Tripwire is just file integrity. It can help to detect the installation of a backdoor. But that doesn't help at all if the backdoor is just memory resident (or installs at kernel level). It also doesn't help if the attacker breaks in, grabs your data and leaves for good.
File integrity is also a pain in the ass. You have to keep a database of good file hashes and it can't be stored on the server (or the attacker modifies the known good hashes). Generally you also should not even have the file integrity software on the live server filesystem.
Similarly Network IDS has the flaw that you must have well defined profiles of "normal behavior" so it can identify abnormal behavior. The other option is signature-based but that would only detect known exploits.
File integrity is also a pain in the ass. You have to keep a database of good file hashes and it can't be stored on the server (or the attacker modifies the known good hashes). Generally you also should not even have the file integrity software on the live server filesystem.
Similarly Network IDS has the flaw that you must have well defined profiles of "normal behavior" so it can identify abnormal behavior. The other option is signature-based but that would only detect known exploits.