Mr Cracker, profile picture
Uploaded byMr Cracker
PPTX, PDF360 views

Understanding DNS Traffic Pattern

The document explains the Domain Name System (DNS), which translates web names like www.yahoo.com into IP addresses using a distributed database. It outlines the roles of various DNS servers, the structure of DNS messages, and key characteristics of DNS traffic exchange. Additionally, it describes methodologies for capturing and analyzing DNS traffic, emphasizing the importance of balanced queries and responses.

Embed presentation

Download to read offline
DNS, the Domain Name System, is the Internet’s distributed database which maps the names used by users of the web - www.yahoo.com- to the corresponding IP address.
1 2 3 4 5 6 7 Local DNS Cache ISP Recursive DNS Server Root Nameservers TLD Nameservers Authoritative DNS servers Retrieve the record Receive the answer
DNS port is 53. Any DNS message should have the number 53 as the port number as either Source or Destination. Fist message sent in any DNS exchange should be query. And it should be sent to server. The header size is 12 bytes.
It receives UDP packets with port 53 as Destination portInternal DNS • If UDP source port 53 replies are seen coming form the same node back to the IP address which sent the query, then it’s almost certain that the node is Server. The traffic exchange should be balanced.Traffic Exchange • It’s an important characteristic of DNS traffic that if message exchange occur between two IP address, then it should balanced,( Query should occur before the Response.
packet size must be larger than 40 bytes if DNS Q/R included.Packet size • TCP requires minimum 20 bytes for header info. UDP header 8 bytes. DNS header 12 bytes. Response are not expected to be bigger than the query.Response Size • Response size is not that big because it’s only send the IP address. It include the same domain name along with the corresponding IP address, which is 4 bytes long Details
Methodology Capturing • Capture all data on UDP Port 53. Matching • Match flow to create a conversation Conversation Type • Determine that the conversation Is normal or imbalanced Identification Apply to rules to Identify DNS Server.
Thanks

More Related Content

PPT
Dns
bySanoj Kumar
 
PPT
Domain name system
byVivek Gautam
 
PPT
D.N.S
byNirbhay Upadhyay
 
PPT
Dns ppt
byBizuworkk Jemaneh
 
PPT
Domain Name Server
byvipulvaid
 
PDF
Dns
byjulien pauli
 
PPTX
DNS
bybhavanatmithun
 
PPT
Domain name server
byMobile88
 
Dns
bySanoj Kumar
 
Domain name system
byVivek Gautam
 
D.N.S
byNirbhay Upadhyay
 
Dns ppt
byBizuworkk Jemaneh
 
Domain Name Server
byvipulvaid
 
Dns
byjulien pauli
 
DNS
bybhavanatmithun
 
Domain name server
byMobile88
 

What's hot

PPTX
Domain Name System ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
DNS : The internet’s directory service
byBalaSuresh AsaiThambi
 
