Remember that a computer is not a living organism: the phrases "virus" and "infect" are really misnomers. They imply that rogue-programs are somehow magic. They are not.
The first and most basic thing that you must always do is to keep your operating system up-to-date. Various root-exploits exist for Linux just as they do for Windows, and while they are fixed as fast as they are found, you must still
apply the fixes. Distributors are pretty good about getting these out quickly.
The next thing you must do, as previously discussed, is to make sure that your ordinary everyday account is
not "root" and does
not have special file-access rights. Your personal account should have access to nothing more than "your things."
Always remember backups: current, maintained. USB 2.0 disk drives that hold many gigabytes and fit in your pocket,
or in a safe-deposit box(!), are dirt cheap now. Buy several. Use them. You can
also use tools like Amanda, using her only to make on-disk backups with no regard for tape. (In my experience, if you rely simply upon your own memory and schedule to make current, reliable backups, "the backups won't be." The initial backing-up step needs to be "set it up and
fuhgeddaboudit.")
Make sure that your computer is only running the servers (daemons, services) that you actually require, and that you know why each one is there. Make sure that all default accounts are firmly shut-down and cannot be logged into.
For system maintenance activities other than rootly things, set up a normally-disabled separate user-ID for that purpose. This user, while not
root, has the ability to enter a group (such as
wheel) that gives it access to more things. But even then, it doesn't have access to the system...
/usr/local yes, but not "the" system.
Your primary goal is to make
your system even "slightly more" protected than the average Joe's. Your primary assailant will be a totally-automated script-kiddie troll, which will find your computer entirely by-accident.
As mentioned, the reason why
Windows gets assaulted so much is, imho
primarily the simple fact that the default installation ships with only one user, who is an [all-powerful] Administrator. Thus, when a rogue program slips in and tells the system, "Kill yourself," the computer obediently points its wand at its own forehead and shouts
"Aveda Kadavra!" The computer has been told to obey any orders that are given "in Administrator's (aka Root's) name." Rogue programs, in that situation, have the authority to tell the computer to do anything and be obeyed. And
that is the root
cause of the problem.