You mention that you are at the beginner level for security things, so I will deviate a little bit and say that you should probably get certifications in the areas of security that you aren't as familiar with at first.  If you have 10 years with windows, start studying and working towards a certification in something you aren't as familiar with before going for CEH or any of the pen testing certifications.  Shoot for the RHCT or an LPI certification and get yourself more familiar with a *nix environment as a lot of the certifications ask you a lot of questions that you will mostly know the answers to if you are pretty comfortable in *nix.  From there, the Security+ is more heavily focused on the technical side of things and will get you a little deeper, once you are comfortable there, I'll again deviate and say that one of Ed Skoudis's SANS classes isn't a bad way to go.  I've taken 2 courses from him, and I felt like I definitely knew a lot more leaving than I did going in.  At that point, you should know enough to figure out what direction you want to take, whether it's going to be corporate security, pen testing, consulting or something completely different. 

Hope this helps.

The Security+ is a lot deeper in certain areas than the CISSP.  I used the Security+ in order to work on my MCSE: Security, and I got it during the time I was studying for the CISSP.  I found that some of the stuff on the CISSP helped however the Security+ certification seems to almost assume that you have the knowledge of the Network+ stuff because all of the review material was much more focused on the technical side of life rather than the policy side of life like the CISSP.  While I know that folks will probably frown on this, I studied for the Security+ using the Exam Cram book because I'd already been doing this stuff for a while and I wanted to figure out where I was lacking knowledge and fill in the gaps.  If you are studying for the CISSP and have some real world experience, that may not be a bad way to go, and then the areas that you are missing you can probably find good references on the internet to augment your knowledge. 

Bonjour is a protocol that Apple products use to communicate.  You can find out more about it here: http://en.wikipedia.org/wiki/Bonjour_(software) .  It is used by iTunes and others, so if it associated with those applications then it is likely normal, otherwise, you may want to further investigate.

I know you have already bought the books, but I figured I'd share anyway.  I have looked over Hacking: The art of Exploitation and it looked good.  I've had some other people recommend it to me as well.  I just got the Shell Coders Handbook and have made it through the first 2 chapters.  It is incredibly in depth, with great examples that you can follow along with.  It is however, one of those "makes your brain hurt" books if you haven't done assembly and OS stuff in a while.  I'm really glad that I have it.. and I'm also really glad that I don't have time to sit down and read it for long periods of time, otherwise I might pull something   Other stuff that has helped me a lot lately that are more free resources, are http://www.darkreading.com and looking at some of the code to metasploit.  I "borrowed" the shell code from metasploit for use in another languages exploit and their method of putting forth the exploit itself and the stuff you're going to be injecting is really informative.   Also sans has some great webcasts that are archived, for instance after https://www.sans.org/webcasts/show.php?webcastid=90649 you'll be all "I know kung-fu" and someone else will be all "show me".  Anyway, hope this helps someone

I am not sure that you should start at an either/or place regarding learning operating systems and programming.  In order to figure out how things work together, it helps to pick a task that you want to accomplish, and then work towards writing something that will accomplish it.  An example might be figuring out how to write a perl script that will determine if logins are working on your web page.  To do this, you might start out by figuring out enough sys admin to install apache, configure it along with php and from there write a simple script that  will load a password file from a directory and allow login attempts based off of that information.  Once you have that working, break out some perl and start off with hello world and then work towards creating a perl LWP page that will log into the page and then send an email if you can't login.  Figure out how to add that script to cron to run automatically.  Once you've got a feeling for how some of this stuff works, and have gotten some basic scripting down, then there are plenty of games to play online.  A while back, I played around at http://www.hackthissite.org/ to get a feeling for what types of things you might encounter, and they have forums that will help you through it if you have trouble.  Figure out what is broken, but more importantly, figure out how you might fix it if it were you.  As far as Pen Testing goes, if you can't tell people how to fix the things that are broken, then you won't be nearly as useful.  As you start exploring, you will start running into tools to figure out how to diagnose problems, like using nmap to figure out what services your box has exposed to the outside, and then when you find ports that you aren't sure why they are there, figuring out how to use netstat to determine why they are there, and then digging further.  Now that VM's are so prevalent, play as much as you can, if you break it no big deal, figure out how to fix it, you'll learn a lot more that way anyway.  As far as I'm concerned, programming languages, applications, and operating systems are all tools that you use to get your job done.  Pick tasks that you want to accomplish to get to know your environment, and once you have a feeling for your environment then you can start figuring out how to make that environment do things that it may not have been intended to do, and that's when the fun starts   Anyway, just my opinion, but I hope that this at least gives you some ideas if it doesn't give you a good starting point.

People may be able to give you some more information if you can describe what you want to do with the packets between the client and the server.  If you are trying to get the server to do something it isn't supposed to, if you can determine the protocol that is being used, it may be easier to write your own basic client outside of flash.  If you are needing to only change one type of packet, you may be able to do a man-in-the-middle type attack where you intercept the whole conversation and act as a relay between the client and server, and write automated modifications of the packets that you specifically want modified. 

Since you already have access to Cisco equipment for the CCNA, you may want to work on your CCSP.  Make sure when you hit college for your Computer Science degree, that you pay attention in assembly class, I wish that I had paid more attention there.  If any scripting languages are taught, that will be helpful for you to pick up either there or on your own.  As far as certs go, I wouldn't go and get a lot of certs before you get experience in the workplace.  They may get you in the door some places, but if you load up on certs now, they will be a pain to maintain later.  It sounds like you already have some strong certs, with CISSP being a good one to come later, but you can use the certs in the future to potentially leverage more pay in jobs once you start.  If you are interested in SANS classes, the 504 class isn't a bad start, I really enjoyed it.