First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

zipcode of network

is it possible to determine the zip code in which a network is operating from the network traffic using wireshark

jake hutnick's avatar
1
jake hutnick
asked 2021-10-14 15:57:53 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

is it possible to determine the zip code in which a network is operating from the network traffic using wireshark

Not if it's not operating in the United States, as "ZIP code" (Zone Improvement Plan) is the term for postal codes in the US; other countries have different postal codes.

And not if a network is operating on more than one postal code; all addresses in a LAN are probably in the same postal code, but if it's a metropolitan or wide-area network, it may operate in more than one postal code.

In any case, what can sometimes be mapped to a location is an IP address. That location might not be precise enough to determine the postal code of the location, however.

A Web search for

geolocation ip address

will find some Web sites that you can use.

In addition, if Wireshark was built with the MaxMind geolocation library, you can download MaxMind's GeoLite2 free database, install it in some directory, and then add the directory containing the MaxMind files (not the directory containing that directory) to the list of "MaxMind database directories" in the "Name Resolution" preference (scroll the "Name Resolution" pane to the bottom if you don't see "MaxMind database directories"). That should show locations for IP addresses in IPv4 and IPv6 headers if one can be found in the database.

Going from that to a postal code is up to you.

Guy Harris's avatar
19.9k
Guy Harris
answered 2021-10-14 23:06:45 +0000
edit flag offensive 0 remove flag delete link
more

Comments

See the User Guide section on the MaxMind DB here.

grahamb's avatar grahamb (2021-10-15 08:04:20 +0000) edit
more
  • delete

And the man page for mmdbresolve included with Wireshark.

Chuckc's avatar Chuckc (2021-10-15 15:08:31 +0000) edit
more
  • delete

And here's a latitude & longitude to ZIP code lookup service. It says "1 Credit per Lookup", so you may get a limited number of free lookups. This StackOverflow question has some other suggestions.

Guy Harris's avatar Guy Harris (2021-10-15 20:18:43 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer