Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Nmap 6: Network Exploration and Security Auditing Cookbook

You're reading from   Nmap 6: Network Exploration and Security Auditing Cookbook Want to master Nmap and its scripting engine? Then this book is for you – packed with practical tasks and precise instructions, it's a comprehensive guide to penetration testing and network monitoring. Security in depth.

Arrow left icon
Product type Paperback
Published in Nov 2012
Publisher Packt
ISBN-13 9781849517485
Length 318 pages
Edition 1st Edition
Languages
Tools
Concepts
Arrow right icon
Toc

Table of Contents (18) Chapters Close

Nmap 6: Network Exploration and Security Auditing Cookbook
Credits
About the Author
Acknowledgement
About the Reviewers
www.PacktPub.com
Preface
1. Nmap Fundamentals FREE CHAPTER 2. Network Exploration 3. Gathering Additional Host Information 4. Auditing Web Servers 5. Auditing Databases 6. Auditing Mail Servers 7. Scanning Large Networks 8. Generating Scan Reports 9. Writing Your Own NSE Scripts References
Index

Comparing scan results with Ndiff


Ndiff was designed to address the issues of using diff with two XML scan results. It compares files by removing false positives and producing a more readable output, which is perfect for anyone who needs to keep a track of the scan results.

This recipe describes how to compare two Nmap scans to detect the changes in a host.

Getting ready

Ndiff requires two Nmap XML files to work, so make sure you have previously saved the scan results of the same host. If you haven't, you can always scan your own network, deactivate a service, and scan again to get these two test files. To save the results of an Nmap scan into an XML file use -oX <filename>.

How to do it...

  1. Open your terminal.

  2. Enter the following command:

    $ ndiff FILE1 FILE2
    
  3. The output returns all the differences between FILE1 and FILE2. New lines are shown after a plus sign. The lines that were removed on FILE2 are displayed after a negative sign.

How it works...

Ndiff uses the first file as a base to compare against the second one. It displays the state differences for host, port, services, and OS detection.

There's more...

If you prefer Zenmap, you can use the following steps instead:

  1. Launch Zenmap.

  2. Click on Tools on the main toolbar.

  3. Click on Compare Results (Ctrl + D).

  4. Select the first file by clicking on Open in the section named A scan.

  5. Select the second file by clicking on Open in the section named B scan.

Output format

A human readable format is returned by default. However, Ndiff can return the differences in XML format, if preferred, by using the flag --xml.

Verbose mode

Verbose mode includes all of the information including hosts and ports that haven't changed. To use it, enter the following commands:

$ ndiff -v FILE1 FILE2
$ ndiff –verbose FILE1 FILE2 

See also

  • The Monitoring servers remotely with Nmap and Ndiff recipe

  • The Managing multiple scanning profiles with Zenmap recipe

  • The Geo-locating an IP address recipe in Chapter 3, Gathering Additional Host Information

  • The Getting information from WHOIS records recipe in Chapter 3, Gathering Additional Host Information

  • The Fingerprinting the operative system of a host recipe in Chapter 3, Gathering Additional Host Information

  • The Discovering UDP services recipe in Chapter 3, Gathering Additional Host Information

  • The Detecting possible XST vulnerabilities recipe in Chapter 4, Auditing Web Servers

You have been reading a chapter from
Nmap 6: Network Exploration and Security Auditing Cookbook
Published in: Nov 2012
Publisher: Packt
ISBN-13: 9781849517485
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime