There are no events scheduled at this time.
Microsoft OCS Security Assessment Tool
OAT (OCS Assessment Tool) is an open source, self-assessment security tool designed to audit the password strength of Microsoft Office Communication Server users. After a password has been elicited by the security tool, OAT can demonstrate several proof of concept Unified Communication attacks that can be leveraged by legitimate users if the proper security controls are not in place.
Developed for Microsoft Windows OS environments, OAT was developed using the Microsoft UC SDK 2.0, and has an intuitive GUI tabbed interface. The tool starts with a password strength test feature. Supporting both NTLM and Kerberos authentication in the SIP protocol, OAT attempts to register to the OCS server with a valid SIP username and passwords supplied in the dictionary file. OAT computes the response signature needed by the OCS server in order to verify valid SIP credentials. Once the OAT user has successfully elicited user SIP credentials, attack modules from subsequent tabs can be used for launching UC attacks against valid, registered OCS users.
OAT is the first security assessment tool for Office Communication Server 2007 R1/R2, and includes the following features:
