Description: This event is generated when an attacker attempts to connect to a Telnet server using the phrase "hax0r". This is a known password for the sm4ck Linux rootkit.
Impact: Possible theft of data and control of the targeted machine leading to a compromise of all resources the machine is connected to.
Corrective: Disallow Telnet access from external sources. Use SSH as opposed to Telnet for access from external locations Delete the Trojan and kill any associated processes.