Where is an attacker coming from? Using wireshark and GeoIP databases, we can map out IP locations (unless they are spoofed of course) to a browser with a click of a button. How?
First – you have to register and download the GeoIP Lite Databases (Free):
Then, point Wireshark to the databases, look up endpoints, then toss them out to a map. Boom! You’re done.
Like this video? Then show it! Please smash like and share it with all your IT buddies. That really helps me out.
Other links n’ stuff:
===More Wireshark Needed?===
Check out the free 10-day trial of my hands-on courses on Pluralsight:
â–¶TCP Fundamentals with Wireshark – â–¶Identify Cyber Attacks with Wireshark –
===LIVE TCP TRAINING COURSE===
â–¶Network Analysis Fundamentals and TCP Deep Dive with Wireshark –
Special thanks to my cat, Pepé for his video-bomb!
source
