DNS

Prompt

DNS is what enables us to access much of the internet without remembering IP addresses, analyze the network packet capture to understand more about DNS.

You can read this guide to learn more about computer networking.

DNS.pcap0.9KB

Walk-Through

This challenge evaluates the user’s ability to understand a packet capture containing network traffic using the DNS protocol. Use Wireshark or, if provided, the web-based CloudShark tool to solve the challenge.

Background

The DNS (Domain Name Service) protocol enables a system that allows devices to lookup the IP address of a domain name. This is useful because, as humans, it is much easier for us to remember “google.com” instead of the specific IP address that you should use when you want to reach any website’s services.

All of the questions and answers in this challenge are specific to the DNS protocol, so it may be helpful to learn more about DNS through our video explanation or on the web:

Cyber Skyline Live - DNS - Oct 28, 2021

What does DNS (Domain Name System) do, and why should you care? In this episode of the Cyber Skyline Live tutorial series, Franz Payer, CEO of Cyber Skyline, gives an in-depth explanation of DNS - what it does, how you can interact with DNS in cybersecurity context, and how to use Wireshark to to solve cybersecurity challenges. Comes in super-handy for the National Cyber League competitions! Reach out with questions at contact@cyberskyline.com. Cyber Skyline is the organizer of the National Cyber League, a bi-annual, all-virtual cybersecurity student competition, advancing hands-on skills and knowledge. Check the website at nationalcyberleague.org for details on NCL.

www.youtube.com

Cyber Skyline Live - DNS - Oct 28, 2021

Guide

Questions 1 and 2 can be solved by looking for a packet with “Standard query” in the info column (packet #4). Once found, expanding the packet dissectors for DNS will yield the answers.

image

Questions 3 – 5 can be solved by looking for a packet with “Standard query response” in the info column (packet #5). Once found, expanding the packet dissectors for DNS will yield the answers.

image

Other Resources to Learn about DNS:

https://www.cloudflare.com/learning/dns/what-is-dns/

https://aws.amazon.com/route53/what-is-dns/

Questions

1. What is the type of the DNS query requested?

2. What domain was requested?

3. How many items were in the response?

4. What is the TTL for all of the DNS records?

5. What is the IP address for the "welcome" subdomain?

©️ 2025 Cyber Skyline. All Rights Reserved. Unauthorized reproduction or distribution of this copyrighted work is illegal.