I can’t reach to GCF from my OpenVas server ( internal network rules ), so I can’t update CERT and SCAP feeds.
I’ve tryed to get rsync command from greenbone-certdata-sync script. There is a function do_rsync_community_feed, and there is a rsync command. I manage to get it in form:
/usr/bin/rsync -ltvrP feed.openvas.org:/cert-data /tmp/cert-data
I run this command on a separate server which have unrestricted access to web.
But there isn’t any action with it.
For test I’ve tryed telnet:
$ telnet 126.96.36.199 873
and it seems to work.
I see that greenbone-nvt-sync have --wget option, but greenbone-scapdata-sync and greenbone-certdata-sync doesn’t.
What would be the way to get those data and what to transfer where ( in which directories on openvas server )?
I manage to get feeds ( I think ).
I copyed greenbone-certdata-sync and greenbone-scapdata-sync on web facing server, created there /var/lib/gvm/cert-data and /var/lib/gvm/scap-data. Put there feed.xml from OpenVas host, and start both scripts. They put some xml files in those directories. I copyed them to same location on OpenVas server.
From How to update/keep the feed up to date? those updates of feeds should be automatically done if I have openvassd and gvmd services running. I have both of them in running state.
And I don’t have openvasmd program on OpenVas server.
In Security assistant ( on 9392 port ) in Extras -> Feed Status I have for scap and cert, version OT, and Status current, same as before transfering all those xml files.
How to apply feeds?
my setup is:
$ yum list installed | grep -i vas
openvas-scanner.x86_64 6.0.0-6930.el7.art @atomic
openvas-smb.x86_64 1.0.5-6923.el7.art @atomic
$ yum info greenbone-security-assistant.x86_64 | grep Version
Version : 8.0.0
$ yum info greenbone-vulnerability-manager.noarch | grep Version
Version : 10.0.0
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.8 (Maipo)
And today without any action feeds are uptudate. Status is "20200519T0130
2 days old" for cert and scap. But files are in /var/lib/gvm/cert-data and /var/lib/gvm/scap-data are still present. In the next update should I add new files or should I delete old ones?