All Questions
22
questions
4
votes
3
answers
2k
views
Does DNS-over-HTTPS hide domain name of websites from packet analyzers?
A person on my same Wifi network is tracking name of the websites that I visit using tools like Wireshark. Does DNS over HTTPS hide the name of the sites that I visit?
My DNS settings are -
DNS ...
- 45
1
vote
0
answers
340
views
How to manually resolve an address in WireShark?
There is an address in the capture window that i want to manually resolve:
So i right-click the address, click Manually Resolve Address, and enter a Name for the address:
When i click OK, WireShark ...
- 22.5k
0
votes
0
answers
674
views
Why is my Virtual Machine sending MDNS requests in the internal network?
Following setup:
Windows 10 host system runs 2 Ubuntu 20.04 Virtual Machines from VirtualBox.
Both the VMs have their network adapter set to "internal" mode, which means only an internal ...
- 1
0
votes
1
answer
76
views
Which application initiates network requests? Local DNS reports reqs to non-existing domains. [wireshark, macos, dns]
Summary:
I see dozens of requests to non-existing domains and I suspect it slows down my network. Can't find the source.
Full description:
I use pihole as a DNS server, and both Wireshark and Little ...
- 131
0
votes
2
answers
3k
views
DNS and understanding root servers
Firstly, is this explanation on how DNS works right?
When we visit a site, say (www.example.com),we are doing a lookup to convert the domain name to an i.p address. So, our computer first looks at ...
- 5
0
votes
0
answers
287
views
DNS resolution is not working until dnsmasq is restarted
Name resolution is not working until dnsmasq is restarted manually. Packet captures says that it is refused in nonworking scenario. what could be the cause for this issue? How can I debug further? Is ...
- 101
0
votes
1
answer
150
views
Tracert dns behaviour explanation
I'm trying to understand how tracert works. While sniffing packets with Wireshark I noticed that sometimes tracert decides to not resolve the host name.
Here are some examples:
tracert http://www....
- 23
5
votes
0
answers
394
views
Windows 7 stops sending DNS packets at seemingly random times
Pinging an IP directly (and just about any other direct IP connection) seems to pass through.
On the other hand, when pinging a domain, using chrome to enter a website or attempting to use nslookup ...
- 151
0
votes
1
answer
74
views
Why does a chromebook call out to these non existent domains?
Is this one of their forms of checking for a captive portal or what?
- 71
0
votes
2
answers
4k
views
My DNS server queries root servers?
I have a DNS server and a host in a lab environment. When my host queries for the IP of an web-address, like www.[somewedishwebsite].se (Swedish domain), it first queries my DNS server with IPv4 & ...
- 25
1
vote
1
answer
1k
views
How to resolve DNS from java like WIRESHARK does?
Could you explain how Wireshark makes a DNS query in order to resolve the name of an IP address?
My issue is about the mismatch between the domain name resolved by Wireshark and that returned by ...
- 13
1
vote
3
answers
5k
views
How does Wireshark resolve DNS names?
Could you explain how Wireshark makes a DNS query in order to resolve the name of an IP address?
My issue is about the mismatch between the domain name resolved by Wireshark and that returned by ...
Dominik
0
votes
1
answer
1k
views
wireshark save capture directly to file with filter
I am looking to have a long-term packet capture running to monitor DNS requests on my machine. I generally use wireshark for network monitoring, but since I am only interested in DNS packets, and over ...
0
votes
3
answers
21k
views
How to find IP address of a DNS server
I'm a CS student and currently taking a (basic) course in information security. I was given an assignment which required me to analyse a given .pcap file using Wireshark and obtain information on the ...
Vizuna
0
votes
1
answer
1k
views
I see frequent PTR requests in my wireshark capture, are they normal?
Lately I've been getting very frequent DNS lookup failuers (I use Google's dns servers) so I set up wireshark to see some of the traffic and I see many PTR requests for IP's that don't seem relevant.
...
- 257