This topic has been well discussed, so I will just add this if I may....

In addition to a firewall, an IDS (properly configured, as well as capable) can also alert you to some common conditions of attack. One such example is inspecting packets for fields that are not normally used, this typically indicates a forged packet that has been 'injected' with some data, and usually signals an exploit attempt in progress (although other explanations are possible).

In short, if you want to be even marginally secure, you need a packet filtering firewall, an IDS, logging utilities (and actually reading the generated emails/pages helps ), and a policy/tool for keeping your system up to date with all the latest patches for your OS as they become available. All of which you most likely have if you are running Linux, *BSD, or Solaris 9 and it is simply a matter of using and paying attention to them.

About your 'Why bother' question: A skilled hacker will make it incredibly difficult for you to find evidence of their presence on the system, and this does include carefully (but not suspiciously) erasing their presence from logs. IDS's still play a role here though, as they can greatly aid your efforts to recover the system *after the break-in*. I would suggest reading up on some of these and seeing what they can do, if used properly they may even give you a heads up while under attack so that you can prevent the break-in in the first place.