Re: Pen test of Online Lottery Systems

From: Vitaly Osipov (witt@iol.ie)
Date: 06/12/02 

From: "Vitaly Osipov" <witt@iol.ie>
To: "Biju Mukund" <bmukund@mielesecurity.com>, <pen-test@securityfocus.com>
Date: Wed, 12 Jun 2002 13:59:23 +0100

While this is not exactly what you are looking for, the following link is
about possible faults in lottery system design... you may obtain some attack
ideas from it.

http://www.cl.cam.ac.uk/~rja14/lottery/lottery.html

"How to Cheat at the Lottery (or, Massively Parallel Requirements
Engineering)" by Ross Anderson.

Regards,
W.

----- Original Message -----
From: "Biju Mukund" <bmukund@mielesecurity.com>
To: <pen-test@securityfocus.com>
Sent: Tuesday, June 11, 2002 7:58 AM
Subject: Pen test of Online Lottery Systems

> Anyone who has performed Pen testing of Online Lottery systems can help me
> with the following.
> 1.Does anyone know of any incident of Fraud/cheating/hacking of a online
> system?
> 2.Has any one done a pen-test of a online lottery system before?
>
> I would be compiling security practices for Online Lottery Security.
>
> Any one who could suggest best practices will be of great help
>
> B.Mukund
>
>
>
>
> -------------------------------------------------------------------------- 

--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
>
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • RE: SQL
    ... Subject: SQL ... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Insurance
    ... property--data beign deemed "intangible" for the purposes of insurance. ... for physical security testing there are often 3rd parties ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Pen-Testing Lotus Notes/Domino
    ... Subject: Pen-Testing Lotus Notes/Domino ... of document security. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • R: Pen-Testing help (Compaq Insight & htsearch)
    ... This web server happens to be in front of their ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Application & Iplanet/Apache web server vulnerability and penetration testing
    ... I don't know what to do on the web servers other than delete example ... Any suggestions on iPlanet and Apache security? ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)