Pub Quiz: The Wireshark filter udp.port==53

Over half the people that answered this question got that correct answer. This filter will display any traffic to and from UDP port 53. The next highest response was Only DNS Traffic. It is true that DNS uses UDP port 53, but there is nothing specific in this filter to DNS.

If we only wanted DNS traffic, we would need to be more specific with the filter to only include UDP port 53 traffic that was also DNS. If you only want DNS traffic, it is best to use the 'dns' filter within Wireshark. This will ensure the structure of the data matches a DNS packet.