Security software for the Linux desktop
I hear a lot about security software that's useful on servers, but little about what is helpful on desktops. What would you folks recommend to prevent trojan infestations and belligerent corruption or destruction of data?
What, if anything, can prevent a browser from auto-downloading and executing hostile binaries?
Are NIPS systems such as Snort useful? Or are they a waste of time on a desktop? What about host-based intrusion prevention (as opposed to intrusion detection) systems - do any open-source ones exist?
Can ClamAV detect Linux trojans in realtime, or is it only good for finding Windows malware?
What, in general, can help prevent compromise of my system and/or data, and the associated reinstalls and restoration from backup?