SARA conducts a simple test on the pre-login banner of a telnet session by looking for the word Unauthorized or unauthorized. If neither word is found, a warning is reported in the SARA database.
Build a proper pre login banner. For example, in Linux systems, the pre login banner is contained in /etc/issue.net.