limit root acces with tcp wrapper


I try to securise a bit more my box.
I’d like to do 2 thinks.

1- Automaticly deny a host who’s trying to connect more than n times in n minutes.
For example in my log I have a host who’s tried to connect to ftp server more than 40 times in few minutes with a different username.

2- Allow SSH root acces to only few host (

I know the hosts allow and deny but how configure it for these 2 cases ?

for case 2 I don’t know how to specify the userlogin in the file

hosts.deny :
sshd :
ALL:all \ ==> how to say for userlogin ROOT
spawn /bin/echo /bin/date from %h>>/var/log/ssh.log

ALL : ==> how to say for userlogin ROOT

thanks for your help