Skip to content

Page226

Screen Scraping

Screen scraping presents one approach to graphical remote access to systems. Screen scraping protocols packetize and transmit information necessary to draw the accessed system’s screen on the display of the system being used for remote access. VNC (Virtual Network Computing), a commonly used technology for accessing remote desktops, is fundamentally a screen scraping style approach to remote access. Not all remote access protocols are built as screen scrapers. For example, Microsoft’s popular Remote Desktop Protocol (RDP), does not employ screen scraping to provide graphical remote access.

Multimedia Collaboration

Multimedia collaboration includes a suite of technologies, including instant messaging and remote meeting technologies. Many of these technologies allow file transfer, remote control of PCs, recording audio and video, and other capabilities that can introduce risk to an organization.

Instant Messaging

Instant Messaging allows two or more users to communicate with each other via real-time “chat.” Chat may be one-to-one, or many-to-many via chat groups. In addition to chatting, most modern instant messaging software allows file sharing, and sometimes audio and video conferencing.

Older instant messaging protocols include Internet Relay Chat (IRC), AOL Instant Messenger, and Extensible Messaging and Presence Protocol (XMPP, formerly known as Jabber). These older instant messaging technologies often used plaintext TCP/IP protocols to transfer data and were easy to monitor on networks. Modern instant messaging solutions (such as Google Talk, Discord, and Slack) use HTTPS to communicate, and are far more difficult to monitor.

Chat software may be subject to various security issues, including remote exploitation, and must be patched like any other software. The file sharing capability of chat software may allow users to violate policy by distributing sensitive documents, and similar issues can be raised by the audio and video sharing capability of many of these programs. Organizations should have a policy controlling the use of chat software and technical controls in place to monitor and, if necessary, block their usage.

Remote Meeting Technology

Remote meeting technology is a newer technology that allows users to conduct online meetings via the Internet, including desktop sharing functionality. Commercial remote meeting solutions include Zoom, GoToMeeting by Citrix Systems, and Microsoft Live Meeting. These technologies usually include displaying PowerPoint slides on all PCs connected to a meeting, sharing documents such as spreadsheets, and sometimes sharing audio or video. Some solutions allow users to remotely control another connected PC.

Many of these solutions are designed to tunnel through outbound SSL or TLS traffic, which can often pass via firewalls and any Web proxies. If a site’s remote access policy requires an IPsec VPN connection using strong authentication to allow remote control of an internal PC, these solutions may bypass existing controls (such as a requirement for strong authentication) and violate policy. Usage of remote meeting technologies should be understood, controlled, and compliant with all applicable policy.