Have you tried this mail forum? Name of Forum: SAP FAQ Security Discussion Description: The purpose of this mailing list is to provide a forum for the discussion of Security related topics of interest to those involved with SAP. To Subscribe: Send this command: SUBSCRIBE SAPFAQ-SECURITY To this address: MDat_private At 02:20 AM 6/14/01 +0200, Rainer Duffner wrote: >On Wed, 13 Jun 2001, Johann van Duyn wrote: > > > Hi there... > > > > I'm planning to run a lightweight internal penetration test against some of > > our servers, and have run into a snag: security information on WinNT, Unix, > > Oracle, etc. is quite easy to find, but I am struggling to find anything > > good on SAP R/3. Most of the stuff is very vague, or refers to securing > > network transmissions against eavesdropping. > > > > Anyone have any real information on SAP security, especially weaknesses? > > :-) > >I found this some time ago, the content seems to move on and off to >different sites. A good opportunity to save it to HD... > >http://www.hoelzner.de/security/sap-os.html > >The text is German, but mentions a "SAP Security Guide" , which is hopefully >available in other languages. > > >cheers, >Rainer >-- >======================================== > Rainer Duffner , Konstanz, Germany > eMail: duffner@fh-konstanz.de > rainer.duffnerat_private >http://www-stud.fh-konstanz.de/duffner/ >======================================== David M. Piscitello Core Competence, Inc. (http://www.corecom.com) and The Internet Security Conference (http://www.tisc2001.com) ~~ The Internet has security problems. We have answers. ~~ 3 Myrtle Bank Lane daveat_private Hilton Head, SC 29926 1.843.683-9988 PGP Fingerprint: 070A 9F01 C35C 4D41 A460 EF2C 2992 2F12 11D2 02DC
This archive was generated by hypermail 2b30 : Thu Jun 14 2001 - 10:41:47 PDT