PPT
Chapter 29 Domain Name System.ppt
bywebhostingguy
 
PPT
Dns detail understanding
byCapital University of Science and Technology
 
PPT
domain network services (dns)
byVikas Jagtap
 
PPT
Dns protocol design attacks and security
byMichael Earls
 
ODP
Introduction to DNS
byJonathan Oxer
 
PPTX
Domain name system
bySiddharth Chandel
 
PPTX
Domain Name System DNS
byAkshay Tiwari
 
PPT
Chapter 4 configuring and managing the dns server role
byLuis Garay
 
PPTX
Domain Name System
byMahavir Vataliya
 
PPTX
Dns 2
byTech_MX
 
PPTX
Domain Name System Explained
byHTS Hosting
 
DOC
How to configure dns server(2)
byAmandeep Kaur
 
PPT
DNS
byFTC
 
PPTX
main
byOmar Faruk Sazib
 
PPT
Dns
bydeshvikas
 
PPT
Domain name system
byDiwaker Pant
 
PDF
DNS (Domain Name System)
byShashidhara Vyakaranal
 
PPTX
Domainnamesystem
byV.V.Vanniaperumal College for Women
 
Domain Name System ppt
byOECLIB Odisha Electronics Control Library
 
DNS : The internet’s directory service
byBalaSuresh AsaiThambi
 
Chapter 29 Domain Name System.ppt
bywebhostingguy
 
Dns detail understanding
byCapital University of Science and Technology
 
domain network services (dns)
byVikas Jagtap
 
Dns protocol design attacks and security
byMichael Earls
 
Introduction to DNS
byJonathan Oxer
 
Domain name system
bySiddharth Chandel
 
Domain Name System DNS
byAkshay Tiwari
 
Chapter 4 configuring and managing the dns server role
byLuis Garay
 
Domain Name System
byMahavir Vataliya
 
Dns 2
byTech_MX
 
Domain Name System Explained
byHTS Hosting
 
How to configure dns server(2)
byAmandeep Kaur
 
DNS
byFTC
 
main
byOmar Faruk Sazib
 
Dns
bydeshvikas
 
Domain name system
byDiwaker Pant
 
DNS (Domain Name System)
byShashidhara Vyakaranal
 
Domainnamesystem
byV.V.Vanniaperumal College for Women
 

Viewers also liked

PPTX
Domain Name System
byVinay Kumar
 
PPT
Domain Name System
byABDUL GAFOOR K V
 
PPTX
Domain name system
byNifras Ismail
 
PPTX
Toolbar, statusbar, coolbar in vb
byAmandeep Kaur
 
PPTX
Studying the Advantages of Music in English in the Process of English Learnin...
byUNIVERSIDAD MAGISTER (Sitio Oficial)
 
DOCX
Modelos de prueba unidad i
byflor2510
 
PDF
разработка агрегированного индекса финансовой стабильности
byИнфобанк бай
 
PDF
Guanyadors Premi Sambori Vall Albaida 2016
byDianiaTV
 
PDF
CV_Frances Spencer_Jan 2017
byFrances Spencer
 
PPTX
Types de données MySQL
byAlexandre Leclerc-Gravel
 
PDF
THE NATIONAL PLAN OF ENGLISH AS A FOREING LANGUAGE IN PRIMARY SCHOOLS AND ITS...
byUNIVERSIDAD MAGISTER (Sitio Oficial)
 
TXT
selfid easdfafasdasgfaisdnasd
byLuis Mosnx
 
PDF
Follow up email presentation | Get a job interview
byPierre Faure
 
PPTX
Determinación del Nivel de Cumplimiento de la Ley 7935 "Ley Integral para la ...
byUNIVERSIDAD MAGISTER (Sitio Oficial)
 
PDF
Les memoires
bydigidid
 
PDF
Teoria del modelado de objetos otros diagramas actividad despliegue
byRobert Rodriguez
 
PPTX
Pfe final lundi matin
byAsmae LGUENSAT
 
PDF
University of Utah Health Exceptional Value Annual Report 2014
byUniversity of Utah
 
PDF
Manual de la Vivienda - Covintec Chile
byCovintec Chile
 
Domain Name System
byVinay Kumar
 
Domain Name System
byABDUL GAFOOR K V
 
Domain name system
byNifras Ismail
 
Toolbar, statusbar, coolbar in vb
byAmandeep Kaur
 
Studying the Advantages of Music in English in the Process of English Learnin...
byUNIVERSIDAD MAGISTER (Sitio Oficial)
 
Modelos de prueba unidad i
byflor2510
 
разработка агрегированного индекса финансовой стабильности
byИнфобанк бай
 
Guanyadors Premi Sambori Vall Albaida 2016
byDianiaTV
 
CV_Frances Spencer_Jan 2017
byFrances Spencer
 
Types de données MySQL
byAlexandre Leclerc-Gravel
 
THE NATIONAL PLAN OF ENGLISH AS A FOREING LANGUAGE IN PRIMARY SCHOOLS AND ITS...
byUNIVERSIDAD MAGISTER (Sitio Oficial)
 
selfid easdfafasdasgfaisdnasd
byLuis Mosnx
 
Follow up email presentation | Get a job interview
byPierre Faure
 
Determinación del Nivel de Cumplimiento de la Ley 7935 "Ley Integral para la ...
byUNIVERSIDAD MAGISTER (Sitio Oficial)
 
Les memoires
bydigidid
 
Teoria del modelado de objetos otros diagramas actividad despliegue
byRobert Rodriguez
 
Pfe final lundi matin
byAsmae LGUENSAT
 
University of Utah Health Exceptional Value Annual Report 2014
byUniversity of Utah
 
