NDIFF Security Tools
NDiff compares two nmap scans and outputs the differences. It allows monitoring of your network(s) for interesting changes in port states and visible hosts. NDiff eliminates the need to sift through voluminous raw scan output in search of the few noteworthy differences.

NDiff should be useful to network administrators, security analysts, and other interested parties who need to monitor large networks in an organized fashion.  If your network is larger than even a few nodes your security will likely be enhanced by integrating NDiff monitoring as part of your security infrastructure.

NDiff is known to work on Linux/x86. It should run fine on other POSIX/UNIX platforms as well.

NDiff requires perl 5.005_03 or later and nmap 2.53 or later.
Changelog
 
Status
The most recent stable version is 0.04.

10/8/01: Version 0.05beta2 has been released for the latest version of NWatch.  As with the previous beta, it is not recommended for a regular upgrade unless you want to run NWatch.

7/2/01:  Version 0.05beta1 has been released to enable NWatch, however this version is not yet well-tested and not otherwise recommended.  Stay tuned for the stable 0.05 release.

7/2/01:  I have removed http download in an effort to simplify site maintenance.   Please send feedback if you are unable to download with ftp.
Download NDiff
FTP

See the included file INSTALL for installation instructions. See the NDiff_Quickstart manpage for usage instructions.

NDiff is released under the GPL. See the file COPYING included with this distribution for terms and conditions for use of this software.
Documentation
These documents are installed as part of the distribution in manpage form, provided in html here. All assume basic familiarity with nmap and Unix. "Ngen," "nrun," and "ndiff2html" below are part of the ndiff distribution.

NDiff_Quickstart    ndiff    ngen    nrun    ndiff2html
 
Need Help?
I am happy to provide basic NDiff support through email as time allows.  Please feel free to contact me.

If you require in-depth assistance integrating NDiff and other security tools into your network infrastructure, I provide this through my consultancy.  Please contact me at the address below for details.
 
Feedback
Please send questions, comments, requests, patches, bug reports ... jdl@vinecorp.com