Manual Feed Update


#1

Hi everyone,

Due to constraints, how would one person update OpenVAS manually (contrary to the usual RSYNC)?

I figured out the part for NVT feed, where OpenVAS website would provide a downloadable content for all the NVT records. Then all you have to do is to unzip and paste the whole content where all the .nasl files are stored (just do a find / -name *.nasl).

But what about the SCAP and CERT data? from the commands:

greenbone-scapdata-sync
greenbone-certdata-sync

And what do each of these records do?

SCAP from what I’ve read, seems to point towards configuration checks. (let me know if I’m wrong)

Cheers!


#2

At the moment, you do need rsync for downloading SCAP/CERT. For the community we currently
do not have a direct download process.

If rsync does not work from where you run the GSE setup, you need to rsync to another host and then transfer data to your GSE host.

I am aware this is inconvenient and I hope we can improve the situation. But for time being already the delta-downloads for the community feed are very high in volume. Plain full daily downloads of all of the SCAP/CERT data would slow down updates for all community users.


#3

Hi,

neither SCAP nor CERT data is directly related to vulnerability scanning or configuration checks.

You need to see both data sets as some sort of additional but optional metadata. This metadata is provided at the SecInfo Management and is just adding additional information about vulnerabilities.

In short words: There is no lower coverage of product/vulnerability detection or configuration/policy checks if you don’t sync the SCAP and/or CERT data.


#4

Hi cfi,

Thanks for the clarification! That would really help calm my nerves.

Cheers!