notebook.community

Edit and run

Domain Name System

Here is a DNS message. Answer the following questions about it:

  1. What is the ID number of the transaction?
  2. Is this is request or a response?
  3. Is recursion available or not?
  4. What is the type of the request?
  5. What is the name of the host that was requested?
  6. What is the IP Address of the host?
  7. Is the response authoritative?
  8. What is the value of the TTL field?

Hint, you will definitely want to google and find the RFC or some other detailed source that describes the format of the request/response in detail. You might also capture a DNS message in Wireshark, and use that as an example.

44 02 81 80 
00 01 00 01 
00 00 00 00 
0c 72 61 6d 
62 6c 69 6e 
77 72 65 63 
6b 03 63 6f 
6d 00 00 01 
00 01 c0 0c 
00 01 00 01 
00 00 06 2b 
00 04 40 1e 
e4 14

Bit Twiddling in Python





In [28]:



    


dec = int('0x10',16)
dec



    


















    
Out[28]:








16

















In [29]:



    


# logical and and or
print(bin(16),bin(1),bin(16|1))
print(bin(16),bin(1),bin(16&1))

# Note that bin removes the leading zeros.



    


















    






0b10000 0b1 0b10001
0b10000 0b1 0b0

















In [30]:



    


# Converting to characters -- Also you can google a hex ascii table
chr(int('0x73',16))



    


















    
Out[30]:








's'

Answers





In [31]:



    


id = int('0x4402',16)
print('The ID is',id)



    


















    






The ID is 17410
1. The ID is 17410 




In [32]:



    


def toBinStr(num,spaces=False):
    num = int(num,16)
    num=bin(num)
    length = len(num)
    outStr = ((8-(length-2)) * '0') + num[2:]
    if spaces:
        outStr = outStr[:4] + ' ' + outStr[4:]
    return outStr

flagsOne = toBinStr('0x81',True)
flagsTwo = toBinStr('0x80', True)
flagsOne + ' ' + flagsTwo



    


















    
Out[32]:








'1000 0001 1000 0000'
2. Because the first index of flags is a 1, the message is a response. 3. Because the value at index 8 is a 1, recursion is available. 




In [33]:



    


totalStr = toBinStr('0x81') + toBinStr('0x80')
msgType = totalStr[1:5]
print("The type code is",int(msgType,2))



    


















    






The type code is 0
4. The type code is 0, which means it is a standard query 




In [34]:



    


print("The length of the host name is",str(int('0x0c',16)),' characters long.')
print("The name of the requested host is 72 61 6d 62 6c 69 6e 77 72 65 63 6b in hex or 'ramblinwreck'")
print("The extension of the name is 3 bytes long and 63 6f 6d in hex or 'com'")



    


















    






The length of the host name is 12  characters long.
The name of the requested host is 72 61 6d 62 6c 69 6e 77 72 65 63 6b in hex or 'ramblinwreck'
The extension of the name is 3 bytes long and 63 6f 6d in hex or 'com'
5. The requested host name is www.ramblinwreck.com 




In [35]:



    


print(str(int('0x40',16)),str(int('0x1e',16)),str(int('0xe4',16)),str(int('0x14',16)))



    


















    






64 30 228 20
6. The IP of the host is 64.30.228.20 7. The response is not authoritative because the number of authoritative responses is 0 in the message header. 




In [36]:



    


ttl = int('0x062b',16)
print("The TTL is",ttl,'seconds, or',ttl/60,'minutes.')



    


















    






The TTL is 1579 seconds, or 26.316666666666666 minutes.
8. The TTL is 1579 seconds, or 26.316666666666666 minutes.

Content source: dykega/CS341

Similar notebooks:

notebook.community | gallery | about