0

Is it possible to secure the SAP Telnet Administration port, which is usually port 50008?

I would like a SSH type connection, so that data cannot be intercepted/read and non-authorised connection attempts cannot be made.

Note that the SAP system is on a Windows environment.

Techboy
  • 1,550
  • 7
  • 31
  • 49
  • 1
    I thought the SAP telnet port was only available via the local NIC on the server? – TheCleaner Jul 16 '13 at 13:31
  • @TheCleaner - https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/sno/ui_entry/entry.htm?param=69765F6D6F64653D3030312669765F7361706E6F7465735F6E756D6265723D3138343438363926 says 'For 7.1 Netweaver systems and above, the telnet service is now more secure as it can only be accessed from the local host.'. Most of our systems are version 7.02 and I can telnet to these from my PC, but I cannot telnet to our systems running 7.1. – Techboy Jul 17 '13 at 10:06

1 Answers1

0

https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/sno/ui_entry/entry.htm?param=69765F6D6F64653D3030312669765F7361706E6F7465735F6E756D6265723D3138343438363926 says:

Symptom

Due to security concerns you wish to disable telnet access to the SAP Netweaver AS Java system.

Environment

SAP J2EE Engine 6.40/7.02

Resolution

There are several different methods of disabling telnet with no negative effects to your system:

  1. You can ban your telnet port at an OS level or use a firewall to block it. Note that the telnet port always ends with 8. Example: 50008.
  2. You can set invalid custom properties for host and port of the telnet service of the dispatcher via the configtool.
  3. You can set the start up mode of the telnet service of the server node to Manual via the configtool. Without the telnet service running there can be no telnet connections to the java system.For

For 7.1 Netweaver systems and above, the telnet service is now more secure as it can only be accessed from the local host.

Techboy
  • 1,550
  • 7
  • 31
  • 49