prelude also looks like a useful IDS, just came across it on a google
I just got done installing and configuring Snort/Base/NTop on my home xubuntu firewall. I have yet to tune the rulesets so I have its IP blocking features turned off as it gets false positives fairly regularly. These helped me get through installation.
[all variants] Intrusion Detection - Ubuntu Forums
As for Security Onion I tried it out in VMware and it looks pretty cool.
I don't know, sometimes its nice to have all the tools and features you want already installed and configured on a distro *cough* backtrack *cough* :-)