Configuring Wireshark to use GEOIP *

just announced

HALF DAY WIRESHARK & NETWORK TROUBLESHOOTING $500 USD JULY 26, 2023 https://thetechfirm.com/Half_Day_Course.html

I get regular requests asking me how to configure Wireshark to use GEOIP.

For those of you who are not familiar with GEOIP, it’s a database that Wireshark can use to look up IP addresses and tell you what country, etc the IP address originates or is destined for.

This is helpful for security people, and those who perform application baselines and want to know where the device is communicating. This could be an exercise in validating where your data is going, or in some cases to investigate malicious or suspicious application communication.

In the video below, I show you how to get GEOIP working with Wireshark. I encourage you to give it a try and you might be surprised what you will see.

As an added bonus, go to Statistics -> Endpoints and click on the IP tab to see a cool summary of the same information. While you’re there, click on the MAP button to see those IP addresses on a geographical map.

Too cool.

This short clip is what we cover in my training sessions.

Tony Fortunato

Sr Network Performance Specialist

The Technology Firm

https://www.thetechfirm.com

Getting things to work better - bit by bit-

Linkedin Profile https://ca.linkedin.com/in/fortunat

Youtube Channel: https://www.youtube.com/@thetechfirm

NetworkDataPedia: https://www.networkdatapedia.com

Twitter https://twitter.com/therealtechfirm