Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: SAP Security

From: "Spencer, Ed M. -ND" <Ed.M.Spencer.-ND () disney com>
Date: Thu, 14 Jun 2001 12:22:30 -0400
Unfortunately, my German is rusty (let's just say high school was a long
time ago) and there may be a few people on the list that don't speak German
(just a guess).  However (isn't there always a however) if you go to
http://www.dictionary.com/translate/ and paste the link to the web page
http://www.hoelzner.de/security/sap-os.html you get a fairly readable
version.

Hope that helps.

-----Original Message-----
From: Rainer Duffner [mailto:duffner () fh-konstanz de]
Sent: Wednesday, June 13, 2001 8:21 PM
To: Johann van Duyn
Cc: pen-test () securityfocus com
Subject: Re: SAP Security


On Wed, 13 Jun 2001, Johann van Duyn wrote:


Hi there...

I'm planning to run a lightweight internal penetration test against some

of

our servers, and have run into a snag: security information on WinNT,

Unix,

Oracle, etc. is quite easy to find, but I am struggling to find anything
good on SAP R/3. Most of the stuff is very vague, or refers to securing
network transmissions against eavesdropping.

Anyone have any real information on SAP security, especially weaknesses?
:-)


I found this some time ago, the content seems to move on and off to
different sites. A good opportunity to save it to HD...

http://www.hoelzner.de/security/sap-os.html

The text is German, but mentions a "SAP Security Guide" , which is hopefully
available in other languages.


cheers,
Rainer
-- 
========================================
 Rainer Duffner , Konstanz, Germany
 eMail:  duffner () fh-konstanz de
       rainer.duffner () surf24 de
http://www-stud.fh-konstanz.de/duffner/
========================================
Previous By Date Next
Previous By Thread Next

Current thread: