DNS tools
Since DNS is so fundamental, there are a lot of tools available. We will focus mostly on dig.
dig server (20 min)
-
Run
dig google.comRead the output and explain what is seen
-
Run
dig www.google.comRead the output and explain what is seen
-
Run
dig drive.google.comRead the output and explain what is seen
-
Run
dig meet.google.comRead the output and explain what is seen
-
Explain the differences
dig reverse (15 min)
-
Run
dig google.comRead the output and verify that it is as expected.
-
Run
dig -x <ip>, where<ip>is the ip address found in the step above.Read the output and explain what is seen
-
Explain what the two domains are not the same
-
Run
ping -c1 google.comRead the output, explain what is seen, and verify that it is as expected.
dig +trace (15 in)
The tool dig has an option for tracing the DNS requests needed to look up a name.
-
Run
dig www.gitlab.comRead the output and explain what is seen
-
Run
dig +trace www.gitlab.comRead the output and explain what is seen
NEC3andRRSIGare security related and may be ignored for now.
dig records (20 min)
-
Run
dig google.comRead the output and verify that it is as expected.
-
Run
dig google.com ARead the output and verify that it is as expected.
-
Run
dig google.com MXRead the output and explain what is seen.
-
Run
dig google.com NSRead the output and explain what is seen.
dns and wireshark (20 min)
-
Run wireshark and start capture on the uplink interface
The uplink interface is the one that has the connection to the internet.
-
Check the wireshark filter reference for how to filter DNS queries
-
In a terminal, run
dig google.com -
Stop the capture and refind the packages
-
Verify that the packages show the same as the output in the terminal.