Ndiff - A utility for comparing Nmap scan results

<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Intro	Reference Guide	Book	Install Guide
Download	Changelog	Zenmap GUI	Docs
Bug Reports	OS Detection	Propaganda	Related Projects
In the Movies		In the News

Introduction

Ndiff is a tool to aid in the comparison of Nmap scans. Specifically, it takes two Nmap XML output files and prints the differences between them: hosts coming up and down, ports becoming open or closed, and things like that. Ndiff can produce output in human-readable text or machine-readable XML formats. Many people like to scan their networks regularly (daily, weekly, etc.) and then use ndiff to easily detect any changes. The scans, ndiff run, and emailed report are often automated using tools such as cron on UNIX or the Scheduled Tasks tool on Windows. Ndiff is also used by the Zenmap GUI to compare scan results.

Ndiff is integrated with Nmap in the latest SVN revision and is planned for inclusion in the next stable Nmap release (after 4.76).

The best Ndiff documentation is currently the Ndiff man page.

Nmap Site Navigation

Intro	Reference Guide	Book	Install Guide
Download	Changelog	Zenmap GUI	Docs
Bug Reports	OS Detection	Propaganda	Related Projects
In the Movies		In the News

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]