I don't think we should put all of our eggs in one basket. I think a comprehensive approach is a better choice. I think we should each use whatever defenses we believe are suitable and necessary to protect our individual Linux systems. If all you want is a firewall then use one. Personally I have greatly benefited from using aide, an IDS. Running ClamAV only takes about an hour a day for most of the days of the week. I scan other stuff on the weekends so that takes longer, but runs while I am sleeping.
Signed,
Matthew Campbell
Signed,
Matthew Campbell