Author Topic: is nmap capable of packet capturing like p0f?  (Read 2780 times)


  • Newbie
  • *
  • Posts: 20
    • View Profile
on: January 03, 2013, 05:13:39 PM
Got it from here:

nmap is the standard tool whilst p0f can identify OS by examining captured packets.
Is nmap also capable of packet capturing?

Btw.: Apparently p0f has been rewritten. Does anybody know if there is an official Repo with the newest version?
« Last Edit: January 03, 2013, 05:22:45 PM by rotation »


  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #1 on: January 04, 2013, 05:43:38 PM

To scan for remote OS version we use option -O. Example:

nmap -sS -O

You can add --osscan-guess command if you want nmap to guess remote OS system.

nmap -O --osscan-guess

If you want to capture ...use WireShark.
« Last Edit: January 04, 2013, 05:51:55 PM by ZEROF »

Don't ask, read :
or just run sudo rm -rf /*


  • Guest
Reply #2 on: January 08, 2013, 03:44:40 PM
p0f rewritten, and?
newbielink: [nonactive]


  • Newbie
  • *
  • Posts: 45
    • View Profile
Reply #3 on: January 09, 2013, 10:18:18 AM
It's not made for package capture. You should use Wireshark (it's really cool, esp tshark ;) )
And, if you _must_ use nmap have a look at I recall you could do it with a nmap script.

Whenever you think you can or can't your right.