*Caveat* I am not an Assembly guru by any stretch of the imagination.
From what I know you are correct that Assembly doesn't use file handles it uses memory addresses instead (I think).  You could definitely write an Assembly program that accessed a locked file using it's memory address.  Although you might be limited in what you could do with it.

I am reading the 1st Edition of this book right now so far it is great!

Your biggest problem is trying to exploit a fully patched windows xp box with metasploit.  If you want to learn more about metasploit and practice pen testing techniques don't attack a fully patched box in your lab. 

Metasploit doesn't have any zero day vulnerabilities included in it (currently) so you are never going to be able to successfully exploit a fully patched box with metasploit right now.  Now if you really want to exploit a fully patched xp box you should take Billv's suggestion to heart because that is going to involve getting into zero day vulnerability research.  Which requires an in depth understanding of how exploits work.  If you want to get into that I recommend starting by reading Hacking: The Art of Exploitation, 2nd Edition. 

Wouldn't it be ironic if it turned out she was really in on the scam?  Maybe she secretly wanted to divorce her husband so she empties their accounts and goes into major debt because of a "scam".  Then Bang!  She files for divorce and the scammers kick her back a percentage.    

That's probably not what happened here but that would make a nice scam.

Congrats and Good Luck!

I would guess false positive but wouldn't guarantee that.    On a kinda unrelated question is there a reason virustotal misspells analysis as analisis?  Or is that a correct British spelling and I am being a stupid American?

Thanks for all the suggestions.  I would love to get the Master Library  but that is a little out of my price range right now.  I probably break down and get the "Practical Packet Analysis" book and just keep dreaming about Laura's collection.

http://www.shadowserver.org This organization is a good place to start.  It is run by volunteer Info Sec specialists.  They track and analyze bot nets.  They also coordinate with the proper agencies, US and International, to get the bot nets shutdown when they have gathered enough information.

I have been looking for a good book about packet analysis.  I am really not looking for a book about a specific packet sniffing tool.  I want one that really digs into analyzing packet contents.  I have been considering getting "Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems" but I am not sure it is what I want.  Has anyone read it?  Is it any good?

I played WOW for a few years.  I quit just after the first expansion came out.  Like most games it had it's good and bad points.  The bad points have already been noted here already i.e. lots of time to be good and solo play not much fun and difficult.  Other then some personal issues I had with Blizzard the main reason I quit playing was the time factor.  My buddies mostly play Eve now and they say it is much more time friendly.

If they haven't locked down Internet access when using Citrix.  You could setup a web server with a privilege escalation browser exploit and surf to that website while logged in as your user.

I agree it is good reading.  If you go down to the FAQ's under Fyodor's explanation there is a link to Robert Lee's response.

http://blog.robertlee.name/2008/10/conjecture-speculation.html

I can't believe he got a VPN server for less then a dollar.   

I am really glad they are being responsible about disclosure on this one.  If it is as bad as they say things could get bad quick.  I am definitely with you on this one RR, really hope it is just hype.  I am looking forward to finding out the details as soon as it is patched.

It's more active then it first appears.  We also have a lot of lurkers.