setting up geoip in wireshark
I get many requests asking me how to configure Wireshark to use GEOIP.
For those of you who are not familiar with GEOIP, it’s a pretty simple database that Wireshark can use to look up IP addresses and tell you what country, etc the IP address originate or is destined for.
This is especially helpful for security people, and those who perform application baselines and want to know where the device is communicating. This could simply be an exercise in validating where your data is going, or in some cases to investigate malicious or suspicious application communication.
In the video below, I show you how to get GEOIP working with Wireshark. I encourage you to give it a try and you might be surprised what you will see.
As an added bonus, go to Statistics - Endpoints and click on the IP tab to see a cool summary of the same information. While you’re there click on the MAP button to see those IP addresses on a geographical map.
Too cool.
Watch video setting up geoip in wireshark online, duration hours minute second in high quality that is uploaded to the channel The Technology Firm 06 July 2023. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 3,550 times and liked it 65 visitors.
