While playing with the ever fun tool Pocsag v2.05, I found something interesting.
The client  by default accepts connections on port 8000 with the password
'password' even if the
TCP/IP Remote access on port xxxx box is unchecked.
You can change the default port, however the client will still accept
connections to that new port even if you think the access is disabled.

e.g.

firewalker> telnet 127.1 8000

POC32 2.05 (SHAREWARE) Remote Access Interface

Password: <enter 'password' here>
Password not accepted.

Password:
Password accepted.

You don't seem to be able to do much more than view the streams of decoded
pager messages, but still I'd rather know what connections I am enabling.

Solution: Set a new password for remote access and be aware that the box
don't stop someone trying to brute force it.

firewalker> telnet 127.1 8000

POC32 2.05 (SHAREWARE) Remote Access Interface

Password: <enter 'new password' here>
Password not accepted.

Password:
Password not accepted.

Password:



Kuji
www.bogus.net/kuji