|
Penetration Testing
mailing list archives
Re: SAP Security
From: Dave Piscitello <dave () corecom com>
Date: Thu, 14 Jun 2001 09:04:46 -0400
Have you tried this mail forum?
Name of Forum: SAP FAQ Security Discussion
Description: The purpose of this mailing list is to provide a forum for the
discussion of Security related topics of interest to those involved with SAP.
To Subscribe: Send this command:
SUBSCRIBE SAPFAQ-SECURITY
To this address: MD () MD FAQGCN COM
At 02:20 AM 6/14/01 +0200, Rainer Duffner wrote:
On Wed, 13 Jun 2001, Johann van Duyn wrote:
> Hi there...
>
> I'm planning to run a lightweight internal penetration test against some of
> our servers, and have run into a snag: security information on WinNT, Unix,
> Oracle, etc. is quite easy to find, but I am struggling to find anything
> good on SAP R/3. Most of the stuff is very vague, or refers to securing
> network transmissions against eavesdropping.
>
> Anyone have any real information on SAP security, especially weaknesses?
> :-)
I found this some time ago, the content seems to move on and off to
different sites. A good opportunity to save it to HD...
http://www.hoelzner.de/security/sap-os.html
The text is German, but mentions a "SAP Security Guide" , which is hopefully
available in other languages.
cheers,
Rainer
--
========================================
Rainer Duffner , Konstanz, Germany
eMail: duffner () fh-konstanz de
rainer.duffner () surf24 de
http://www-stud.fh-konstanz.de/duffner/
========================================
David M. Piscitello
Core Competence, Inc. (http://www.corecom.com) and
The Internet Security Conference (http://www.tisc2001.com)
~~ The Internet has security problems. We have answers. ~~
3 Myrtle Bank Lane dave () corecom com
Hilton Head, SC 29926 1.843.683-9988
PGP Fingerprint: 070A 9F01 C35C 4D41 A460 EF2C 2992 2F12 11D2 02DC
 By Date 
By Thread
Current thread:
|
Intro
