OpenVAS NVT Feed Services
This text explains how NVT Feed Services work in general.
An OpenVAS NVT Feed Service provides a set of Network Vulnerability Tests (NVTs) (i.e. ".nasl" and ".inc" files) which can be downloaded to your OpenVAS installation.
In fact, only changed and new NVTs should be downloaded along with their signature files (".asc") and an overall "md5sums". The synchronization process uses the RSYNC technology. The signatures get only relevant for you if you configure OpenVAS to execute only trusted NVTs.
How is the NVT Feed Server itself created
This section describes how the feed server itself is setup mainly for transparency purposes. It is not necessary for users to set up such a server. It is strongly recommended that you coordinate with the OpenVAS team if you want to offer NVTs via a feed service to avoid a scattered availability of NVTs.
The steps as explained in the following assume you are familiar with unixoid systems and the typical tools any system administrator know from his/her daily work.
- Configure rsyncd to server a directory of your choice.
E.g. a section like this in /etc/rsyncd.conf:
[my-feed] path = /home/my-nvt-feed comment = My NVT feed, see http://www.openvas.org/
- Place all NVTs (*.nasl files) and NASL libraries (*.inc files) in the respective directory (here /home/my-nvt-feed)
- Place all signatures (*.nasl.asc files) in the same directory.
Maybe you have not created the signatures yet, this is how you could sign all of the files in one go (you need to do this on a system where your signing is available, of course):
$ eval $(gpg-agent --daemon) $ cd /home/my-nvt-feed $ for f in *.nasl *.inc; do gpg --use-agent --detach-sign -a $f; done
- Create the md5sums file:
$ md5sum *.nasl* *.inc* > md5sums