[IDS rant]

First people came with firewalls, after that firewalls were not enough and IDS became the trend and common sense. But ask yourself, since when does this all came up? Since more and more lousy sysadmins entered the IT field? Security trough obscurity seems to be a major trend? Or is this wrong?
What I'm saying is that a good admin can close almost all unnecessary ports / holes / ... in the systems / network he/she admins and protect other stuff with good firewalls. How many times do you check your logfiles? Firewall logs? Server logs? ... A human "intrusion detection system" rules. Therefor all those people bragging about their wonderfull firewalls and IDS's without taking care of the basic things ... argh...
I have seen so called 'system engineers' wanting the best of the best for their IDS, jumping on everything new the firm has or needs to implement without knowing or taking care of some elementary things. Like for instance a wrong configured server for their 'toys' that kept taking a static IP meant for the mail server, making that server go nuts (DoS) every once in a while and email do crazy things.

IDS is a good idea, but don't make it a meaningless 'hype' to follow.

[/IDS rant]