I hear a lot about security software that's useful on servers, but little about what is helpful on desktops. What would you folks recommend to prevent trojan infestations and belligerent corruption or destruction of data?

What, if anything, can prevent a browser from auto-downloading and executing hostile binaries?

Are NIPS systems such as Snort useful? Or are they a waste of time on a desktop? What about host-based intrusion prevention (as opposed to intrusion detection) systems - do any open-source ones exist?

Can ClamAV detect Linux trojans in realtime, or is it only good for finding Windows malware?

What, in general, can help prevent compromise of my system and/or data, and the associated reinstalls and restoration from backup?

under linux, you have a small chance that you can be infected by a virus because most are written for Windows as that is the OS of choice (sadly). If you have wine, it is possible for a virus to be installed in the wine drive, but it will not hurt the main linux system. but if you are worried, try SELinux, or there is an AVG port for Linux http://free.avg.com/download?prd=afl

Hope I helped!

As far as viruses are concerned , Linux is extremely safe and as I know to-date there are just handful of viruses for linux. Again in a true sense they are not viruses. So if you really are worried about security do read about SElinux. Its available by default in allmost all the flavors of linux, you just have to enable/configure it as per your requirement. Have a look over here,
http://www.selinuxproject.org/page/Main_Page
http://www.gentoo.org/proj/en/harden...x-handbook.xml
http://ubuntu-tutorials.com/2008/03/...4-hardy-heron/

and some ooks,
http://www.onjava.com/catalog/selinux/
http://www.amazon.com/SELinux-Exampl.../dp/0131963694

Thanks.