Hi,
I am studying a postgraduate degree of digital forensic computing and my professor have asked me to do a network forensic analysis of DNS protocol. He have asked us the following:
Asked us to setup Virtual server using VMware workstation and virtual client. It should not be connected to internet and do DNS forensic analysis by extracting the digital evidence in relation to DNS protocol
Now I have already setup a virtual server of Windows Server 2012 R2 having Active Directory and Active Directory integrated DNS Server and a virtual client of Windows 7 Professional which is joined to this domain. I have also installed Wireshark on this client computer but the problem is for me how to perform steps of extracting digital evidence and how to explain the wireshark logs in words
If anybody can provide me help in this regard I shall be grateful
Thanks & regard,
Osama