KeePass is a free/open-source password manager or safe to help you
manage your passwords in a secure way. Put all your passwords in one
database, which is locked with one master key or a key-disk. The
databases are encrypted using the best and most secure encryption
algorithms currently known (AES and Twofish).
How relevant is it? Just do as Michelle Rowton did and do a search for it on Monster or Dice.. compare those results to other certs that employers are looking for.
I was taking the Security+ to prepare for the CISSP. As I've been studying for the CISSP the Security+ seems to have been a drop in the ocean. While I was able to draw on my years of experience to pass the Security+ (and not study as much) the CISSP is spread so thin over so MANY domains that it requires much more dedication.
Comment from DIGG:
In my opinion the Security+ certification is over-rated and is no more than another logo and a cert on the wall. Several people probably take the test as a stepping stone to the CISSP, or they take it for the simple fact that it?s a cheap certification that they never have to renew.
Compared with most other technical certification exams, the CISSP exam is quite long. Passing the test requires not only the prerequisite knowledge to answer the questions correctly, but the stamina and mental fortitude to get through the six-hour, 250-question paper-based exam.
CertCitie's Tony Bradley nails down his Top 10 tips to passing the CISSP exam. I've been doing most of them.
How to use VNC along with SSH to remotely and securely access your computer desktop by way of tunneling.
VNC is a huge vulnerability on a network without encryption. Particularly on medium to large networks with lots of users. I use it at home but don't see the need for encryption there.
Google hackers have been doing this for a while now. Here is a tutorial on finding passwords using google. This could be used to secure your own web server.
Security Professionals charged with protecting IT infrastrutures would do well to become the most aggressive hacker of their own networks. This would help them to proactively seek out new exploits on their network, webserver, or IS they protect.
Like the title says; Insecure.org's top seventy five security tools. All the usual suspects (Nmap, Nessus, Ethereal, Snort, etc.) plus some nice ones that never came up on my radar before. Though Yl33tMMV
Many of these tools can be found on the KNOPPIX STD live CD and WHAX/Whoppix. Great tools for network security assessments and/or pentests. I just wonder why there are no Google Hacker tools in there.