《实验四利用wireshark分析DNS.docx》由会员分享,可在线阅读,更多相关《实验四利用wireshark分析DNS.docx(5页珍藏版)》请在三一办公上搜索。
1、实验四利用wireshark分析DNS 计算机网络 实验报告 年级: 姓名: 学号: 实验日期: 实验名称: 利用wireshark分析DNS 一、实验目的 1、学会使用nslookup工具查询并分析Internet 域名信息或诊断DNS 服务器。学会使用ipconfig工具进行分析。 2、会用wireshark分析DNS协议。对DNS协议有个全面的学习与了解。 二、实验器材 1、接入Internet的计算机主机; 2、抓包工具wireshark和截图工具snagit。 三、实验内容 1. Run nslookup to obtain the IP address of a Web serve
2、r in Asia. the IP address of :166.111.4.100 2. Run nslookup to determine the authoritative DNS servers for a university in Europe. 实验结果如下图: 3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail. 实验结果如下图: 4. Locate the DNS query and resp
3、onse messages. Are then sent over UDP or TCP? 答:DNS query and response messages如下图标注, They ate sent over UDP ; 5. What is the destination port for the DNS query message? What is the source port of DNS response message? 答:the destination port is: 64211 the source port is:domain 6. To what IP address
4、is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same? 答:ip地址10.0.163.199 ,这两个IP地址是一样的。试验截图如下 7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? 答:“Type” of DN
5、S query is 没有包含“answer”; 8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain? 答:“answers”如下图: 9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses p
6、rovided in the DNS response message? 答: 10. This web page contains images. Before retrieving each image, does your host issue new DNS queries? 答: my hostissue dont issue new DNS queries。 11. What is the destination port for the DNS query message? What is the source port of DNS response message? 答:th
7、e destination port for the DNS query message: the source port of DNS response message: 他们是相同的。 12. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? IP address:202.117.144.2 This is the IP address of my default local DNS server 13. Examine the
8、 DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? 答:“Type” of DNS query “answers”: 14. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain? 答: 15. Provide a screenshot. 16. To what IP address is the
9、DNS query message sent? Is this the IP address of your default local DNS server? IP address:202.117.144.2 他们是相同的。 17. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? 18. Examine the DNS response message. What MIT nameservers does the respo
10、nse message provide? Does this response message also provide the IP addresses of the MIT namesers? 答:MIT nameservers如下划线 this response message dont provide the IP addresses of the MIT namesers。 19. Provide a screenshot. 20. To what IP address is the DNS query message sent? Is this the IP address of
11、your default local DNS server? If not, what does the IP address correspond to? Ip address:18.72.0.3 This is not the IP address ofmydefault local DNS server。the IP address correspond to bit.mit.edu 21. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? type如下图: Answer如下图: 22. Examine the DNS response message. How many “answers” are provided? What does each of these answers contain? 答:3个answer 23. Provide a screenshot. 四、实验总结 1、通过实验学会了对DNS协议的分析,能借助于nslookup和ipconfig对DNS进行分析。 2、通过实验让自己更清楚的认识了域名的定义。 3、学会了ipconfig的相关操作,能熟练的运用ipconfig进行操作。
