Wireshark-users: Re: [Wireshark-users] Wireshark-users Digest, Vol 29, Issue 8

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Atevewr <atevewr@xxxxxxxxx>
Date: Sat, 4 Oct 2008 00:48:02 +0530
Hi,
I have been capturing DNS traffic at my organisation for some time now, but when i was analyzing the data, i saw that one of the packet had no flag set, Wireshark showed it as a valid query & it was because i could see the udp.dstport as 53 and my dns server as a source, because it was asking the query from some other server (a rdns gave me dns1cp.msft.net)

0.175775 xxx.xx.xx.xx 65.55.238.126 DNS Standard query A advertising.microsoft.com

Can somebody plz tell me how is it possible that a DNS packet can travel on internet without any flag, & just on the basis that its a dns packet and destination port 53, so its a query??

thanks in advance.