I am just a lowly home computer user, so I have almost no need for intrusion detection.
I will, however, mention aide as a security tool.
I have zero experience with aide, and I have only a passing understanding of how it works or how to use it.
Seems to me, aide keeps a tight list of files on your system and checks them occasionally for signs of tampering.
No doubt the home page can explain it better than I. If security and system integrity are a concern for you, this is probably what you want.
And given that its first incarnations were in 1999, I think its safe to say it’s an established feature in the Linux landscape.
Inconsolation 
Using AIDE at multiple clients, to of which are required by audit laws. It does require some configuration, and you have to keep it up to date when the servers change. Also, you need to have someone looking at the logging every day. I’m now migrating of of AIDE in favor of OSSEC, which does mostly the same, file monitoring, but also log analyzing, for example it can do the same as fail2ban, blocking ssh brute force attempts, but for example it also sends email when apache gets more than 10 403’s in a minute.
“OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.”
Pingback: Links 6/6/2013: Ghana Linux Update, AMD Turns to Linux | Techrights
Pingback: Bonus: Missing … presumed having a good time | Inconsolation