Scribd Logo
Upload

Welcome to Scribd!

  • ITCE 314 Lab Report 3

    Uploaded by

    Amna Azmat
    14 views14 pages
    Computer Engineering

    Copyright

    © © All Rights Reserved

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Computer Engineering

    Copyright:

    © All Rights Reserved
    Flag for inappropriate content
    14 views14 pages

    ITCE 314 Lab Report 3

    Uploaded by

    Amna Azmat
    Computer Engineering

    Copyright:

    © All Rights Reserved
    Flag for inappropriate content
    of 14

    EXPERIMENT 3: DNS(Domain Name

    Server)

    STUDENT’S NAME: AMNA AZMAT RAZA MALIK


    STUDENT’S ID: 20161934
    DATE OF SUBMISSION: 13 Nov 2018
    AIM: The aim of this experiment is to get familiar with DNS (Domain Name
    System) , understand the use of command and use Wireshark to study DNS
    query and response messages.

    INTRODUCTION: The Domain Name System (DNS) is


    a hierarchical decentralized naming system for computers, services, or other
    resources connected to the Internet or a private network. It associates various
    information with domain names assigned to each of the participating entities.
    Most prominently, it translates more readily memorized domain names to the
    numerical IP addresses needed for locating and identifying computer services
    and devices with the underlying network protocols. The process of DNS
    resolution involves converting a hostname (such as www.example.com) into
    a computer-friendly IP address (such as 192.168.1.1). An IP address is given
    to each device on the Internet, and that address is necessary to find the
    appropriate Internet device - like a street address is used to find a particular
    home. When a user wants to load a webpage, a translation must occur
    between what a user types into their web browser (example.com) and the
    machine-friendly address necessary to locate the example.com webpage.
    PROCEDURE:
    1. ipconfig /all was typed in the command to check the ip addresses of
    host(our computer) and server
    2. The command nslookup was typed in

    3. The command ipconfig /displaydns was typed in


    4. The command ipconfig /flushdns was typed in. It clears all entries.
    1. Tracing DNS with Wireshark

    • Browser cache was cleared .


    • Wireshark was opened and “ip.addr == your_IP_address” was
    entered into the filter and IP address of the computer was obtained
    from command.
    • Packet captured was runed in Wireshark.
    • The following URL was entered din the browser :
    http://www.ietf.org
    • Packet capture was stopped and different messages were examined.

    DNS QUERY MESSAGE:


    DNS RESPONSE MESSAGE:

    4. Locate the DNS query and response messages. Are then sent over
    UDP or TCP?

    QUERY MESSAGE

    RESPONSE MESSGAE
    The protocols were UDP(17) for both DNS query and response
    messages
    5. What is the destination port for the DNS query message? What is the
    source port of DNS response message?
    The destination port for DNS query message was : port 53

    The source port for DNS response message was : port 53

    6. To what IP address is the DNS query message sent? Use ipconfig to


    determine the IP address of your local DNS server. Are these two IP
    addresses the same?
    IP address to which the DNS query message was sent :
    192.168.1.1.Yes it was the same.

    7. Examine the DNS query message. What “Type” of DNS query is it?
    Does the query message contain any “answers”?
    The DNS query message was of A type. It did not contain any
    answers.

    8. Examine the DNS response message. How many “answers” are


    provided? What do each of these answers contain?
    It contained 3 answers.
    9. Consider the subsequent TCP SYN packet sent by your host. Does the
    destination IP address of the SYN packet correspond to any of the IP
    addresses provided in the DNS response message?
    Yes it corresponded to IP address 104.20.1.85 of DNS response
    message.

    10. This web page contains images. Before retrieving each image, does
    your host issue new DNS queries?
    No, it didn’t issue new DNS queries.

    NSLOOKUP.

    • Wireshark was opened and packets were captured.


    • The nslookup was done on the following www.mit.edu . It was
    entered in browser.
    • Packet capture was stopped.

    DNS QUERY MESSAGE:


    DNS RESPONSE MESSAGE:

    11. What is the destination port for the DNS query message? What is the
    source port of DNS response message?
    The destination port of DNS query message was port :53

    The source port of DNS response message was port:53


    12. To what IP address is the DNS query message sent? Is this the IP
    address of your default local DNS server?
    The DNS query message was sent to IP address 192.168.1.1.Yes it
    was same.

    13. Examine the DNS query message. What “Type” of DNS query is it?
    Does the query message contain any “answers”?
    It was type A query message.

    There were no answers.

    14. Examine the DNS response message. How many “answers” are
    provided? What do each of these answers contain?
    DNS response message contained 3 answers.

    15. Provide a screenshot.


    Experiment was repated with the following command:

    nslookup –type=NS mit.edu

    DNS QUERY MESSSAGE:

    DNS RESPONSE MESSAGE:

    16. To what IP address is the DNS query message sent? Is this the IP
    address of your default local DNS server?
    IP address to which the DNS query message was sent : 192.168.1.1.Yes it
    was the same.

    17. Examine the DNS query message. What “Type” of DNS query is it?
    Does the query message contain any “answers”?
    It was Tyoe A query message.
    18. Examine the DNS response message. What MIT nameservers does the
    response message provide? Does this response message also provide
    the IP addresses of the MIT namesers?

    19. Provide a screenshot.

    The experiment as repeated with the following command:

    nslookup www.aiit.or.kr bitsy.mit.edu

    DNS QUERY MESSAGE:

    DNS RESPONSE MESSAGE:


    Answer the following questions1:

    20. To what IP address is the DNS query message sent? Is this the IP
    address of your default local DNS server? If not, what does the IP
    address correspond to?
    IP address to which the DNS query message was sent : 192.168.1.1.It
    was the same.

    21. Examine the DNS query message. What “Type” of DNS query is it?
    Does the query message contain any “answers”?
    No it did not contain any answers

    22. Examine the DNS response message. How many “answers” are
    provided? What does each of these answers contain?
    It contained one answer
    23. Provide a screenshot.

    CONCLUSION: In this experiment we got familiar with the DNS and the
    use of command to check the IP address. We got familiar with DNS
    messages.

    You might also like