You might want to checkout, http://www.vmware.com/products/player/ It works great and is free if you are looking to play with any *NIX operating system.  It will also run better than the live CDs do and you don't have to reboot.

Edit: You do have to register with VMWare, but its not too painful.

With DD-WRT, I would recommend this and then throw her WEP wireless network on its own VLAN (another option supported by DD-WRT).  This would help separate her Nintendo DS traffic from the rest of your network and help make it a little more secure.  Also, I don't think MAC filtering would hurt too much. 

I think Win7 is great (especially  for the end user).  In my opinion, it does seem to use quite a bit of RAM in comparison to Linux alternatives (and my preference).  But I still like Win7 for the occasional game or Windows tool.  However, I understand that memory management is a totally different animal in Win7. 
Also, WinXP came out at the end of 2001.  That is ancient in terms of computers/operating systems. 

Simply, EPIC!

Edit: I probably shouldn't help with this.

If the 10 year old backdoor truly exists, I'm kind of surprised it wasn't discovered sooner. 

For sure.  Depending on the industry SIEM is not only recommended but required.  Then again, configurations and those receiving the alerts could come into play. 

All the "sir"s makes reading your replies very difficult, but I will throw out some things for you to think about.

1) Because newer/better technology exists, that doesn't mean it is being used.  The larger the corporation, the cheaper they become.  Large corporations are focused on the bottom line.  So if old technology still functions, the people calling the shots often believe there is no reason to upgrade.  At a previous employer (of 6 years), I only recall one upgrade to the network which resulted from some legal issues.

2) Because newer/better technology is in place, that doesn't mean it has been configured properly.  I'm sure everyone has their stories of software/network appliances that was left with default configurations and (could have) allowed an attacker (pentester or malicious) to just skate past it.  An admin may not be familiar with the equipment or software.  They might just not know better or they just trust the default settings to be the "best" option.

3) Generally, there are exceptions to rules.  At previous employers, I have seen management use "their discretion" to disregard company policies.  Just an example, Manager Larry tells Admin Bob to add his personal laptop to the company network (generally a "no no").  I know this indirectly applies to your OP, but you cannot discount the human element.  

4) As hayabusa said, IT/SystemAdmins are usually very busy managing multiple systems.  Actively checking logs and monitoring systems generally is a luxury.

Those are a few things I could think of to address your concerns in your original post.  Definitely, there is some really cool technology available, but for various reason I doubt you will see it (all) applied.  You could always run a port scan on your internet facing IP not only to see what is open, but also to see if your ISP filters the traffic or send you any kind of communique.  

In my opinion, it seems like this is really bad policy that will do little in tracking down major threats to National Security.  Sure, the Feds will intercept a few a few solid pieces of intelligence, but I doubt the policy will have a lasting impact on National Security.
If you ask me, I think potential National Security threats would communicate via stenography, book ciphers, and possibly number stations (no, I don't wear a foil hat).  Methods might be improved or modified, and new technology or methods would emerge.  Also, I wouldn't be surprised to see new email providers pop up that provide confidential and privacy protected email communication (much like PRQ's "refugee hosting").  


It is said that Rhyming Cockney was developed for similar reasons.  I'm sure there are other examples, but I'm with sil and H1t on this.  The Feds will see the same old tricks again.

I'm very interested to see where this goes.  Possibly a new IT empire? 

I would like to see some more development of the Mono projects, but I'm concerned that may be one of the intellectual properties MS purchased through CPTN Holdings.  If MS bough the rights to Mono, I see it going a few ways.  1) They archive the code, and do nothing with it. 2) They develop a .NET and Silverlight framework for Linux that is closed source.  I'm not a huge open-source fanatic, but I wouldn't be enthused to install MS closed source binaries (kind of a trust issue).  Although, it could mean great things for *nix users. 

My favorite sentence of that whole article, because we all know you have to be from China or Russia to be a good hacker.   *facedesk*

The DD-WRT runs on a Linux on the back end, but it has a web interface that is very similar to that of the Linksys web interface.  Knowing or not knowing Linux isn't really an issue with the firmware.  I was recommending it because it it allows you to have much more control over your wireless routers and unlocks a lot of features you might be interested in.  Since there are also some guides, I also figured it might help you out.

You are welcome to send me PMs if you would like, and I will do my best to answer them when I have free time.

I would say check out: http://www.dd-wrt.com/site/index.  This is Linux based firmware that is available for many older wireless routers/APs.  They have a few tutorials on there, that might help you out.
If you are looking to separate the networks the machines are on, research sub-netting and VLANs (both are common solutions).  Follow sil's advice, the man is brilliant.

H1t, as some one who is coming up behind you and planning on taking the OSCP in about a year, I greatly appreciate you sharing where you struggled with the exam.  It sounds like you have learned a lot from this whole process, and it sounds like you should knock it out of the park on your next attempt.

Everyone learns in different ways.  I have managed to learn how to work with and admin all the different operating systems hrough comparing and contrasting their differences.  As far as Unix/Linux based operating systems go, I first learned my way around Linux.  Then when I went to learn BSD, I expected it to be very different but really found it to be quite similar in many aspects.  I have taken the same approach to every different version of Windows that has come out over the years.  

If you ask me, an OS is a tool.  You don't use a hammer to drive a screw (it would work, just not well), so how can one OS be a super tool?  The graphic designers at work use Apples, the advertising people use Windows, and a few developers have started to use Linux.  In each case, they are using the better tool for their job.  I recently helped those developers switch to Linux, and they have reported productivity increases.  In each case, I would argue that they are using the superior tool for their job.  All 3 operating systems have been brought up to company security standards, and it was all very similar process.  Set passwords, install and configure firewalls, install antivirus, and install updates.  The steps are different yes, but the general process is the same.  

The point I'm trying to make, learn all the operating systems.  Learn how to harden them, and their strengths and weaknesses. Don't fall into the "fan boy/girl" mentality that there is one operating system to rule them all.

I admin Windows, Mac, and Linux (BSD/Unix too) machines professionally and at home, I agree that Linux is easier to harden in many extents.  There are some decent tools built into Windows to help harden it a bit, but a lot of stuff is buried deep in their labyrinth like menus.  At the same time, you can't really rely on Windows Firewall and many users skip/disable some fairly simple options for helping secure their computers.

I have mixed feelings about Macs.  I've read and seen some things that made me realize that Apple isn't as secure as their marketing hype and hand waving wants you to think.  At the same time, they aren't commonly targeted for attacks.  But, I have seen Safari (on a Mac) get hijacked by drive-by-downloads more than once to make me laugh at their "virus free" marketing.

Linux is great.  Many distros come with iptables installed, but not enabled or with a blank configuration.  Its great practice for EH.net'ers to write our own firewalls, but this is something an average user isn't going to do.  All in all, most distros are great for the end user out of the box, but I wouldn't stick with the default install for a production/internet facing server.  

With that said, to address your original question: I personally wouldn't use BackTrack for a workstation.  If you want to run a Unix/Linux, I would recommend going with *pick your favorite flavor* (Ubuntu, CentOS, Debian, OpenSUSE, PCBSD.....).  Once you do that, learn how to harden that distro and apply what you learn to other distros.  If you don't mind working in Windows as the host OS, why not read up on some of MSCE security stuff.  I'm not saying "study for the MSCE" (unless you want to), but it wouldn't hurt to have some the knowledge on how to harden Windows.  Learning about to harden *pick any operating system* will also help you learn about some commonly overlooked things that would help with privilege escalation (Windows administrator accounts without a password for the win).