Actually OAT is still being maintained by the company in question. All
we need from you is information on how to duplicate / verify the
problem, and we will fix any potential bugs.
OAT is still an important, valid security tool. Just because the
original author left the company, doesn't signify that the tool will no
longer be supported by the company, even if it's an open source security
tool. Help us help you :-)
Jason O.
Francois Yang wrote:
> I'm wondering if anyone know of any tools that I can use to do a
> security assessment for a MS OCS 2007 system using SIP TLS.
> I've found the tool OAT (OCS Assessment Tool), but I'm getting some
> errors and the project is not being maintained anymore and the author
> doesn't work for that company anymore.
> http://voat.sourceforge.net/
>
> I'm basically looking for some kind of tool that will show management
> that OCS should not be allowed from the outside in and what kind of
> damages can be done when it is allowed.
> anything that would show that once inside someone can download
> contacts, send spam, dos, etc....
> OAT would of done a great job if it worked.
>
> Thanks.
>
> Frank
>
>
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
Actually OAT is still being maintained by the company in question. All
we need from you is information on how to duplicate / verify the
problem, and we will fix any potential bugs.
OAT is still an important, valid security tool. Just because the
original author left the company, doesn't signify that the tool will no
longer be supported by the company, even if it's an open source security
tool. Help us help you :-)
Jason O.
Francois Yang wrote:
> I'm wondering if anyone know of any tools that I can use to do a
> security assessment for a MS OCS 2007 system using SIP TLS.
> I've found the tool OAT (OCS Assessment Tool), but I'm getting some
> errors and the project is not being maintained anymore and the author
> doesn't work for that company anymore.
> http://voat.sourceforge.net/
>
> I'm basically looking for some kind of tool that will show management
> that OCS should not be allowed from the outside in and what kind of
> damages can be done when it is allowed.
> anything that would show that once inside someone can download
> contacts, send spam, dos, etc....
> OAT would of done a great job if it worked.
>
> Thanks.
>
> Frank
>
>
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]