Para os exercícios utilize o Wireshark para capturar os pacotes. A resposta deverá conter sua análise e um screenshot do wireshark (que permita observar a resposta).
Limpe o cache do seu navegador. Acesse o site https://www.w3.org/ Observe os pacotes capturados e identifique:
- As mensagens DNS são enviadas sobre TCP ou UDP?
Protocolo UDP - Identifique a porta de destino da mensagem query DNS e a porta de origem da mensagem de resposta do DNS.
User Datagram Protocol:
Source Port: 53
Destination Port: 26716- Examine a resposta DNS. Quantas “respostas” foram dadas? Qual o conteúdo destas respostas?
Answer RRs: 1
Answers
www.w3.org: type A, class IN, addr 128.30.52.100
Name: www.w3.org
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 569
Data length: 4
Address: 128.30.52.100- Esta página contém imagens. Antes de requisitar cada imagem, seu host faz novas queries DNS?
nslookup é uma ferramenta que permite obter informações sobre os registros do DNS. A sintaxe do comando nslookup é:
nslookup –option1 –option2 host-to-find dns-server
Em geral, nslookup pode ser executado com zero, uma, duas ou mais opções. O servidor DNS também é opcional; se não for indicado, a query é enviada ao servidor DNS local.
Execute o comando
nslookup www.ucla.edu Observe os pacotes capturados e identifique:
Server: 127.0.1.1
Address: 127.0.1.1#53
Non-authoritative answer:
www.ucla.edu canonical name = gateway.lb.it.ucla.edu.
Name: gateway.lb.it.ucla.edu
Address: 164.67.228.152
- Qual é a porta de destino da mensagem query DNS e a porta de origem da mensagem de resposta do DNS?
53
- Examine a resposta DNS. Quantas “respostas” foram dadas?
duas.
- Qual o conteúdo destas respostas?
Domain Name System (response)
[Request In: 4]
[Time: 0.214727684 seconds]
Transaction ID: 0x7c08
Flags: 0x8180 Standard query response, No error
Questions: 1
Answer RRs: 2
Authority RRs: 0
Additional RRs: 0
Queries
www.ucla.edu: type A, class IN
Name: www.ucla.edu
[Name Length: 12]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Answers
www.ucla.edu: type CNAME, class IN, cname gateway.lb.it.ucla.edu
Name: www.ucla.edu
Type: CNAME (Canonical NAME for an alias) (5)
Class: IN (0x0001)
Time to live: 17165
Data length: 16
CNAME: gateway.lb.it.ucla.edu
gateway.lb.it.ucla.edu: type A, class IN, addr 164.67.228.152
Name: gateway.lb.it.ucla.edu
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 10
Data length: 4
Address: 164.67.228.152
-------------------------------------------------------
Domain Name System (response)
[Request In: 3]
[Time: 0.222914114 seconds]
Transaction ID: 0x7c08
Flags: 0x8180 Standard query response, No error
Questions: 1
Answer RRs: 2
Authority RRs: 0
Additional RRs: 0
Queries
www.ucla.edu: type A, class IN
Name: www.ucla.edu
[Name Length: 12]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Answers
www.ucla.edu: type CNAME, class IN, cname gateway.lb.it.ucla.edu
Name: www.ucla.edu
Type: CNAME (Canonical NAME for an alias) (5)
Class: IN (0x0001)
Time to live: 28669
Data length: 16
CNAME: gateway.lb.it.ucla.edu
gateway.lb.it.ucla.edu: type A, class IN, addr 164.67.228.152
Name: gateway.lb.it.ucla.edu
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 10
Data length: 4
Address: 164.67.228.152
Repita o procedimento para buscar os registros DNS de outro site da web.
Server: 127.0.1.1
Address: 127.0.1.1#53
Non-authoritative answer:
www.pudim.com.br canonical name = pudim.com.br.
Name: pudim.com.br
Address: 54.207.20.104
Domain Name System (response)
[Request In: 26]
[Time: 0.020766509 seconds]
Transaction ID: 0x0862
Flags: 0x8180 Standard query response, No error
Questions: 1
Answer RRs: 2
Authority RRs: 0
Additional RRs: 0
Queries
Answers
Domain Name System (response)
[Request In: 25]
[Time: 0.031205556 seconds]
Transaction ID: 0x0862
Flags: 0x8180 Standard query response, No error
Questions: 1
Answer RRs: 2
Authority RRs: 0
Additional RRs: 0
Queries
Answers