Prompt

DNS is what enables us to access much of the internet without remembering IP addresses, analyze the network packet capture to understand more about DNS.

You can read this guide to learn more about computer networking.

DNS.pcap0.9KB

Tutorial Video

Walk-Through

This challenge evaluates the user’s ability to understand a packet capture containing network traffic using the DNS protocol. Use Wireshark or, if provided, the web-based CloudShark tool to solve the challenge. The DNS (Domain Name Service) protocol enables a system that allows devices to lookup the IP address of a domain name. This is useful because, as humans, it is much easier for us to remember “google.com” instead of the specific IP address that you should when you want to reach Google’s services. All of the questions and answers are going to be specific to the DNS protocol, so it is suggested that you learn more about DNS:

https://aws.amazon.com/route53/what-is-dns/

https://www.cloudflare.com/learning/dns/what-is-dns/

Questions 1 and 2 can be solved by looking for a packet with “Standard query” in the info column (packet #4). Once found, expanding the packet dissectors for DNS will yield the answers.

Questions 3 – 5 can be solved by looking for a packet with “Standard query response” in the info column (packet #5). Once found, expanding the packet dissectors for DNS will yield the answers.

DNS

Prompt

Tutorial Video

Walk-Through

Questions

What is the type of the DNS query requested?

What domain was requested?

How many items were in the response?

What is the TTL for all of the DNS records?

What is the IP address for the "welcome" subdomain?