One method of break-in prevention is the use of TCP wrappers. These
will let you see where everyone is connecting to your machine from.
TCP wrapper source can be found at this
location. A precompiled Encap archive is here.
After compiling them, you want actually have your machine run them.
To do this, you need to modify your /etc/inetd.conf. If it read:
telnet stream tcp nowait root telnetd telnetd
it should now read:
telnet stream tcp nowait root /usr/sbin/tcpd telnetd
Once these have been installed, you can see the connections being
made to your machine in your sysadmin logs in /var/adm/syslog.