RE: Saprouter audit

From: Ali-Reza Anghaie (ali@packetknife.com)
Date: Tue Sep 12 2006 - 21:06:21 EDT

• Next message: Stefano Zanero: "Re: tools to scan source code"
• Previous message: marco@cerbtech.net: "Fwd: Re: tools to scan source code"
• In reply to: prashant.gawade@paladion.net: "Saprouter audit"
• Next in thread: Jan van Rensburg: "Re: Saprouter audit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

SAPRouter is not protocol aware AFAIK. At least the versions I've had
experience with. Frequently I've found SAPRouters to also route other
ports or even route non-SAP traffic on 3299. I've found many SAPRouters
with "* *" lines to subnets, a brilliant gap. It's distinctly possilble
you also connected directly to a SAP box, not a SAPRouter. If you think
you've really found a SAPRouter then do some active footprinting to see
if it's being used for load-balancing. Or see if you have figure out how
many SAP instances are available through that router (production, test,
quality). I intend to write a posting on the topic sometime soon.
SAPRouter is a huge annoyance of mine. -Ali

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of prashant.gawade@paladion.net
Sent: Tuesday, September 12, 2006 2:07 AM
To: pen-test@securityfocus.com
Subject: Saprouter audit

Hi all

During penetration testing I found port 3299 is open on the
serve.Research shows me that this port is open on saprouter.

To give more information about saprouter

It provides additional level of security to sap servers.We can set rules
like normal cisco router on saprouter.It act like proxy for people
connecting to the sap servers.

I am looking for information like

Penetration testing on sap router

Things we can test on port 3299

Prashant Gawade

Information Security Consultant

Paladion Networks

Navi Mumbai

India

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

• Next message: Stefano Zanero: "Re: tools to scan source code"
• Previous message: marco@cerbtech.net: "Fwd: Re: tools to scan source code"
• In reply to: prashant.gawade@paladion.net: "Saprouter audit"
• Next in thread: Jan van Rensburg: "Re: Saprouter audit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:56 EDT