BackBox Linux Forums > BackBox Linux > Software Support > is nmap capable of packet capturing like p0f?
Pages: [1]   Go Down
« previous next »
Print
Author Topic: is nmap capable of packet capturing like p0f?  (Read 708 times)
rotation
Newbie
*
Posts: 7


View Profile
« on: January 03, 2013, 05:13:39 PM »
Got it from here:
http://www.insecure.in/hacktools.asp

nmap is the standard tool whilst p0f can identify OS by examining captured packets.
Is nmap also capable of packet capturing?


Btw.: Apparently p0f has been rewritten. Does anybody know if there is an official Repo with the newest version?
« Last Edit: January 03, 2013, 05:22:45 PM by rotation » Logged
ZEROF
Global Moderator
Sr. Member
*****
Posts: 406


View Profile WWW
« Reply #1 on: January 04, 2013, 05:43:38 PM »
Hi,

To scan for remote OS version we use option -O. Example:

nmap -sS -O 127.0.0.1

You can add --osscan-guess command if you want nmap to guess remote OS system.

nmap -O --osscan-guess 127.0.0.1

If you want to capture ...use WireShark.
« Last Edit: January 04, 2013, 05:51:55 PM by ZEROF » Logged
Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*
zerohat
Newbie
*
Posts: 3


View Profile WWW
« Reply #2 on: January 08, 2013, 03:44:40 PM »
p0f rewritten, and?
http://lcamtuf.coredump.cx/p0f3/releases/
Logged
Stolas
Newbie
*
Posts: 44



View Profile
« Reply #3 on: January 09, 2013, 10:18:18 AM »
It's not made for package capture. You should use Wireshark (it's really cool, esp tshark Wink )
And, if you _must_ use nmap have a look at http://nmap.org/book/nse-api.html I recall you could do it with a nmap script.
Logged
Whenever you think you can or can't your right.
Pages: [1]   Go Up
Print
« previous next »
Jump to: