Ken44 Posted January 23, 2012 Share Posted January 23, 2012 Hi I have had oscv2.3.1 installed and working fine for over a year now, however, recently I keep seeing this in whos online http://tinyurl.com/8y2ecd2 The strange thing is that this only happens when using a Win7 PC. When I look at my admin from 2 other WinXP PCs I never see admin looking for crossdomain.xml Today, for the first time, I noticed a customer also looking for crossdomain.xml http://tinyurl.com/8xdz742 I checked my OSC2.3.1 code and there is no reference to crossdomain.xml in the code. Does anyone know what this could be? Regards Ken Link to comment Share on other sites More sharing options...
♥kymation Posted January 23, 2012 Share Posted January 23, 2012 A crossdomain.xml file is used by Adobe Flash to allow your Flash content to include content from another domain. It's a security hole if not done properly, so this could be an attempt to find a vulnerability to exploit. Or, if you have Flash content on your site, it could be perfectly normal. Regards Jim See my profile for a list of my addons and ways to get support. Link to comment Share on other sites More sharing options...
Ken44 Posted January 24, 2012 Author Share Posted January 24, 2012 Hi Jim Thanks for your reply. My site is fairly basic, it can be seen at the links above. (just go up a level) I have no flashy add-ons. The only thing that may use Flash Player is PHPmyVisites, however this has been installed since the site was built and has never caused a problem before. Also, a customer does not have access to this software. Why is a customer looking for crossdomain.xml? Regards Ken Link to comment Share on other sites More sharing options...
nottheusual1 Posted January 24, 2012 Share Posted January 24, 2012 They aren't a customer - probably fishing for the file to see if they can exploit its presence. First clue is that there is no reason for them to naturally create that file call - they have to form the URL. Are you using a scanning service that might be testing for that file? :not_the_usual1 [you decide] -- Trying to figure it out, just like everyone else -- Link to comment Share on other sites More sharing options...
Ken44 Posted January 25, 2012 Author Share Posted January 25, 2012 Hi. It appears to be myself that is looking for this file. In ‘whos online’ it is Admin that is looking at crossdomain.xml (see the images in the first post) Since this is only happening on Win7 then I guess this must be something to do with the operating system rather than my website. Very strange though. Ken Link to comment Share on other sites More sharing options...
RMD27 Posted May 19, 2012 Share Posted May 19, 2012 A crossdomain.xml file is used by Adobe Flash to allow your Flash content to include content from another domain. It's a security hole if not done properly, so this could be an attempt to find a vulnerability to exploit. Or, if you have Flash content on your site, it could be perfectly normal. Regards Jim jim, how do you stop it? Link to comment Share on other sites More sharing options...
RCHobbyAddict Posted June 7, 2012 Share Posted June 7, 2012 I suggest that you upload a blank file with that name... or block the ip address from where it is comming... Link to comment Share on other sites More sharing options...
Ken44 Posted June 8, 2012 Author Share Posted June 8, 2012 Hi. A crossdomain.xml file is used by Adobe Flash to allow your Flash content to include content from another domain. It's a security hole if not done properly, so this could be an attempt to find a vulnerability to exploit. I suggest that you upload a blank file with that name... or block the ip address from where it is comming... This sounds like a good idea. So Ive added a file called crossdomain.xml to root which contains this. <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="www.mysite.co.uk" /> <allow-access-from domain="mysite.co.uk" /> </cross-domain-policy> It appears to have solved the problem. But what about security? Is this OK or can it be written in a better or more secure way? Regards Ken Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.