Hi Team, I am not able to find the query packets in my wireshark trace, I always get the first packet as response not matter what i do. I flushed the dns, clear the browser cache tried from browser as well as from the cli nslookup option, Still doesnot work. Thanks Irfan asked 11 Feb '14, 19:55  arshmohd |
One Answer:
Sounds like you don't see outgoing packets, especially DNS requests. If so, please see the other questions (and answers) tagged with outgoing. In most of the cases there is an interfering software installed on the client, that prevents Wireshark from capturing outbound/outgoing frames, like: AV, Firewall, IDS, VPN client, Endpoint Security. If that is that case on your system, please disable and/or uninstall that software. See also here:
where Symantec Endpoint Security has been the problem (again). Regards answered 12 Feb '14, 00:45  Kurt Knochner ♦ edited 12 Feb '14, 01:40 I have symantec Endpoint but i will try this again today on my homepc if that helps.. Could it be possible that specific websites dont let the query packets to be captured,.... we have anycast DNS infra.. If that could be an issue..... ? Regards Irfna (12 Feb '14, 23:30) arshmohd Websites have no influence on your local DNS query. Symantec Endpoint has been reported as a problem in similar cases, several times. (13 Feb '14, 00:07) Kurt Knochner ♦ |
Where are you capturing? I guess you're connected via wireless and capturing on your own system?
Yes i am connected from Wireless...