The following example is looking only for UDP packets, but it captured DNS packets. If you know beforehand what protocol you are looking for, you can add it to the tshark command. Again, it's DNS, but now it's a response for the query (Standard query response) for 's IP address: 3 1.827143443 1.1.1.1 → 192.168.1.9 DNS 90 Standard query response 0xcda0 A A 54.204.39.132 The packet below is a reply coming from my name server 1.1.1.1 to my machine 192.168.1.9.
The packet is for the DNS protocol, and it's querying (Standard query) the name server for : 2 1.798275687 192.168.1.9 → 1.1.1.1 DNS 74 Standard query 0xcda0 A The packet below originated from my laptop 192.168.1.9 and is headed for destination 1.1.1.1.
The example below uses the nslookup command to query the name servers to resolve a hostname to an IP address. There are dedicated DNS (or name) servers, which you can query with either a hostname or an IP address.
The DNS protocol converts the hostname to an IP address and the IP address to a hostname.
0 kommentar(er)
