The algorithm should be known to the public; but the key needs to be confidential:
Digital signatures act as a verifiable seal or signature to confirm the authenticity of the sender and the integrity of the message. Users who wish to verify their identity when sending a protected message can encrypt the information with their private key. The recipient can then decrypt the message with the sender’s public key in order to confirm the sender’s identity and the integrity of the message.
It is done by setting up Event triggers. Event triggers perform actions only when triggered by a specified message ID or event code in this case the system goes up/down. With this filter, it is possible to create a log target that collects only the results of the specified trigger action. For example, to trigger the generation of an error report when a certain event occurs use the save error-report command and trfer to SMTP target format to send as an email alert.
we need logtarget to capture messages that are posted by the various objects and services that are running on the appliance. In order to get a specific event or/and object log information, we utilize logtargets.
Cryptography is to protect private communication in the public world. For example, two entities wanting to communicate – Ajitab and Mulu – are shouting their messages in a room full of people. Everyone can hear what they are saying. The goal of cryptography is to protect this communication so that only Ajitab and Mulu can understand the content of the messages.
Log size: 500 kilobytes,
When the log file reached the limit, the system will uploaded it to the FTP server and if it is successfully uploaded, the appliance will delete the log in the system to free space.
SMTP, forwards log entries as email to the configured remote SNMP servers and email addresses. Before sending, the contents of the log can be encrypted or signed. The processing rate can be limited.
Certificate authorities act as trusted third parties that verify the identity of the sender of an encrypted message and issue digital certificates as evidence of authorization. These digital certificates contain the public key of the sender, which is then passed along to the intended recipient. The Certificate authorities do extensive background checks before giving an organization or a given individual a certificate.
Timestamp Format: syslog
A trust store contains certificates from other parties that we expect to communicate with, or from Certificate Authorities that we trust to identify other parties. For example, google (chrome) contains certificate of many companies or websites. Whenever we browse that site the browser automatically check the site for its certificate form the store and compare it. If it is true, google will add the ‘s’ on ‘HTTP’. That way we know that website is secured and trust worthy.
Symmetric key cryptography:-
Asymmetric cryptography –More secure!
We need cryptography to share information confidentially which is ensuring the secrecy of communication:
True: logtemp, default location of log files, such as the system-wide default log.
Rotate, rotate the log file when the maximum size is reached. The appliance creates a copy of the file and starts a new file. The appliance retains the archived copies up to the specified number of rotations. After reaching the maximum number of rotations and the log file reaches its maximum size, the appliance deletes the oldest file and copies the current file.
Upload, upload the log file when the maximum size is reached. The appliance uploads the file using the specified upload method.