GEN:SID 1:716
Message INFO TELNET access
Summary This event is generated when a remote user successfully connects to a telnet server.
Impact Remote access.  This event may be an indication of a successful telnet connection by an authorized or unauthorized user.
Detailed Information A message is generated by a telnet server after a successful connection.  This particular event occurs when a remote user who does not belong to the internal network successfully connects to a telnet server.  This may be a legimate connection by an authorized user or a undesired connection by an unauthorized user.  Since telnet connections are not encrypted, it is possible that user accounts and passwords may be sniffed and used by attackers.  Telnet connections are not considered to be secure especially over the Internet.  Secure shell is the recommended service for remote connectivity since it uses encrypted sessions.
Affected Systems Telnet servers.
Attack Scenarios An attacker may attempt to connect to a telnet server after sniffing a username and password.
Ease of Attack Simple
Corrective Action Consider using Secure Shell instead of telnet.

Block inbound telnet connections if it is not required.
Additional References CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0619

Arachnids:
http://www.whitehats.com/info/IDS08
Rule References arachnids: 08
cve: 1999-0619
nessus: 10280