[1494] in WWW Security List Archive
Re: Web server update problem
daemon@ATHENA.MIT.EDU (Brian W. Spolarich)
Sun Feb 18 00:24:54 1996
Date: Sat, 17 Feb 1996 21:39:59 -0500 (EST)
From: "Brian W. Spolarich" <briansp@ans.net>
To: Pete Shipley <shipley@dis.org>
cc: www-security@ns2.rutgers.edu
In-Reply-To: <199602172224.OAA25807@merde.dis.org>
Errors-To: owner-www-security@ns2.rutgers.edu
Kerberos is really low-impact CPU-wise. Depending on the amount of
usage, network can become a factor.
You'll probably want to set up two servers, one as a master and the
other as a slave. If you're going to rely on Kerberos then you want some
redundancy.
-brian
On Sat, 17 Feb 1996, Pete Shipley wrote:
> Date: Sat, 17 Feb 1996 14:24:18 -0800
> From: Pete Shipley <shipley@dis.org>
> To: "Brian W. Spolarich" <briansp@ans.net>
> Cc: www-security@ns2.rutgers.edu
> Subject: Re: Web server update problem
>
> >On Fri, 16 Feb 1996, Frode Hoem wrote:
> >
> >> Security of the web-server is important, therefore some kind of
> >> authorization mechanism is needed. Probably that would be
> >> Kerberos or a smart-card solution, any thoughts on this ?
> >
> > Bringing up a Kerberos server doesn't involve too much overhead.
> >Ideally its a dedicated piece of hardware (BSDI on a Pentium is
> >reasonably inexpensive) that only does Kerberos.
>
>
> What kind of load does Kerberos put on a system?
> I was under the impression that is is fairly light
> and you single 486 server can support a large campus without
> much of a load.
>
> -Pete
>
--
Brian W. Spolarich - ANS CO+RE Systems - briansp@ans.net - (313)677-7311
Want strong encryption? Use ROT26. Its _twice_ as strong as ROT13.
