Just dropping a note, I've built CentOS4 friendly RPMs (as well as RHEL4 and FC4) of two of my favourite tools, PortSentry and ProFTPd:
ftp://ftp.pbone.net/mirror/ftp.falsehope.net/home/tengel/portsentry/CentOS4/ ftp://ftp.pbone.net/mirror/ftp.falsehope.net/home/tengel/proftpd/CentOS4/
PortSentry is built using the last known (RedHat 9 based) SPEC/patches from FreshRPMS, updated to apply with the latest known version 1.2. I have noticed no problems in it's operation on a production server, it's detecting portscans and dropping IPs as expected.
ProFTPd has a backport of a patch applied that makes it work with the default MySQL 'old_passwords=1' setting found in RHEL4/CentOS4 default installs (proftpd bug #2644). If you don't want ProFTPd MySQL support in CentOS4, simply rebuild the SRPM without any commandline options.
Both packages SRPMs should cleanly rebuild on CentOS3/RHEL3, but untested by me.
-te