The beginnings of the manual for AIDE (Advanced Intrusion Detection Environment), the free replacement for Tripwire.
Donncha writes a useful article on detecting if your site has been hacked, monitoring systems to check for hacks, and how to secure your site to avoid future hacks.
Samhain is a multiplatform, open source host-based intrusion detection system (HIDS). Samhain provides file integrity checking, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
Tripwire monitors files on the filesystem for changes as a method of intrusion detection. Similar systems include AIDE and Samhain. Useful for detecting web site hacks.
WP Security Scan is a WordPress plugin which scans your WordPress installation for security vulnerabilities and suggests corrective actions.
Article on WordPress security by TechCrunch. Good post encouraging people to keep their version up to date, etc.
An article from Noupe.com on securing WordPress installations. Some general tips such as restrict by IPs, block repeated failed logins, disallow directory listings, block access to wp-config.php, etc.