MaxMind Database Paths in Wireshark

The market is full of tools for network and protocol analysis but most of them are available a subscription basis or at a very high price. Wireshark is the one and only network protocol analyzer which is free, open source, and provides quality tools for network assessment. Due to these qualities, it is popular not only among students but also among network specialists and researchers. Wireshark was built using C, C++, and other programming languages. It is a cross-platform software that was launched in 1998 and its latest version is 4.0.0 which was released in 2022. Its source code can be downloaded from GitLab.

MaxMind Database can be understood as a database format for mapping IP addresses to different data fields like countries, cities, system numbers, etc. MaxMind’s databases are available at its official site. Some databases are free while others are available at a certain cost. One can use these databases in their application if proper support is available. 

MaxMind Database Paths in Wireshark:

Wireshark supports the MaxMind database and hence it can be used easily by downloading the MaxMind database file which has a .mmdb extension and putting the file in the GeoIP folder of Wireshark. The path for putting the file is C:\Program Files\Wireshark\GeoIP. 

Step 1: Now open the Wireshark.

 

Step 2: Press the Edit tab and click on Preferences.

 

Step 3: A new window will open, choose Name Resolution.

 

Step 4: Again a new window will open and at the bottom MaxMind database directories are available so click on the edit button.

 

Step 5: Finally, the last window will open, here click on the + button and provide the path of the .mmdb file.

 

Now Wireshark will automatically map the Ip addresses to different fields by loading the .mmdb file from the GeoIP folder.