Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [PATCH] Add option to ignore version and time banner changes to ndiff
From: Fyodor <fyodor () insecure org>
Date: Tue, 1 Mar 2011 22:55:33 -0800

On Tue, Mar 01, 2011 at 10:32:09AM -0800, Dr. Jesus wrote:
I use ndiff in a cron job.  This means I get email every time I run it
regardless of whether the two scans being compared are actually
different.  This patch adds an option to ignore the time and version
banner for the purposes of seeing if the two scans changed.  When this
option is enabled, two scans with identical results don't cause cron
to send me mail.

Good point!  But rather than add an option that users have to know
about and remember to specify, maybe we can make the default smarter.

How about making it so that the version/time difference header is
shown ONLY if at least one other change is found?  That way you will
still get it in your normal reports, but ndiff will be silent by
default in the special "no changes" chase.

In verbose mode, we might as well always include the version/time
changes because we still print a bunch of stuff in that mode even if
there were no port/host changes.

Also, I'd argue that this is a bug in the case where the Nmap version
and time doesn't change:

root () play> cp scanme4.xml  scanme5.xml
root () play> ndiff scanme4.xml scanme5.xml
 Nmap 5.51SVN at 2011-03-01 22:48

I'd argue that in non-verbose mode, we shouldn't be printing the
unchanged version/time information in that case.  After all, we
normally only print information when it changes or is needed for
context in non-verbose mode.  This example is contrived, but it
happened in another case where the first scan went quickly and the
second one started during the same minute as the first one did.

Are you up for updating your patch to accommodate these changes?

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault