Apache Friends Support Forum

[LinkWray]

I recently downloaded xampp so that I could learn and develop using php. I have no experience with programming, or running a server. I have a "for dummies" book. I'm using the full windows zip download package on windows vista.
After a lot of reading and google searching, I'm having trouble figuring out what level of security I need to be concerned with.

1)I am running this server on my home computer for development purposes. No one else is on my network. Can people from the "outside" actually somehow connect to my server and do bad things while I'm connected to the internet? Or, is this root password mess only for those who are putting their server online for production?

2) After changing the root pass via the xamppsecurity.php page, I soon found that the phpMyAdmin has multiple users by default by looking at the privileges section.
Five to be exact. 2 users named "any", 1 named "pma" and 2 named "root". The root users were 127.0.0.1, and local host. The same right?
Only the local host root user had a password. 127.0.01 did not have a password.
What is the deal with with these users? Do I need to secure pma with a password on windows vista? Or is this only for Linux (http://www.apachefriends.org/en/faq-xampp-linux.html)

If anyone could point out any good tutorials that are more detailed than the readme, the xampp FAQ page, or the xampp quick tutorial on their download page,
I would really appreciate it. None of those xampp tutorials address the security page access problem with vista either. I had to find instructions for that elsewhere.

[LinkWray]

I would be happy if someone could just point out to me whether or not by me running xampp I am opening my self up for attacks.
Is the server only running locally by default or is is possible for people from the outside to connect to it?
Should I just unplug from the internet while I'm testing php locally?
Are my questions making any sense?
Thank you for your time.

[LinkWray]

Ah, I see...
Well then, Wamp it is then...