Nmap Development mailing list archives
Re: Ndiff mark II
From: Dieter Van der Stock <dietervds () gmail com>
Date: Fri, 27 Mar 2009 00:41:06 +0100
Looks very useful, and indeed an improvement on the current (extremely limited) output of Ndiff. An XML output, much like Nmap's, would certainly be sweet to have and much easier to manipulate (imo). Cheers! 2009/3/26 David Fifield <david () bamsoftware com>
Hello, I and others have found Ndiff's output format unsatisfactory. This is what it looks like: Thu Sep 11 11:39:32 2008 -> Tue Sep 16 13:59:22 2008 cuvtdnray-504.example.com (10.214.143.33): Host is up, was unknown. Add ipv4 address 10.214.143.33. Add hostname cuvtdnray-504.example.com. +3389/tcp open microsoft-rdp Microsoft Terminal Service 999 tcp ports are filtered. scnqxez-842.example.com (10.189.71.117): Remove hostname scnqxez-842.example.com. 10.226.19.80: -21/tcp filtered +21/tcp open ftp Netgear broadband router ftpd 1.0 -23/tcp filtered +23/tcp open telnet Netgear broadband router admin telnetd -80/tcp filtered +80/tcp open http Embedded Allegro RomPager webserver 4.07 UPnP/1.0 (ZyXEL ZyWALL 2) -8701/tcp open unknown +8701/tcp filtered In a new branch, svn://svn.insecure.org/nmap-exp/david/ndiff-mkii, I have implemented output like the following: -Nmap 4.75 at 2008-09-11 11:39 +Nmap 4.76 at 2008-09-16 13:59 -scnqxez-842.example.com (10.189.71.117): +10.189.71.117: Host appears to be up. Not shown: 995 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 21/tcp open ftp ProFTPD 1.3.1 80/tcp open http Apache httpd 443/tcp open http Apache httpd 873/tcp closed rsync +cuvtdnray-504.example.com (10.214.143.33): +Host appears to be up. +Not shown: 999 filtered ports +PORT STATE SERVICE VERSION +3389/tcp open microsoft-rdp Microsoft Terminal Service 10.226.19.80: Host appears to be up. -Not shown: 999 filtered ports +Not shown: 997 filtered ports PORT STATE SERVICE VERSION -21/tcp filtered +21/tcp open ftp Netgear broadband router ftpd 1.0 -23/tcp filtered +23/tcp open telnet Netgear broadband router admin telnetd -80/tcp filtered +80/tcp open http Embedded Allegro RomPager webserver 4.07 UPnP/1.0 (ZyXEL ZyWALL 2) -8701/tcp open unknown +8701/tcp filtered I think this new output is way better. I designed it to look like a context diff and also to look like Nmap's normal output. WHat do you think? Are there any changes you would make? The branch doesn't support XML output becuase I think that should be redesigned too. That means it won't work with Zenmap currently. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ndiff mark II David Fifield (Mar 26)
- Re: Ndiff mark II Daniel Roethlisberger (Mar 26)
- Re: Ndiff mark II David Fifield (Mar 26)
- Re: Ndiff mark II Dieter Van der Stock (Mar 26)