have hierarchy (network & subnet) Internet names (FQDNs) also have hierarchy. and of course there can be sub-sub-!!

The Domain Name System

File transfer and login using IPv6, plus What to do when things don t work

Work No. 1 Samba. What is Samba?

Application. Transport. Network. Data Link. Physical. Network Layers. Goal

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Applications & Application-Layer Protocols: The Domain Name System and Peerto-Peer

DNS SRV Usage June 22, 2011

Operational Problems in IPv6: Fallback and DNS issues

Lecture 5: Network Attacks I. Course Admin

How to set up the Integrated DNS Server for Inbound Load Balancing

How do I get to

Domain Name System (DNS) RFC 1034 RFC

Technical Support Information

DEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager

Global Server Load Balancing (GSLB) Concepts

Lab - Observing DNS Resolution

Internet Load Balancing Guide. Peplink Balance Series. Peplink Balance. Internet Load Balancing Solution Guide

Enterprise Architecture Office Resource Document Design Note - Domain Name System (DNS)

Firewall Firewall August, 2003

Chapter 25 Domain Name System Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

shortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge

Introduction to Network. Topics

Configuring the BIND name server (named) Configuring the BIND resolver Constructing the name server database files

Lecture 2-ter. 2. A communication example Managing a HTTP v1.0 connection. G.Bianchi, G.Neglia, V.Mancuso

Network Layers. CSC358 - Introduction to Computer Networks

F-SECURE MESSAGING SECURITY GATEWAY

Lab 2. CS-335a. Fall 2012 Computer Science Department. Manolis Surligas

Wharf T&T Limited DDoS Mitigation Service Customer Portal User Guide

NET0183 Networks and Communications

Networking Domain Name System

Glossary of Technical Terms Related to IPv6

ECE 4321 Computer Networks. Network Programming

Use Domain Name System and IP Version 6

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

Network Fundamentals Carnegie Mellon University

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Lecture 2 CS An example of a middleware service: DNS Domain Name System

Computer Networks CCNA Module 1

How to Configure the Windows DNS Server

1 DNS Packet Structure

THE DOMAIN NAME SYSTEM DNS

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Configuration Network Management Card-2

IP Filtering for Patton RAS Products

What communication protocols are used to discover Tesira servers on a network?

Fasthosts Internet Parallels Plesk 10 Manual

How To Guide Edge Network Appliance How To Guide:

IPv6 Trace Analysis using Wireshark Nalini Elkins, CEO Inside Products, Inc.

Akamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013

Domain Name Servers. Domain Types WWW host names. Internet Names. COMP476 Networked Computer Systems. Domain Name Servers

1. LAB SNIFFING LAB ID: 10

DNS : Domain Name System

Inbound Load Balance. User Manual

NAT & IP Masquerade. Internet NETWORK ADDRESS TRANSLATION INTRODUCTION. NAT & IP Masquerade Page 1 of 5. Internal PC

H3C Firewall and UTM Devices DNS and NAT Configuration Examples (Comware V5)

- Domain Name System -

Teldat Router. DNS Client

Agenda. Network Services. Domain Names. Domain Name. Domain Names Domain Name System Internationalized Domain Names. Domain Names & DNS

DNS: How it works. DNS: How it works (more or less ) DNS: How it Works. Technical Seminars Spring Paul Semple psemple@rm.

Introduction to DNS CHAPTER 5. In This Chapter

How to Enable Internet for Guest Virtual Machine using Wi-Fi wireless Internet Connection.

LESSON Networking Fundamentals. Understand TCP/IP

Setting up Scan to

Networking Domain Name System

Internetworking Microsoft TCP/IP on Microsoft Windows NT 4.0

DNS Conformance Test Specification For Client

Configuring your network settings to use Google Public DNS

The Domain Name System

The Transport Layer. Antonio Carzaniga. October 24, Faculty of Informatics University of Lugano Antonio Carzaniga

CS3600 SYSTEMS AND NETWORKS

DNS + DHCP. Michael Tsai 2015/04/27

This sequence diagram was generated with EventStudio System Designer (

Lab Conducting a Network Capture with Wireshark

Transcription:

