Nmap Development mailing list archives

Re: Ndiff ready to be tested

From: Fyodor <fyodor () insecure org>
Date: Wed, 2 Jul 2008 19:21:55 -0700

On Tue, Jul 01, 2008 at 12:48:09AM -0600, David Fifield wrote:

On Thu, Jun 26, 2008 at 11:44:47PM -0400, Michael Pattrick wrote:

Great job on this. It is a challenge to start an application from
scratch and you have handled it well. My specific comments are below.


Indeed!  Ndiff is looking better and better every day.

To me the order new, old is unintuitive. I would prefer old, new like
diff takes.


Yeah, I agree that is preferable.

I can see using the plain text output the most, so I would like to see
it the default when no other output option is given. When I run without
a -x or -y option I get

Syntax: ndiff (-[y|Y]|-[x|X]) [out.file] newerscan.xml oldscan.xml [olderscan.xml] [...]


I'm not convinced that basing the behavior on the caplitalization is
the best approach.  How is someone supposed to remember whether -x or
-X is the version which takes a filename?  For example, imagine
someone tries to diff three files (using your current ordering) as so:

ndiff.pl -Y newestscan.xml older.xml oldest.xml

Since the user did 'Y' instead of the proper 'y' for the situation,
does that mean newestscan.xml gets blown away?  Since the script
allows more than two files to be diff'd now, you can just catch the
problem based on too many files being listed.

Maybe allowing more than two files to be diff'd is a good idea.  I'll
reserve judgement until I see an example of what it looks like.

I wonder if '-t' for text output would be better than '-y' for Yaml?
I'm not sure that many people know what Yaml is.  Even with -t, you
could still note in the documentation that the output follows the
'yaml' format.  I haven't looked at the yaml format output yet to see
how easy it is to read, etc.

I would like to see sample input files, both as a demonstration and to
test tricky cases. You can doctor output files you generate in order to
make good samples.


Yeah, that would be useful.

Eventually Ndiff is supposed to ship with Nmap. So there is polish like
an installation mechanism that will have to be done.


Yes.  If Ndiff proves useful enough, I think it would be good to ship
it with Nmap.  It probably won't work on Windows machines without
Perl, but that may be OK.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: Ndiff ready to be tested Fyodor (Jul 02)
- Re: Ndiff ready to be tested Fyodor (Jul 02)
  - Re: Ndiff ready to be tested Michael Pattrick (Jul 02)
  - Re: Ndiff ready to be tested Arturo 'Buanzo' Busleiman (Jul 03)
- <Possible follow-ups>
- Re: Ndiff ready to be tested Fyodor (Jul 05)
  - Re: Ndiff ready to be tested Fyodor (Jul 05)
  - Re: Ndiff ready to be tested Michael Pattrick (Jul 05)