Unified Communications: Click to talk

Apr 3 2009   12:57PM GMT

Test and Verify OCS Security with OAT

Tony Bradley Tony Bradley Profile: Tony Bradley

At Voicecon 2009 in Orlando this week Sipera Systems announced a new free tool for assessing unified communications and VoIP security. The OCS Assessment Tool, dubbed OAT, is available as a free download from Sourceforge.

According to the OAT download site, Sipera’s “VIPER Lab created OAT because OCS and other Microsoft products are frequently being used as part of a unified communications infrastructure in many enterprises. Our mission is to help IT manager and security practitioners evaluate the security architecture of their deployments and ensure that their mission-critical communications and systems are protected.”

OAT starts off with a dictionary attack against a known user. Once the password is determined, OAT can run a variety of UC / VoIP attacks against the OCS environment. OAT can be run internally, as if an authorized user is performing malicious or unauthorized activities, or as an external attack against OCS. OAT can perform the following functions:

  • Online Dictionary Attack
  • Presence Stealing
  • Contact List Stealing
  • Single User Flood Mode (Internal)
  • Domain Flood Mode (Internal)
  • Call Walk (Internal/External)
  • Play Spam Audio
  • Detailed Report Generation

Follow me on Twitter

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: