Assignment 3.2 ‐ DNS uses TCP and UDP - Jacob-Mayotte/SEC335_Tech_Journal GitHub Wiki

Goal of assignment:

Use wireshark to see DNS using TCP & UDP

Tools Used:

  • nslookup
  • wireshark
  • nmap

Deliverables:

  1. Figure out how to run nmap against 10.0.5.22 in such a way that both tcp/53 and udp/53 are checked:

sudo nmap 10.0.5.22 -p 53 -sT -sU -sV

  • sudo nmap 10.0.5.22 // scan this address
  • See Nmap manual for explanation of flags
  1. Run nslookup against 10.0.5.21 using the dns server 10.0.5.22

image

  1. coax nslookup to use tcp and repeat lookup:

nslookup -vC 10.0.5.21 10.0.5.22

  • Used nmap flags here that are defined in manual
  1. Repeat zone transfer from activity 3.1. Follow TCP stream:

image

Trials & Tribulations:

N/A

Sources:

*https://wiki.wireshark.org/CaptureFilters