I don't normally point users to other forums, but your question is one of the few exceptions. This
thread on the Ubuntu Forum is a very good post discussing common Linux security for those coming from a Windows mindset, which I assume you are based upon your question.
The main thing you need to understand is that security is not an application but a continuous process. Linux security does not rely upon running "antivirus" software and raising firewalls. Instead it is based upon the idea of least privilege and setting up proper access control to resources and activities such as monitoring your system logs and keeping things up to date.
