hexophrenic

To add to what digip said: Modify the list.txt file to include only 0-sized directories and skip the verification step. Write a batch file with a for /f loop using rmdir...it will error out on directories that are not empty. Pipe the output of the command to a text file and review for errors.

If he had spent an extra $200 he could have gotten a real notebook :). Personally, I would not spend the extra money. That being said, I have an Asus 1000 40gb SSD (8gb okay, 32gb dreadfully slow) that I upgraded the stock 32gb SSD (basically sd card on a stick) with a 64 gb better SSD and upgraded to 2gb ram. My Windows 7 install boots to desktop within 15 seconds. All that being said, I rarely use it, because I tend to use my regular laptop. About the only time I use my netbook is to watch movies on a plane or do updates when I think about it. For me, it is just a shiny toy.

Commodore 128D, although I got sent to the principals office in 1st grade for accessing restricted systems on the TRS-80...great start to a fruitful career :).

I have actually been trying to decide between keeping my iPhone or "upgrading" to an iPad. I really don't need anything on my phone other than a phone, though the extras are nice to have (email, games, etc.). The reality, though, as I get older is that I appreciate being away from email and the like at times and don't feel the need to be bothered with it anymore. Most often I would like to be closer in the loop during work hours at work, so an iPad with wireless may be plenty for me when I do not want to lug my laptop around and is smaller and more useful than my netbook. That being said, I have never actually even poked an iPad with a stick so it may be a moot point. As far as people looking at specs on a tablet, remember they are typically geared to longer battery life. Autodesk and Adobe-type products may work, but I think it is far from the intent of the devices for the most part. The same arguments were made about netbooks...it is all about setting appropriate expectations.

I think Infiltrator pretty well summed it up. Linux only, use ext2/3/4. Any Windows at all, use NTFS.

Monoprice has some pretty inexpensive Cisco crossover cables, if you need a source. http://www.monoprice.com/products/subdepartment.asp?c_id=105&cp_id=10206

I was not questioning the amount of traffic, just the amount of DHCP/DNS traffic. I suspect DHCP/DNS are a very small portion of any of that traffic. Remember you did not inquire about 50mbps of internet usage?

Actually, it would be associating that would be required most likely. Open networks would not require authentication, only association, depending on what you are testing. Also, 802.1x will "reset" for every MAC change so WPA/WPA2 would likely break if that is what you are testing.

How many DNS lookups (new lookups that would not be locally cached) are really used in a LAN party? People should be busier playing their games than browsing the internet :).

Host keys identify the system you are connecting to for testing for a MITM or spoofing of the server and do not require a passphrase by design as mentioned above, systems would not start non-interactively without potentially exposing the passphrase programmatically. SSH user keys (pub/priv keys) are used to verify the identify of the user and can be considered multifactor authentication when using a passphrase (something you have and something you know). Much bettwe security that way, but I have seen lazy admins using only pki for authentication so they do not have to type a password and many admins/devs that use pki without passphrases for automated system authentication (hopefully with very limited access).

P133 with 16mb ram should do it ;). A WRT54g class device with ?-wrt should be able to handle the load. DNS/DHCP for 200 users will be negligible load on a system. As far as a tool to actually verify exactly how many DNS/DHCP requests your system can handle, can't help you there off the top of my head.

Your host keys should not have passphrases. Your user keys most certainly should. Perhaps you are confusing the 2?

Banners are like contracts, they cannot be used to enforce otherwise illegal activity. I guess just do whatever is comfortable for you and accept the consequences whatever they are.

Pics or it didn't happen... :P

If you have a file that ends in lzma, you would use lzma/7zip to extract the files. Those files should be able to be read by rt compatible apps. If the file ends in .md5sum, it is not an archive but rather a text file with md5sums in it.

Legality depends on jurisdiction. Most states (US), I suspect, would consider retaliatory hacking (Karmetasploit included) illegal.

Sorry was unclear...was intended to augment what you said for the OP just starting out.

.md5sum files typically only contain the md5 hash of the file to verify integrity. However, you will need to decompress the .lzma file if you wish to use it. The resulting .rt file will likely be quite large, so make sure you have plenty of room. Obviously enough, you need lzma (or 7zip) to decompress an lzma file.

Don't overlook certifications from Dell, HP, etc.. While they are not the gold standard long term certs you want, they are fairly easy to obtain and you can get some lucrative part-time work from service calls. Longer term, though, industry rather than vendor certs will be more helpful.

I suppose I see things a little differently. As a local government "employee" I see a lot of people who are directed to provide service and information to the public using little or no budget to do so. Some crackhead comes in to the employment office to try to get a job (maybe, but who knows) so they can keep unemployment benefits...you cannot really deny them the service you are obligated to offer, even if you cannot afford to do it correctly. Just wait until all of this regulation hits the healthcare fields in the US....cannot afford to provide surgeries right, so we take shortcuts and quit cleaning tools, etc.. The point is, it may not be that the IT specialist is knowingly doing anything wrong, or may be doing exactly what he/she was told to do in order to keep their job. How do we know what all the internet facing kiosk machine can see? Maybe they can only see each other and the internet, maybe not even that. Would I enter PII on it? Definitely not, nor any public machine, but each to their own. Security efforts must be related to risk and target value. Why would an organization spend $50k to protect something only worth $25k (litigation included)? If they have nothing to protect, they would likely not do so, especially in business? Everything comes back to money, unfortunately. Sorry, I will hop off my soap box now.

Modify /usr/NX/etc/server.cfg: EnableAdministratorLogin = "1"

Kind of asking for it, aren't you 5ive?

The files themselves were not my concern, but rather having all of the tools available to compile software would be. Without headers, dev packages, and compilers, the box would be a little less useful to someone other than myself. File servers are great to tip because people tend to ignore them for the most part, they are great for launching...well, nevermind :).

Probably the easiest way to keep it from trying might be to disable the network devices on the laptop while you are recovering. It should not load the modules (assuming modules as it is most likely) if it cannot find the devices.

If you must have the networks separated, you can install a second NIC in your system and bind your virtual NIC to the second NIC on the machine and use VLANS/firewalls/whatever to segment your network. I would be very hesitant to leave a lot of tools on a machine that is left alone like a file server. For me, I would not even have compilers installed on it, but that may be a little too paranoid for some.