Title
Not Logged In [Login Now]

Cross_Domain_Iframe

Low Severity
Definition ID 202, Last Updated Nov 26th 2010, 12:01 p.m. (Revision 4)

Synopsis

Detects inline frames that point to websites on a different domain

Description

This definition detects inline frames that point to websites on a different domain (a cross-domain inline frame). Cross-domain inline frames are oftentimes used by attackers in order to include malicious content on legitimate websites.

Cross-domain inline frames are not necessarily malicious. However, they can be indicative of malicious activity. Cross-domain inline frames are oftentimes used as part of mass websites attacks.

This definition can set a baseline such that it will ignore iframes for domains that are approved, only alerting when new iframes are detected for other domains.

Reference

Definition Code