Tcp wrappers add an additional layer of security. Tcp Wrappers use two files namely : /etc/hosts.allow and /etc/hosts.deny

hosts.allow file has precedence over hosts.deny . So it is a better idea to allow selectively in hosts.allow file and then deny all in the hosts.deny file.

eg.

vi hosts.allow

sshd:

vi /etc/hosts.deny

sshd: ALL ( denys all hosts )

The log is available in authpriv file :

authpriv.*           /var/log/auth.log