Penetration Testing mailing list archives
Re: SAP Security
From: Dave Piscitello <dave () corecom com>
Date: Thu, 14 Jun 2001 09:04:46 -0400
Have you tried this mail forum? Name of Forum: SAP FAQ Security DiscussionDescription: The purpose of this mailing list is to provide a forum for the discussion of Security related topics of interest to those involved with SAP.
To Subscribe: Send this command: SUBSCRIBE SAPFAQ-SECURITY To this address: MD () MD FAQGCN COM At 02:20 AM 6/14/01 +0200, Rainer Duffner wrote:
On Wed, 13 Jun 2001, Johann van Duyn wrote: > Hi there... > > I'm planning to run a lightweight internal penetration test against some of > our servers, and have run into a snag: security information on WinNT, Unix, > Oracle, etc. is quite easy to find, but I am struggling to find anything > good on SAP R/3. Most of the stuff is very vague, or refers to securing > network transmissions against eavesdropping. > > Anyone have any real information on SAP security, especially weaknesses? > :-) I found this some time ago, the content seems to move on and off to different sites. A good opportunity to save it to HD... http://www.hoelzner.de/security/sap-os.html The text is German, but mentions a "SAP Security Guide" , which is hopefully available in other languages. cheers, Rainer -- ======================================== Rainer Duffner , Konstanz, Germany eMail: duffner () fh-konstanz de rainer.duffner () surf24 de http://www-stud.fh-konstanz.de/duffner/ ========================================
David M. Piscitello Core Competence, Inc. (http://www.corecom.com) and The Internet Security Conference (http://www.tisc2001.com) ~~ The Internet has security problems. We have answers. ~~ 3 Myrtle Bank Lane dave () corecom com Hilton Head, SC 29926 1.843.683-9988 PGP Fingerprint: 070A 9F01 C35C 4D41 A460 EF2C 2992 2F12 11D2 02DC
Current thread:
- SAP Security Johann van Duyn (Jun 13)
- Re: SAP Security mht (Jun 13)
- Re: SAP Security Rainer Duffner (Jun 13)
- Re: SAP Security Dave Piscitello (Jun 14)
- <Possible follow-ups>
- RE: SAP Security Maslyar, George (Jun 14)
- RE: SAP Security Spencer, Ed M. -ND (Jun 14)