I can only write as a mail instead of GMAI L

Tracing DNS with Wireshark 1) Open and start Wireshark. Enter dns into the display-filter window, so that only DNS messages will be displayed in the packet-listing window. 2) Open a Command Prompt and type in: nslookup -type=MX mail.com 3) Stop packet capture.

Questions: Note that you need to provide all screenshots of the source of info you found to answer these questions to get full credits

1. (1 pt) Provide a screenshot of nslookup command prompt, including the results.

2. (1 pt) Describe what the above nslookup command did.

3. Check your Wireshark result. a) (1 pt) Provide the screenshot of the DNS query message. b) (1 pt) Provide the screenshot of the DNS response message. c) (2 pts) Is it sent over UDP or TCP? Provide the screenshot of the section where the info is found. Why is the protocol chosen over the other?

4. DNS ports a) (1 pt) What is the destination port for the DNS query message? Screenshot b) (1 pt) What is the source port of DNS response message? Screenshot

5. IP addresses a) (1 pt) To what IP address is the DNS query message sent? Screenshot b) (2 pt) Provide a screenshot of your local DNS server address from your Network Preference (MAC user) or Network and Sharing Center (PC user). Are these two IP addresses the same?

6. Wireshark: Examine the DNS query message. a) (1 pt) What Type of DNS query is it? b) (1 pt) Does the query message contain any answers? Provide screenshot to show the evidence

7. (2 pts) Provide your screenshot of the DNS query message (show Flags and Queries info in details)

. 8. Wireshark: Examine the DNS response message. a) (1 pt) How many answers are provided? Screenshot b) (1 pt) What does each of these answers contain? Screenshot c) (1 pt) How many Additional RRs are provided? Screenshot

9. (2 pts) Provide your screenshot of the DNS respond message (show all Answers and Additional Records info in details).