In reading the SANS Handler's Diary blog last evening its seems that something might by amiss. DShield tracking shows that scans of port 23 have increased significantly. As you probably know, port 23 is typically used for Telnet. The number of detected scans were relatively few for most of May. Then around the 25th the number of scans increased slightly, and on June 1 the number jumped way up over 65,000. Naturally, people wonder if there is some sort of unreported vulnerability in Telnet services. If you run a Telnet server then you should keep a close eye on activity.