Practical Exercise – Exploring DNS from a Home Computer

In these exercises, the colors of the command prompt have been reversed so it is easier to see.

Confirm your DNS settings

Right-click the Start button, choose run, and type in cmd
The command prompt will appear. Type ipconfig/all, and the following should appear:

You can see from the preceding output that the DNS Server has an IP Address of 192.168.1.1.
After completing this task, you will have gained some experience using the command ipconfig/all to view your IP settings.

Using DNS Lookup from a Home Computer

DNS Lookup is normally used in a domain environment from the company’s DNS database.
However, this practical exercise is designed to be done from a home computer.
When you run a DNS Lookup command, you will be searching your ISP’s DNS database.
This is where a non-authority’s response will appear.
You are going to search a DNS database for the IP Address of the website www.securityplus.training
Go to the command prompt and type dnslookup www.securityplus.training.
This will search your ISPs DNS server.
Your output should look like the output shown below, though the IP address may differ:

You can see that the DNS server is actually the wireless router.
It gives everyone in the house an IP address when they connect to it.

Performing DNS Name Resolution

In this exercise, you will perform DNS Resolution for the securityplus.training website.
The web server uses a hostname of www.
At the same time, you will use the ping tool to test connectivity to the website.
Go to the command prompt and type ping www.securityplus.training.
Your output will be similar to the following:

In the preceding output, you see the hostname www.securityplus.training, and in the first line of the output, you can see that it resolves the hostname to the IP Address of 160.153.138.53.
You also used ping to test connectivity with a remote host.
From the output, you can see that there are four replies.
The TTL value has a value of 128 or less.
In completing this task, you have identified DNS resolution and used the ping command.

Displaying the DNS Cache.

In this exercise, you are going to display the DNS cache.
This is an area that hackers will try and poison as it is the first place the computer searches when completing DNS resolution.
Go to the command prompt and type ipconfig /displaydns.
Your DNS cache should appear and look similar to the output below.

Sometimes, the DNS Cache is poisoned or the target host’s IP Address has changed.
In the next exercise, you are going to clear the cache.

Clearing the DNS Cache

DNS resolution looks first at the DNS Cache, then the Hosts file, then finally the DNS Server.
If you ever need to clear the DNS Cache because it has been poisoned, or because the entries are outdated, you can do so by using the command shown below.
Go to the command prompt and type ipconfig /flushdns

From the preceding output, you can see that the DNS Cache has been cleared.

Check out the book CompTIA Security+: SY0-601 Certification Guide to help you pass on the first attempt.