Performing a Feed Synchronization#

For the actual vulnerability scanning, Vulnerability Test scripts, security information like CVEs, port lists and scan configurations are required. All this data is provided by the Greenbone Community Feed and should be downloaded initially before starting the services.

A synchronization always consists of two parts:

  1. Downloading the changes via rsync

  2. Loading the changes into memory and a database by a daemon

Both steps may take a while, from several minutes up to hours, especially for the initial synchronization. Only if both steps are finished, the synchronized data is up-to-date and can be used.

The first step is done via the greenbone-feed-sync script. The second step is done automatically when the daemons are started.

Downloading the Data#

Note

Downloading the data during the synchronization may take a while depending on the network connection and server resources.

The downloaded data consist of four different kind of data:

  • VT data

  • SCAP data

  • CERT data

  • GVMD data

VT data contain .nasl and .notus files for creating results during a vulnerability scan. The .nasl files are processed by the OpenVAS Scanner and the .notus files by the Notus Scanner.

SCAP data contains CPE and CVE information.

CERT data contain vulnerability information from the German DFN-CERT and CERT-Bund agencies.

GVMD data (or also called “data objects”) are scan configurations, compliance policies, port lists and report formats.

Downloading the data from the Greenbone Community Feed#
sudo /usr/local/bin/greenbone-feed-sync