The most basic important way to avoid getting caught
is to not leave any trails
Don't alter or delete files, don't run programs that consume all the CPU cycles. Use a rootkit to prevent your processes and file from being visible to other people, and to remove your entries from the login database. They can't catch you if they don't notice you're there.
Of course, this is a lot more difficult if the victim uses an IDS, or programs lik tripwire and rootkit detectors. On the other hand, if they do their boxes are most likely also too tightened up for you to get in easily in the first place.
And of course, two can play that game. While you're busily installing the rootkit and sniggering about how easy it was to 0wn that box, you might fail to notice that it was only a honeypot anyway and they are now busily tracking you down and sniggering about how easy it is to pinpoint your location and sic the FBI on you.