Persistent Skiddie Using Webdav Exploit

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Persistent Skiddie Using Webdav Exploit

Postby waveydaveywaves » 22. May 2011 06:31

I've had a consistent amount of flooding on my server lately due to the infamous webdav exploit. I've removed the entire folder and have no future plans of using that particular service.

Even with the folder removed My apache logs show attempts of some overconfident skids trying to execute commands via webdav(which obviously does not exist).

My question, is there a method of filtering out just these irrelevant logs? My moderators are extremely annoyed with the situation as they are having trouble distinguishing floods from visitors. Keep in mind there are literally hundreds of unique IP addresses' retrieving so a simple .htaccess IP block is out of the picture.


Thanks in advance ~Dave
waveydaveywaves
 
Posts: 6
Joined: 14. March 2010 01:06

Re: Persistent Skiddie Using Webdav Exploit

Postby Altrea » 22. May 2011 10:16

waveydaveywaves wrote:My question, is there a method of filtering out just these irrelevant logs?

Sure! If you don't let Apache listening to the whole wide world, your problem is solved.

XAMPP is not made for productional environments!
Nobody should give you support for your live system because it is obvious that you don't have the knowledge to harden the XAMPP single components that they are secure enough to listen to the internet.

Such a wild server in the internet is not just a security issue for your own system, but for other internet users too.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 29 guests