I discourage anyone from using XAMPP for projects that could be accessed on WWW. Web-based Distributed Authoring and Versioning (WebDAV) is a set of methods based on the Hypertext Transfer Protocol (HTTP) that facilitates collaboration between users in editing and managing documents and files stored on World Wide Web servers.(source:Wikipedia) This site resides on the xampp htdocs directory and is enabled by default with a simple username and password. Thus, it can easily be accessed by hackers to put scripts like shell.php that sends UDP packets to a host at a specified time.

Just sharing so that you won’t fall into the trap. It has been a bad day for me today, my boss in Japan got angry that this happened on one of our machines in a VM server. He said it is embarassing since the incident report was escalated to upper management, you know, the BIG BIG bosses. The malicious script attempts to send UDP packets to a host, and is taking a significant amount of CPU time from the VM server which also houses one of our production sites. It is good that our technical group in Japan was able to block the UDP packets and the site was shut down for investigation.

I learned my lesson the hard way so make sure you guys be aware of security loopholes on applications that you may be installing on your machines. It is ironic though, that today I also received my merit award for my hard work last year. All my excitement on receiving it went to the drain because of this unfortunate incident. I just hope that Iwill still have my job tomorrow! 😛

 Oh well, all in the day of the clumsy one!