Potential Blackhat Attack?

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Potential Blackhat Attack?

Postby kaaie » 20. August 2014 00:59

Hey, so I have my little private web server for testing that is also open to the internet. Today I tried to start apache, but I got errors (Error: Apache shutdown unexpectedly... etc) and was told to see the logs.

So here's the relevant bits of the logs.
access.log: http://pastebin.com/HteemdpK
error.log: http://pastebin.com/xbdk4KRS

I never post my IP address, so I'm assuming this is a broad-range sweep. I'd normally consider this a minor annoyance at worst, since my packages are up to date (xampp 1.8.3-4), but apache has stopped working, so I'm assuming something was affected/changed.

Should I consider formatting my computer? There's confidential client information at stake and I must be sure about this.

Thanks
kaaie
 
Posts: 2
Joined: 20. August 2014 00:49
XAMPP Version: 5.5.19
Operating System: Windows 8.1 x64

Re: Potential Blackhat Attack?

Postby Altrea » 20. August 2014 06:56

Hi,

You installed a webserver bundle that is explicitly only meant for local test and development environments and connected that machine to the internet despite your machine contains confidential client information?
Well that is a grossly negligent conduct and a very big issue.

We don't provide any support for XAMPP installations in such environments.
Must read: [INFO] How to not fail getting help here (Section: Scope of support)

best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 6749
Joined: 17. August 2009 13:05
XAMPP Version: 5.5.19
Operating System: W7Ux64

Re: Potential Blackhat Attack?

Postby kaaie » 20. August 2014 17:33

Ok, fair enough. I don't want to and will not hold anyone but myself accountable for this. Truth be told, the information I have is not legally required to be kept secret anyways -- just a courtesy thing. Additionally, not part of any company with "legal requirements or network security". It's not like I'm keeping the secret cocacola recipe on my computer or anything.

Now I understand that making a test environment accessible to the internet was not the smartest thing to do, but in your opinion, should I be concerned? Could this be a breach? That's all I need to know.

Thanks for your time.
kaaie
 
Posts: 2
Joined: 20. August 2014 00:49
XAMPP Version: 5.5.19
Operating System: Windows 8.1 x64

Re: Potential Blackhat Attack?

Postby JJ_Tagy » 20. August 2014 17:59

Just a phishing bot. They scan all IPs in ranges. I would say not a breach, but be careful of what you have exposed for probing.
JJ_Tagy
 
Posts: 570
Joined: 30. January 2012 13:44
XAMPP Version: 1.8.3
Operating System: Windows 7 x64


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 33 guests