If you can do socket programming with python you're set. Here's a handy resource: http://www.binarytides.com/python-socket-programming-tutorial/

Wow what a lucky break Glad to hear you're getting your device back. I myself am guilty of not installing tracking devices like that, although I do make an effort to ensure the device is encrypted.

What about Prey? Still depends on an internet connection being present and is defeated if the thief replaces/formats the hard drive.

It's all about time management. Don't forget to take breaks and eat. If you get stuck, step away from the monitor and take a breather. Focus on one target at a time, if you try to tackle them all simultaneously you run the risk of getting confused.

Well done

You can use xrandr. Eg: xrandr -s 800x600

I'm not sure what vulnerability you're referring to...? Are just talking about basic authentication for websites?

I use 1Password for most of my accounts.

I've heard that they will be updating the course but as for when, I have no idea. If you plan on taking PWB, and you're new to hacking, I would probably stick with Backtrack (despite what I said in my previous post). If
you've already got a handle on what tools to use to get things done, you can certainly use other distributions.

As I said, Backtrack is no longer supported so you may run into some walls when trying to fix things that don't work. Certain tools referenced in PWB no longer come preinstalled with Kali (eg: unicornscan, MinGW), although you can certainly install them yourself. In fact, I believe the course material uses Backtrack 4, and when I took it, 4 was no longer supported and I was using 5R3 so some things were already different then. As long as you do a bit of reading and research, you should be able to follow the course material without too many problems.

Backtrack is no longer supported. While that doesn't mean it's useless, if you're just starting out, I recommend using a distribution that's supported so you can get some help when the time comes. My preference is currently with Kali, but there are other alternatives such as Pentoo and Backbox. You could even use any distribution and just pick the tools you need. Pentesting distributions typically pack a lot of tools in them, but you're probably going to use only a small handful, so you can just install those on your own distribution of choice.

However, if you do poorly in the exam, they do take your lab report into consideration. I know a few people who barely missed the exam mark and were still able to pass thanks to their lab report.

I found FireSheep to be somewhat unstable from my past experience with it. Honestly, if you want to understand how session hijacking works, just do some reading on it. Like cd1zz said, all you need is Wireshark. Here's something to start with: http://www.cleverlogic.net/tutorials/session-hijacking-facebook-accounts

You would want to pay for one if you're not interested in managing it on your own. Typically it means having a dedicated server with a static(ish) IP address that you can access when you need. If you don't have the time or knowledge to secure and manage it, then purchase one instead. One thing I should mention with regards to anonymity, in case it isn't obvioius: if you setup your own VPN at home and you VPN to it in an attempt to anonymize yourself, the IP address that gets logged when you connect to a server is your home IP address. This would be another reason to pay for a service, as some of them have gateways around the world (Greece, Netherlands, etc) and clients share a single IP address making it difficult to map an IP address to a person.

From what I've seen, there are generally three things most regular people use personal VPNs for: downloading pirated content anonymously, viewing streaming video content that's not available in their region (eg: US only), and added security when using public wifi.

Congrats jasong

This is exciting news. To answer your questions:

1. Definitely. Looking forward to it.

2. Not very much at all.

3. Unsure.

4. I'd be willing to help test.

5. If it means less spam, then yes, I'd be willing to help moderate. I work full time but I'm on EH pretty much everyday, so sure.

6. Not me forte.

7. Doesn't matter to me.