Some organizations, like schools and other non-profits, may have volunteers available to spend time maintaining a system, or simply don't have the funds to purchase and maintain a commercial IDS. In such cases, building an intrusion detection system may be a viable option.
If you do choose the "build it" route, go with a mainstream tool. Enterprises around the world, for example, deploy the open-source Snort IDS. The intrusion detection system's rule updates are available for free, but with a 30-day delay. If you're willing to spend a few hundred bucks a year, however, you can purchase a real-time rules subscription. There's also a huge community that provides a free support resource through forums on the Snort Web site.
This was first published in July 2007