1. Run nslookup to obtain the IP address of a Web server in Europe. frigate:desktop drb$ nslookup home.web.cern.ch Server: 130.215.32.18 Address: 130.215.32.18#53 Non-authoritative answer: home.web.cern.ch canonical name = drupalprod.cern.ch. Name: drupalprod.cern.ch Address: 137.138.76.28 Note that the #53 denotes the DNS service is running on port 53. 2. Run nslookup to determine the authoritative DNS servers for a university in Asia. frigate:desktop drb$ nslookup -type=ns tsinghua.edu.cn Server: 130.215.32.18 Address: 130.215.32.18#53 Non-authoritative answer: tsinghua.edu.cn nameserver = dns2.tsinghua.edu.cn. tsinghua.edu.cn nameserver = dns.tsinghua.edu.cn. tsinghua.edu.cn nameserver = dns2.edu.cn. tsinghua.edu.cn nameserver = ns2.cuhk.edu.hk. Authoritative answers can be found from: dns2.tsinghua.edu.cn internet address = 166.111.8.31 ns2.cuhk.edu.hk internet address = 137.189.6.21 ns2.cuhk.edu.hk has AAAA address 2405:3000:3:6::15 dns2.edu.cn internet address = 202.112.0.13 dns.tsinghua.edu.cn internet address = 166.111.8.30 Note that there can be multiple authoritative servers. The response we got back was from a cached record. To confirm the authoritative DNS servers, we perform the same DNS query of one of the servers that can provide authoritative answers. frigate:desktop drb$ nslookup -type=ns tsinghua.edu.cn dns.tsinghua.edu.cn Server: dns.tsinghua.edu.cn Address: 166.111.8.30#53 tsinghua.edu.cn nameserver = dns2.edu.cn. tsinghua.edu.cn nameserver = dns.tsinghua.edu.cn. tsinghua.edu.cn nameserver = dns2.tsinghua.edu.cn. tsinghua.edu.cn nameserver = ns2.cuhk.edu.hk. 3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail. 1

frigate:desktop drb$ nslookup pku.edu.cn ns2.cuhk.edu.hk Server: ns2.cuhk.edu.hk Address: 137.189.6.21#53 Name: pku.edu.cn Address: 162.105.131.113 I was unable to get any of the DNS servers listed above to answer a query for a Yahoo mail server (even cn.mail.yahoo.com was refused) so I just queried another Chinese university (Peking University). 4. Locate the DNS query and response messages. Are they sent using the UDP or TCP protocol? UDP as shown in the screenshot. 5. What is the destination port for the DNS query message? What is the source port of DNS response message? See screenshot. Source port: 53853. Dest port: 53. 6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same? 2

The screenshot shows that the DNS message was sent to 10.211.55.1. This matches the DNS server listed by the command ipconfig /all. 7. Examine the DNS query message. What Type of DNS query is it 1? Does the query message contain any answers? It is a type A query, which is for a standard host address resource record. No answers as shown in screenshot (one question). 1 A table of all the different types is available in your textbook (see resource record types ). 3

8. Examine the DNS response message. How many answers are provided? What does each of these answers contain? One answer containing the IP address of www.ietf.org (see screenshot) 4

9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message? Yes, as seen in the prior screenshot, the destination address is 4.31.198.44 which is the address provided by the DNS server for www.ietf.org. 10. This web page contains images. Before retrieving each image, does your host issue new DNS queries? No, the images are all loaded from www.ietf.org, so no additional DNS queries are necessary (the host uses a cached address). 11. What is the destination port for the DNS query message? What is the source port of DNS response message? Source port: 63140. Dest port: 53 (see screenshot) 5

12. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? 10.211.55.1. Yes (see previous screenshot). 13. Examine the DNS query message. What Type of DNS query is it? Does the query message contain any answers? Standard type A (Host address) query (see screenshot). The message only contains a query (no answers). 6

14. Examine the DNS response message. How many answers are provided? What does each of these answers contain? Provide a screenshot. Three answers (resource records), two corresponding to CNAMEs and one host address. 7

15. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? 16. Examine the DNS query message. What Type of DNS query is it? Does the query message contain any answers? 17. Examine the DNS response message. What MIT name servers does the response message provide? Does this response message also provide the IP addresses of the MIT name servers? Provide a screenshot. 18. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to? I was unable to get this to work with bitsy.mit.edu so I used the Google public DNS 8.8.8.8. The query is sent to 8.8.8.8 (not the default local DNS server). 19. Examine the DNS query message. What Type of DNS query is it? Does the query message contain any answers? Same as before (Type A, 1 question, 0 answers). 20. Examine the DNS response message. How many answers are provided? What does each of these answers contain? Provide a screenshot. Two answers, one a CNAME RR and the other a type A RR. See the screenshot. 8

9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information