In Part 1, you will use commands on your CyberOps Workstation VM to find and record the MAC and IP addresses of your VM’s virtual network interface card (NIC), the IP address of the specified default gateway, and the DNS server IP address specified for the PC. Instructions Part 1: Record VM’s IP Configuration Information If using a packet sniffer is an issue, the instructor may wish to assign the lab as homework or perform a walk-through demonstration. It is recommended that permission be obtained before running Wireshark for this lab. Instructor Note: Using a packet sniffer, such as Wireshark, may be considered a breach of the security policy of the school. You will use Wireshark to examine the DNS query and response exchanges with the same server. In this lab, you will communicate with a DNS server by sending a DNS query using the UDP transport protocol. DNS queries and responses are very small and do not require the overhead of TCP. UDP is connectionless and does not require a session setup as does TCP. Your PC’s DNS query and the DNS server’s response make use of the User Datagram Protocol (UDP) as the transport layer protocol. When you type a website URL into your browser, your PC performs a DNS query to the DNS server’s IP address. DNS is a distributed network of servers that translates user-friendly domain names like to an IP address. When you use the internet, you use the Domain Name System (DNS). Part 3: Analyze Captured DNS or UDP Packets.Part 2: Use Wireshark to Capture DNS Queries and Responses.Part 1: Record a PC’s IP Configuration Information.Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. 10.2.7 Lab – Using Wireshark to Examine a UDP DNS Capture (Instructor Version)
0 kommentar(er)
