Although "user friendly" web browser interfaces are becoming popular and are moving to replace Telnet as a means for network configuration of local and remote devices, Telnet has historically been the means by which routers, firewalls, and all manner of remote Internet devices were configured, updated, and maintained.
A Telnet client program presents a terminal-like window to its user and, when given a remote IP and optional port (port 23 is the default) attempts to connect to the remotely located machine to initiate a Telnet session. Since anyone with access to the network or Internet can access the Telnet server running in a device, the user must typically log onto the device with a user name and password.
A significant lack of security is created by devices which ship, by default, with Telnet servers running and with well known default, blank, or obvious user names (such as "Admin") or passwords (such as "password"). This has made Telnet a source of a great deal of security grief through the years.
Due to the tremendous potential for abuse, hackers generally take an immediate interest in any system that is presenting an open Telnet port to the Internet. If our tests have shown an open Telnet port on your system, immediate action should be taken to shut down, protect, or hide this service from the Internet.
The Telnet RFC (the complete specification)
The specification of every nuance and detail of the Telnet protocol, as written by the people who invented it, may be found here:
http://www.ietf.org/rfc/rfc854.txt
http://www.faqs.org/rfcs/rfc854.html
Trojan Sightings: ADM worm, Fire HacKer, My Very Own trojan, RTB 666, Telnet Pro, Tiny Telnet Server - TTS, Truva Atl