Security Basics mailing list archives
Re: Delving into an ERP security.
From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Fri, 1 Feb 2008 19:04:08 +0200
Hi, all. I'd like to here about SAP auditing practices as well (may be you can cross-post to pen-test?). The only think I've were password audit with self-written tool which were using java rfc library and have checked sap for default passwords (google for the complete list). 2008/1/26, WALI <hkhasgiwale () gmail com>:
We are into finalising RFP details for rolling an ERP (SAP/Oracle) for operations ranging from usual backend (HR, Accounts, Administration) to front end business largely associated with engineering and construction business. Now, does anyone here have any experience relating to the security needs of SAP or oracle implementation on the infrastructural level? I have heard that recently NOvell had a tie up with SAP and microsoft and guys are talking about SuSe linux Enterprise server as a robost alternative to windows underlying platform. Is this an alternative that can be explored? What other things you guys might want to be considered at the RFP level from technology (and not functionality/features) perspective, for we already have too many people on board mapping out business needs at this point in time, but very few, looking at the underlying infrastructure on which the whole initiative will run. any/all suggestions are welcome. Rgds
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com
Current thread:
- Re: Delving into an ERP security. Gleb Paharenko (Feb 01)