TCP Wrapper allows you to protect your machine's daemon, such as FTP, telnet, etc. It's a filter that use IP numbers and hostnames to restrict access. TCP Wrapper is already in MacOS X, but the configuration file is not provided, so there is no protection at all, and there won't be until you create one and edit it to suit your needs.
You can see a sample hosts.allow file at this URL:
Copy this file into /etc/
and edit it. How to configure the file is pretty obvious as soon as you take a look into it so I don't detail this part (the file is commented with basic instructions).
Be really careful when working on a remote machine, messing up the hosts.allow can prevent you from connecting again to that computer.