Lab 5.3: Exploring DNS Traffic

LAB - Eye House Tools

Analyze DNS traffic patterns using Wireshark. Learn to identify normal DNS queries, detect DNS tunneling, and recognize DNS-based C2 communication indicators.

Lab Objectives

Capture and filter DNS traffic
Analyze DNS query and response structure
Identify suspicious DNS patterns (high entropy, unusual TLD)
Detect potential DNS tunneling indicators
Extract IOCs from DNS traffic

Launch Wireshark Training

Source:

Eye House > Tools > Wireshark Training

Back to Week 5