Manual de la Vivienda - Covintec Chile
byCovintec Chile
 

Similar to Understanding DNS Traffic Pattern

PPTX
Konsep Domain Name System dalam jaringan komputer
bydjarotmudjianto63
 
PDF
Computer Networks Module 1 - part 2.pdf
byShanthalaKV
 
PPTX
06 coms 525 tcpip - dhcp and dns
byPalanivel Kuppusamy
 
PPT
College Workshop-IP Communication(Backward Compatable).ppt
byraje63
 
PPT
Chap 19
byBayu Murti
 
PPTX
Unit-5 - Application Layer for computer networks ece
bymanjukandas36
 
Konsep Domain Name System dalam jaringan komputer
bydjarotmudjianto63
 
Computer Networks Module 1 - part 2.pdf
byShanthalaKV
 
06 coms 525 tcpip - dhcp and dns
byPalanivel Kuppusamy
 
College Workshop-IP Communication(Backward Compatable).ppt
byraje63
 
Chap 19
byBayu Murti
 
Unit-5 - Application Layer for computer networks ece
bymanjukandas36
 

More from Mr Cracker

PPTX
Denial Of Service
byMr Cracker
 
PDF
How to setup mercury wifi router
byMr Cracker
 
PPTX
Hacking Citrix Cloud Server
byMr Cracker
 
PPTX
Unblock all the Blocked sites in China
byMr Cracker
 
PPTX
6 Blessed Sayings of Holy Prophet Muhammad
byMr Cracker
 
PPTX
Xen and Art of Virtualization (Xen Architecture)
byMr Cracker
 
PPTX
China Vs World
byMr Cracker
 
PPTX
Virtualization, Cloud computing and OS Fingerprinting
byMr Cracker
 
PDF
Interesting Email Services (Email Hacks)
byMr Cracker
 
PPTX
The Mythical Man Month
byMr Cracker
 
PPTX
Google Hacking and Power Search Techniques
byMr Cracker
 
PPT
Facts you don’t know about pakistan
byMr Cracker
 
PPTX
Wiretapping
byMr Cracker
 
PPTX
Interesting email service’s
byMr Cracker
 
Denial Of Service
byMr Cracker
 
How to setup mercury wifi router
byMr Cracker
 
Hacking Citrix Cloud Server
byMr Cracker
 
Unblock all the Blocked sites in China
byMr Cracker
 
6 Blessed Sayings of Holy Prophet Muhammad
byMr Cracker
 
Xen and Art of Virtualization (Xen Architecture)
byMr Cracker
 
China Vs World
byMr Cracker
 
Virtualization, Cloud computing and OS Fingerprinting
byMr Cracker
 
Interesting Email Services (Email Hacks)
byMr Cracker
 
The Mythical Man Month
byMr Cracker
 
Google Hacking and Power Search Techniques
byMr Cracker
 
Facts you don’t know about pakistan
byMr Cracker
 
Wiretapping
byMr Cracker
 
Interesting email service’s
byMr Cracker
 

Recently uploaded

PDF
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
PDF
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
PDF
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
PDF
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PPTX
Code Like Bro -A guide for better Coding
byMadan Panthi
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PDF
Certified AI-Empowered SAFe Release Train Engineer.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
Peculiar Findings Around CEX Activity and ETH Price
bytobbymnbvcxz
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
Code Like Bro -A guide for better Coding
byMadan Panthi
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
Certified AI-Empowered SAFe Release Train Engineer.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Peculiar Findings Around CEX Activity and ETH Price
bytobbymnbvcxz
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 

Understanding DNS Traffic Pattern

  • 2.
    DNS, the DomainName System, is the Internet’s distributed database which maps the names used by users of the web - www.yahoo.com- to the corresponding IP address.
  • 3.
    1 2 3 4 5 6 7 Local DNS Cache ISPRecursive DNS Server Root Nameservers TLD Nameservers Authoritative DNS servers Retrieve the record Receive the answer
  • 4.
    DNS port is53. Any DNS message should have the number 53 as the port number as either Source or Destination. Fist message sent in any DNS exchange should be query. And it should be sent to server. The header size is 12 bytes.
  • 5.
    It receives UDPpackets with port 53 as Destination portInternal DNS • If UDP source port 53 replies are seen coming form the same node back to the IP address which sent the query, then it’s almost certain that the node is Server. The traffic exchange should be balanced.Traffic Exchange • It’s an important characteristic of DNS traffic that if message exchange occur between two IP address, then it should balanced,( Query should occur before the Response.
  • 6.
    packet size mustbe larger than 40 bytes if DNS Q/R included.Packet size • TCP requires minimum 20 bytes for header info. UDP header 8 bytes. DNS header 12 bytes. Response are not expected to be bigger than the query.Response Size • Response size is not that big because it’s only send the IP address. It include the same domain name along with the corresponding IP address, which is 4 bytes long Details
  • 7.
    Methodology Capturing • Captureall data on UDP Port 53. Matching • Match flow to create a conversation Conversation Type • Determine that the conversation Is normal or imbalanced Identification Apply to rules to Identify DNS Server.
  • 8.