Saturday, September 17, 2011

DNS query tracing

dig @dns.server target.dns +tracing
watch it under wireshark, It is very useful to understand how DNS query works especially for a non-cached look up.
  • As a DNS client, dig will send a standard DNS query to the target DNS server via UDP port 53. 
  • For a non-cached look up, dig will ask the answer from root server, TLD (Top Level Domain) server, specific domain server in that order.
Posted by at No comments:
Labels:

Sunday, September 11, 2011

Packet crafting and sniffing with Python extensions

  • libpcap: sudo apt-get install libpcap-dev
  • download and install pypcap, dpkt, dnet
  • pypcap 's installation is tricky: download the pyrex and recompile the pcap.pyx file will work. Furthermore, use Makefile instead of setup.py seems fixed issues.
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)