I want to do some remote testing on my home network today, and I have two questions,

one:

How can I attack a remote system (live cd:ip 192.168.1.100) over the internet? I may not have a a full understanding, but I was under the impression that private Ips are not routable over the internet, so I don't know if I could, which begs the question of how a pentester does a remote test of a client.

Two:

Is it legal to use a public wi-fi hot spot for hacking your own systems? I would assume the tos of the hot spot would be the issue here, but im thinking, running an nmap scan even just against one computer, could cause bandwidth issues for other users, that is more of an ethical delima however.