Security and latency

Reducing Latency

The downside of things like OpenSSH certificates, Kerberos, and SSL is that the connection setup time will take longer; so, in most cases, you'll want to establish a connection and hold it open before you actually need it. That way you aren't constantly handling the cost of setup and teardown. Although this approach is suitable for things like connecting to remote message queues and file servers, it can pose a problem if you need a large number of clients to connect to a large number of servers. In that case, you might want to investigate hardening the perimeter and removing authentication entirely to speed things up.

September 2013 Issue 154 linux-magazine.com | Linuxpromagazine.com

Kurt Seifried

Kurt Seifried is an Information Security Consultant specializing in Linux and networks since 1996. He often wonders how it is that technology works on a large scale but often fails on a small scale.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security Lessons: TUF

    Downloaded software can be compromised in several ways. You need a software update system that handles various attacks and provides end-to-end signing of the data. TUF can help.

  • Safe Messaging with TLSA

    Decoupled application design gets in the way of secure communication, but a little known feature of DNS can provide message security.

  • Security Lessons: DNSSEC

    One of the largest holes in the Internet is finally plugged.

  • Security Lessons: Fixing SSL

    We look at some new approaches to certificate verification.

  • HTTPS Proxy

    How do you monitor the network when your client systems are connecting to secure web servers through HTTPS? We’ll show you how to keep watch using the Squid proxy server and share some inventive certificate tricks.

comments powered by Disqus