Home page logo

pen-test logo Penetration Testing mailing list archives

Any ideas / thoughts / guides on MS Sharepoint 2007 testing?
From: phoe nix <phoenix211 () gmail com>
Date: Wed, 02 May 2007 17:22:24 +0200

Hello all,

I'm supposed to do a review of a fresh MS Sharepoint 2007 installation.
I found one large Sharepoint 2007 Security Guide from MS, but I'd rather
prefer having something from an independentt/different authority as
well. Sharepoint is build upon MS SQL Server, IIS etc... so the checks
used for those components won't be very different. But then, there's all
the Sharepoint specific work to do like checking the permission levels
on shared documents, checking built-in and custom workflows, the
publishing process, etc... Has anyone already been confronted with a
situation similar to this one and been able to document the steps of his
approach? It would be helpful for me to have, besides my own (soon to be
developed) approach, a second thought/view on the whole thing. I'd be
willing to share my knowledge as well, of course.


Bob Bonker

This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!


  By Date           By Thread  

Current thread:
  • Any ideas / thoughts / guides on MS Sharepoint 2007 testing? phoe nix (May 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]