Analysis of DNS packets

Copiez-collez cette commande dans votre terminal :

Le mot de pase pour se connecter est

Load the attached packet trace using wireshark and indicate which of the following affimations are correct.

If you do not have wireshark installed on your computer, you can see the packet trace in the question just below.

The first packet contains a query

The identifier of the request in the second packet is 0xedc5

The second packet is a retransmission of the first one

In this packet trace, DNS is used over UDP

The query of the first packet was for a record of type AAAA

The query of the first packet was for a record of type NS

The second packet contains a response

#	Taille	Résumé	État
0	29 octets	`Domain Name System (query)`
1	29 octets	`Domain Name System (query)`

0000 c3050035001d2cdc edc5012000010000
0010 0000000003636f6d 0000020001

0000 Ã..5..,ÜíÅ. ....
0010 .....com.....

User Datagram Protocol, Src Port: 49925, Dst Port: 53
- Source Port: 49925
- Destination Port: 53
- Length: 29
- Checksum: 0x2cdc [unverified]
Domain Name System (query)
- Transaction ID: 0xedc5
- Flags: 0x0120 Standard query
  - 0... .... .... .... = Response: Message is a query
  - .000 0... .... .... = Opcode: Standard query (0)
  - .... ..0. .... .... = Truncated: Message is not truncated
  - .... ...1 .... .... = Recursion desired: Do query recursively
  - .... .... .0.. .... = Z: reserved (0)
  - .... .... ..1. .... = AD bit: Set
  - .... .... ...0 .... = Non-authenticated data: Unacceptable
- Questions: 1
- Answer RRs: 0
- Authority RRs: 0
- Additional RRs: 0
- Queries
  - com: type NS, class IN
    - Name: com
    - Name Length: 3
    - Label Count: 1
    - Type: NS (authoritative Name Server) (2)
    - Class: IN (0x0001)

0000 c3050035001d2cdc edc5012000010000
0010 0000000003636f6d 0000020001

0000 Ã..5..,ÜíÅ. ....
0010 .....com.....

User Datagram Protocol, Src Port: 49925, Dst Port: 53
- Source Port: 49925
- Destination Port: 53
- Length: 29
- Checksum: 0x2cdc [unverified]
Domain Name System (query)
- Transaction ID: 0xedc5
- Flags: 0x0120 Standard query
  - 0... .... .... .... = Response: Message is a query
  - .000 0... .... .... = Opcode: Standard query (0)
  - .... ..0. .... .... = Truncated: Message is not truncated
  - .... ...1 .... .... = Recursion desired: Do query recursively
  - .... .... .0.. .... = Z: reserved (0)
  - .... .... ..1. .... = AD bit: Set
  - .... .... ...0 .... = Non-authenticated data: Unacceptable
- Questions: 1
- Answer RRs: 0
- Authority RRs: 0
- Additional RRs: 0
- Queries
  - com: type NS, class IN
    - Name: com
    - Name Length: 3
    - Label Count: 1
    - Type: NS (authoritative Name Server) (2)
    - Class: IN (0x0001)

Analysis of DNS packets Masquer l'énoncé