So, I'm still running Tripwire 2.3.1.2 (hmm.. isn't 2.4.1.2 out now?) on Argo. You know what? Maintaining it sucks.

I hear samhain is the uber-cool IDS of the day (that actually has database signing using gpg, unlike aide), but then I need to learn another IDS.

I have this RPM database; isn't there some script that can use that to verify things aren't evil? Something that checks binaries and stuff using the database, and then looks for directories and files that shouldn't exist at certain places?

What else do people use for an IDS? Or IDS' just a tool of days-gone-by and I should just learn to live in the days where no one uses an IDS to make sure their box is 0wnz3d?