Http

https://en.wikipedia.org/wiki/CRIME_(security_exploit) from http://tech.slashdot.org/story/13/07/09/1455200/ It works like this. You visit a site that has malicious JavaScript which sends a HTTPS request to some site (like your bank). This request will include whatever known plain-text that the JavaScript wants to send, plus any cookies you have stored for the target site, possibly including authentication cookies. If the plain text happens to match part of that authentication cookie, then the compressed headers will be smaller than if they if they don’t match. If the attacker can monitor this encrypted traffic and see the sizes of the packets, then they can systematically select the known plaintext to slowly learn the value of the authentication cookie. This can be done today in about half an hour. And the attack setup is feasible - consider a public WiFi access point that requires you to keep a frame open in order to use their WiFi. This gives them both the MITM and JavaScript access needed to perfo… ...

https://en.wikipedia.org/wiki/CRIME_(security_exploit) from http://tech.slashdot.org/story/13/07/09/1455200/ It works like this. You visit a site that has malicious JavaScript which sends a HTTPS request to some site (like your bank). This request will include whatever known plain-text that the JavaScript wants to send, plus any cookies you have stored for the target site, possibly including authentication cookies. If the plain text happens to match part of that authentication cookie, then the compressed headers will be smaller than if they if they don’t match. If the attacker can monitor this encrypted traffic and see the sizes of the packets, then they can systematically select the known plaintext to slowly learn the value of the authentication cookie. This can be done today in about half an hour. And the attack setup is feasible - consider a public WiFi access point that requires you to keep a frame open in order to use their WiFi. This gives them both the MITM and JavaScript access needed to perfo… ...

http://haproxy.1wt.eu/10g.html

http://haproxy.1wt.eu/10g.html HA Proxy [synthetic] benchmarks on 10Gbit traffic. Linux network stack is the bottle neck here, not HAProxy, i.e. you can 10G line rate on big frames and few connections.

http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html Notes from google ppl about their optimizations for SSL connections.

http://andrewsblog.org/a_review_of_http_live_streaming.pdf In this paper we describe Apple’s new HTTP Live Streaming specification and

http://cpansearch.perl.org/src/MLEHMANN/AnyEvent-HTTP-1.44/HTTP.pm A Perl module that uses AnyEvent “framework” to do HTTP/1.0 requests in a parallel, non-blocking fashion

http://habrahabr.ru/blogs/perl/69411/#habracut some examples on how to write simple http server in Perl

http://en.wikipedia.org/wiki/Comparison_of_lightweight_web_servers the subj. useful.

http://wiki.codemongers.com/Nginx Nginx (“engine x”) is a high-performance HTTP server and reverse proxy, as well as an IMAP/POP3/SMTP proxy server. Nginx was written by Igor Sysoev for Rambler.ru, Russia’s second-most visited website, where it has been running in production for over two