17.1.7 Lab Exploring DNS Traffic - PanamaP/KEST3CO05DU GitHub Wiki

Expand the User Datagram Protocol. Observe the source and destination ports What are the source and destination ports? What is the default DNS port number?

source: 64000 des: 53

Determine the IP and MAC address of the PC.

  1. In a Windows command prompt, enter arp –a and ipconfig /all to record the MAC and IP addresses of the PC.
  2. For Linux and macOS PC, enter ifconfig or ip address in a terminal. Question: Compare the MAC and IP addresses in the Wireshark results to the IP and MAC addresses. What is your observation?

Sama nidurstada.

Expand Domain Name System (response). Then expand the Flags, Queries, and Answers. Observe the results. Question: Can the DNS server do recursive queries?

Observe the CNAME and A records in the Answers details. Question: How do the results compare to nslookup results?

Það er sama

Reflection

  1. From the Wireshark results, what else can you learn about the network when you remove the filter?

það sýnir einnig þá DHCP og ARP, þá getur þú lært um önnur tæki á laninu.

  1. How can an attacker use Wireshark to compromise your network security?

Ef skilaboð eru ekki dulkóðuð eins og með https þá getur einhver komist yfir þau gögn með wireshark.