Message encryption

The CO-logmon program encrypts messages sent to BMC Defender Server. As an administrator you can disable the function by setting the EncryptData directive value to False.


Related topic

CO-logmon-configuration-file

The encryption prevents casual snooping of the data by using a block rotating, time-based cipher that is built into BMC Defender Server and CO-logmon. The encryption causes no apparent changes to the displayed data. However, changing the destination address to another syslog server makes it apparent that the data is encrypted.

The encryption provides a fair degree of protection against network sniffers. However, because a single 1024-bit private key is used for all the transmissions, this encryption does not protect against man-in-the-middle type attacks or replay attacks. This encryption is mainly useful for sending syslog messages across a public internet, to prevent casual observers from intercepting and observing the message content.


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*