DNS

DNS stands for Domain Name System. DNS is used by all machines to translate hostnames into IP addresses. This mechanism is used to translate names to attributes such as addresses (IPv4/IPv6) based on the query type.

DNS has three major components:

A name space
Servers making that name space available
Resolvers (clients) that query the servers about the name space

This topic will focus on the resolver perspective, where the client sends a query to the server and the server answers the query. There can be multiple answers to the same query.

DNS Wireshark filter

Wireshark's dns filter is used to display only DNS traffic, and UDP port 53 is used to capture DNS traffic.

Port

The default DNS port is 53, and it uses the UDP protocol. Some DNS systems use ...

Get Packet Analysis with Wireshark now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Packet Analysis with Wireshark by Anish Nath

DNS

DNS Wireshark filter

Port

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly