RWSecure parses the /var/log/secure (or specified secure log) file for Invalid usernames or Failed password. If more than x invalid or failed attempts by one IP(i.e. brute force), it will add that IP to your /etc/hosts.deny file by default (also configur