Wireshark · Ethereal-users: RE: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?

Ethereal-users: RE: [Ethereal-users] how to capture only DNS packets byapplyingfilter in etherea

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Moses Hernandez" <moses_hernandez@xxxxxxxxxxx>

Date: Thu, 19 Feb 2004 07:45:47 -0500

The reason you don't see the DNS response is because DNS will not respond
back on port 53 it will only listen on that port for incoming requests. The
best way I've done it is ip.addr == <ip of dns server> this will show all
the packets that was originated out of the dns server and then I sort by
protocol type. 

Moses


-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Vadiraj Kulkarni
Sent: Thursday, February 19, 2004 7:26 AM
To: 'Ethereal user support'
Subject: RE: [Ethereal-users] how to capture only DNS packets
byapplyingfilter in ethereal?

hi,
 I have tried this ( putting only "dns" (ethereal is unable to parse this
filter). It won't work.
When i do "udp dst port 53", i will get all the packet my system to DNS.
similarly if i don "udp src port 53", i don't get any packet.

Please let me know, how to do this?.

I am using ethereal-0.10.1, winpcap 3.1 beta


Thanks & Regards
Vadiraj Kulkarni

-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx]On Behalf Of Barnebeau
Sent: Thursday, February 19, 2004 5:44 PM
To: Ethereal user support
Subject: Re: [Ethereal-users] how to capture only DNS packets by
applyingfilter in ethereal?


Hi,

Just only apply filter with string "dns"

Barn


--- vadiraj kulkarni <vadiraj_kulkarni1999@xxxxxxxxx>
wrote:
> Hello,
> I am trying to capture only DNS packets using
> ethereal
> software.
> First time i am trying to capture packets without
> applying any filters. It captures all the packets
> in which i can see DNS query as well as DSN response
> along with other packet
> by doing nslookup.
>
> Since i am interested only in the DNS packet, i
> tried
> to apply a filter udp port 53
> By applying the filter, i am getting only DNS query
> pakcets. Not able to see DNS response.
>
> Can any one of you know how to capture only DNS
> response?.
>
> Thanks & Regards
> Vadiraj Kulkarni
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Finance: Get your refund fast by filing
> online.
> http://taxes.yahoo.com/filing.html
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
>
http://www.ethereal.com/mailman/listinfo/ethereal-users


__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

Follow-Ups:
- Re: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?
  - From: Marco van den Bovenkamp

References:
- RE: [Ethereal-users] how to capture only DNS packets by applyingfilter in ethereal?
  - From: Vadiraj Kulkarni

Prev by Date: Re: [Ethereal-users] Capturing packet on Switch
Next by Date: Re: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?
Previous by thread: RE: [Ethereal-users] how to capture only DNS packets by applyingfilter in ethereal?
Next by thread: Re: [Ethereal-users] how to capture only DNS packets byapplyingfilter in ethereal?
Index(es):
- Date
- Thread