LoginWatcher is tailing your messages file and is waiting for an entry representing a failed login attempt via SSH. After a predefined number of attempts, the IP address of the offending host is added to the hosts.deny file to prevent further logins.