Wireshark 1.1.2 and the higher versions can use GeoIP (commercial version) and GeoLite (free version) databases to look up the city, country, AS number, and other information for an IP address discovered by Wireshark.
Autonomous System (AS) is a term used in Exterior Gateway Protocols (EGPs), for identifying all routers under the control of the same network operator. When you connect to the Internet through two different Internet Service Providers (ISPs), you will get your own AS, while the two ISPs have their ASe While configuring connectivity to the Internet with two different Internet Service Providers (ISPs), ASs are configured along with an EGP routing protocol. The market standard for EGP protocol is Border Gateway Protocol version 4 (BGPv4).
You will get the binary files with the country, city, and Autonomous System (AS) numbers.
After you have downloaded the files, follow these steps:
The IP addresses are provided by Internet Assigned Numbers Authority (IANA), a suborganization of the Internet Standard Organization (ISO), to regional organizations called Regional Internet Registrars (RIPE-NCC, APNIC, AFRINIC, LACNIC, and ARIN), who then allocate them to national ISPs, and national ISPs allocate them to individual customers. GeoIP simply is a database of these locations, so it resolves the IP addresses that Wireshark captures according to this database.
The GeoLite files are free IP geographical location databases that are updated monthly. It can be found at http://dev.maxmind.com/geoip/geolite#IP_Geolocation-1.