AnsweredAssumed Answered

Parsing TTL from DNS packets: doable?

Question asked by Renee Russell on Feb 11, 2019
Latest reply on Feb 11, 2019 by William Motley

I am being asked to parse out TTL from DNS response packets, but am seeing difficulties with this.

   1) DNS packets don't have any strings to anchor a position off of and so would just be pulling straight positional data which in essence would then activate against ALL packets, further there would be difficulties with sanity checking the data.

   2) the number of TTL in each packet is dependent on the answers contained in the packet, this would mean setting up an array and stuffing the results inside, but again the problem comes down to finding the number of answers and setting up a loop to get them all.


This does not appear to me a good case for parsing but wanted to see if anyone had any helpful suggestions or pointers that I might not have considered.