Penetration Testing mailing list archives
Any ideas / thoughts / guides on MS Sharepoint 2007 testing?
From: phoe nix <phoenix211 () gmail com>
Date: Wed, 02 May 2007 17:22:24 +0200
Hello all, I'm supposed to do a review of a fresh MS Sharepoint 2007 installation. I found one large Sharepoint 2007 Security Guide from MS, but I'd rather prefer having something from an independentt/different authority as well. Sharepoint is build upon MS SQL Server, IIS etc... so the checks used for those components won't be very different. But then, there's all the Sharepoint specific work to do like checking the permission levels on shared documents, checking built-in and custom workflows, the publishing process, etc... Has anyone already been confronted with a situation similar to this one and been able to document the steps of his approach? It would be helpful for me to have, besides my own (soon to be developed) approach, a second thought/view on the whole thing. I'd be willing to share my knowledge as well, of course. Thanks, Bob Bonker ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Any ideas / thoughts / guides on MS Sharepoint 2007 testing? phoe nix (May 02)