KenB - 10:44 pm on Jan 6, 2010 (gmt 0)
For preference get a Linux machine for browsing. It's not virus-proof but Windows is far worse
Let's not start a OS pissing contest. To each his own when it comes to OS. I'm perfectly happy with WinXP and never get an infection.
Do NOT trust AV software. It can get rid of quite a lot but a) it needs to know the latest virus that was only launched ten minutes ago; b) it can be disabled by a virus (that's as of several years ago); c) it can produce false positives; d) you probably haven't got it connected to your web browser anyway.
A good anti-virus program automatically connects to one's browser, but an anti-virus program can't be the first nor last line of defense.
Google uses (used?) a third party service for virus detection that is only as good as the AV detection system it uses; see above.
Google is only a layer of defense. As stated above computer security is about having multiple layers.
Ensure you do NOT use web browsers on your server, nor email tools, either of which can get your server infected. Ensure your username and password are VERY good (12 alpha/numeric/symbol characters). Only use SSL-protected FTP with good passwords (and never anonymous). If you use SSH then be very careful: I had it enabled for an hour on a server and got hit thousands of times with hack attempts in that time. Keep an updated AV running on a regular schedule with emailed reports. Lock down IIS servers VERY carefully. Keep the software updated with the latest patches. I accept many web site owners cannot manage all of the above but ask your hosting service what THEY are doing.
What can go a long way towards simplifying this is to use a fully managed web hosting service with a really good web hosting company. They'll keep the server updated and secured, all you have to worry about are web applications and how you connect to the server to update stuff. One common vector for infecting servers is via a compromised work station that is used to edit and upload code. Malicious code get added to the scripts on the server by the infected workstation and then uploaded to the server via the methods used to connect the work station to the server or get uploaded the next time the developer FTPs files over to the server.
One thing I have learned, as a web site designer and hoster, is that most site owners seldom actually look at their sites.
Blogs and forums are prime targets for planting virus links and again, many blog owners never monitor them or simply get bored and go away. If you have a blog or forum, keep the software up to date and run it moderated if possible.
The best way to manage a blog or forum is to premoderate all posts by new/unknown individuals. Nothing ever gets posted to my blog until I've approved it and all posts on my forums by new users have to be approved. Once a new forum user has a track record of not being a spammer they get promoted and their posts get posted automatically. HOWEVER, I make sure all posts get read by someone who can nix them and I don't let dynamic content.