PCAP 25
Bookmarked!This exercise is one of our challenges to help you learn how to analyze PCAP files
To get started with this badge, you will need to install Wireshark to inspect the provided network dump. In this challenge, you can download the PCAP file and analyze it to discover the details of a DNS query and its corresponding answer. Contrary to popular belief, DNS traffic can occur over TCP, not just UDP. This exercise demonstrates how to use Wireshark to follow a TCP stream and inspect DNS query and response details.
In the video, you'll see a step-by-step walkthrough of the PCAP 25 exercise. You'll learn how to follow a TCP stream using Wireshark to extract the key for the exercise. Additionally, the video explains how to identify DNS packets and understand the query and response, including the A record and the corresponding IP address. This challenge underscores the importance of knowing that DNS can use both UDP and TCP, which can be crucial for bypassing firewall rules or debugging network issues.