Update OpenVAS Plugins (NVT, Cert Data & SCAP Data) Automatically

Once you have install OpenVAS it is a good idea to ensure it is kept up to date and running the latest security scripts to find the latest vulnerabilities as well as sync to the most updated nvt, scap and cert data.  The best way to do this is to create a script that sync’s the necessary data for you automatically each day.

Create a script under /usr/local/bin called update-openvas

  • vi /usr/local/bin/update-openvas

add the following contents to the file

  • /usr/sbin/greenbone-nvt-sync
  • /usr/sbin/greenbone-certdata-sync
  • /usr/sbin/greenbone-scapdata-sync
  • /usr/sbin/openvasmd –update –verbose –progress
  • /etc/init.d/openvas-manager restart
  • /etc/init.d/openvas-scanner restart

save the file and make it executeable

  • chmod a+x /usr/local/bin/update-openvas

run the script to make sure it works and that there are no errors

  • /usr/local/bin/update-openvas

add the script to cron to run daily

  • crontab -e

add the following contents

  • 1 1 * * * /usr/local/bin/update-openvas 1>/dev/null 2>/dev/null

the above cronjob will be run at 1 minute past 1 every day

4 Comments on Update OpenVAS Plugins (NVT, Cert Data & SCAP Data) Automatically

  1. for newer installations (eg. CentOS7) you have to put the following input to the file:
    /usr/sbin/openvasmd –update –verbose –progress
    systemctl restart openvas-scanner
    systemctl restart openvas-manager

  2. The issue is that if you just copy and paste the above code, the hyphens on the switches are not hyphens in the terminal (or a text editor). You have to actually replace the elongated wanna-be hyphen with an actual hyphen (or two, as Joe mentioned).

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: