Hi,
I was trying to improve on my banhosts utility and while searching for 
possible features I found this page 
http://tdot.blog-city.com/securing_ssh_with_denyhosts.htm

Spawning of deny hosts from hosts.deny is interesting. So I was trying 
to experiment and spawned "sleep 20" command. By accident I forgot to 
remove it and later checking my logs I found that no breakin attempts 
were made. I had several ports scanning attempts but no breakin attempts 
after.

Having this command in tcp wrappers file delays prompt by 20 seconds and 
I guess automated scripts timeout before getting the prompt. I think I 
will leave this command in my file just to see how many attempts I would 
get.

This solution maybe not appropriate for hosts with high number of ssh 
users but for http/ftp/game servers it will make password guessing very 
time consuming.

Any opinions?

Thanks,
Alex