About OpenVAS NVT Feed

The OpenVAS project maintains a public feed of Network Vulnerability Tests (NVTs). It contains more than 30,000 NVTs (April 2013), growing on a daily basis. This feed is configured as the default for OpenVAS.

For online-synchronisation use the command openvas-nvt-sync to update your local NVTs with the newest ones from the feed service. The command allows rsync, wget or curl as transfer method.

For offline-updates it is also possible to download the whole Feed content as a single archive file (around 8 MByte). However, it is recommended to use the rsync-synchronisation routine because it downloads only changes and therefore is tremendously faster after the very first full download.

The feed is usually updated every weekday. The files of the OpenVAS NVT Feed are signed by the "OpenVAS: Transfer Integrity" certificate. The presence of this signature does not indicate any judgement or quality control of the script itself. It is only intended to assist you in verifying the integrity of the NVT files after transfer. Thus, a valid signature only means that the script has not been modified on the way between the OpenVAS distribution point and your OpenVAS installation. See the notes at the bottom of the overview on Trusted NVTs for more information on this certificate.

Apart from the OpenVAS NVT Feed a commercial feed with respective service level agreement is available, offered by Greenbone Networks and is called Greenbone Security Feed.