nmap/ndiff at 51b9dd426b6101d889ee61d2ea83149edd4e7213 - CERBERUS/nmap - Gitora: Self-Hosted Future for Developers

mirror of https://github.com/nmap/nmap.git synced 2026-06-11 10:36:07 +00:00

History

david 26361a4642 Remove the claim that XML output is not supported from "ndiff -h". That was left over from when the output was being redesigned.		2009-05-13 00:41:55 +00:00
..
docs	Document the --xml option in the Ndiff man page. (It claimed it was	2009-04-21 06:11:44 +00:00
test-scans	Replace random-1.xml and random-2.xml with bigger scans that include OS	2009-04-10 19:14:18 +00:00
COPYING	Move /nmap-exp/david/ndiff to /nmap/ndiff.	2008-09-18 23:31:19 +00:00
ndiff	Remove the claim that XML output is not supported from "ndiff -h". That	2009-05-13 00:41:55 +00:00
ndiff.py	Move /nmap-exp/david/ndiff to /nmap/ndiff.	2008-09-18 23:31:19 +00:00
ndifftest.py	Merge from /nmap-exp/david/ndiff-mkii and	2009-04-10 19:07:39 +00:00
README	Replace random-1.xml and random-2.xml with bigger scans that include OS	2009-04-10 19:14:18 +00:00
setup.py	[Ndiff] The setup.py installation script now suggests installing the	2009-04-20 19:15:00 +00:00

README

Ndiff

Ndiff is a tool to aid in the comparison of Nmap scans. Specifically, it
takes two Nmap XML output files and prints the differences between them.
It is capable of showing changes in host states (up or down), port
states (open, closed, etc.), and changes in service and OS detection.

To install, run (as root)
	python setup.py install
It's also possible to run the program from within the distribution
without installing it.

Use "ndiff --help" for usage instructions.

Here is a sample of the output:

$ ./ndiff test-scans/random-1.xml test-scans/random-2.xml
-Nmap 4.85BETA4 at 2009-03-24 17:34
+Nmap 4.85BETA4 at 2009-03-25 16:35

 10.137.81.38:
 OS details:
   FreeBSD 6.2-RELEASE
   Apple AirPort Extreme WAP v7.3.2
+  APC Network Management Card (AOS 3.3.5)
+  Apple iPod touch audio player (iPhone OS 2.1)

+10.181.218.66:
+Host is up.
+Not shown: 998 closed ports
+PORT     STATE    SERVICE    VERSION
+222/tcp  open     rsh-spx
+8080/tcp filtered http-proxy

-bpdygf-130.example.com (10.188.226.230):
-Host is up.
-Not shown: 1000 filtered ports

 ysqxnovik-508.example.com (10.253.52.142):
 PORT     STATE  SERVICE    VERSION
+1503/tcp closed imtc-mcs
-4567/tcp open   tcpwrapped
-OS details:
-  HP 4000M ProCurve switch (J4121A)
-  Nortel 5530 Ethernet Routing Switch
-  Nortel 5520 Ethernet Routing Switch
-  Sun StorageTek 6140 NAS device
-  FreeBSD 6.2-RELEASE


Use -v or --verbose to see all hosts and ports, not just those that have
changed.

Ndiff started as a project by Michael Pattrick <mpattrick@rhinovirus.org>
during the 2008 Google Summer of Code. Michael designed the program and
led the discussion of its output formats. He wrote versions of the
program in Perl and C++, but the summer ended shortly after it was
decided to rewrite the program in Python for the sake of Windows
compatibility. This Python version is written by David Fifield
<david@bamsoftware.com>.

Ndiff web site: http://nmap.org/ndiff/