Over in our News Analysis section, we wrote up a story about a Network Instruments survey in which network engineers expressed concern about their ability to keep VoIP apps up and running.

Our technology editors had their own thoughts:

If anyone is interested in the Hacking Intranets presentation I gave this week, video (which very poor audio quality, unfortunately), slides, and the demo code are available online. I'm not super-pleased with the results as I think I tried to cram too much information into too short of a time-frame (especially when 15 minutes were subtracted from the length I had to present in!), but the take away of how easy it is to use web browsers to hack intranets is worth reiterating.

In preparation for my upcoming presentation on web security and abusing browsers, I was going over the long list of protection measures that either aren't in place, or don't work against the potential threats, when I stumbled across one bright spot in an otherwise bleak landscape.

I'll be making a very brief appearance at Infosec World next week. If anyone's planning on being there and would like to stop by and say "hello", I'm unfortunately presenting at 8:30 on Tuesday, and leaving just after my talk. Still, if for some odd reason you've got a burning desire to see how young I really look in person (Answer: I'm 27 and walking around campus where I work, I'm regularly mistaken for a freshman), here's your chance to find out.

I realize that might be an early talk for those west-coasters still not used to our EST sunrise, but I can promise you the demo for the talk will be entertaining. I won't be presenting any earth-shattering attacks, mostly things that those on the cutting edge of web security are familiar with, but the hands-on examples should be a lot of fun.

OpenBSD is usually touted as one of the most secure networked operating systems. Of course, part of that reputation was gained because for years it's disabled unnecessary services (or even sometimes mostly necessary ones -- like SSH) by default. Still, defaults aside, OpenBSD.org has for many years now had the tag-line, "Only one remote hole in the default install, in more than 10 years!" Just in the last few days, however, that tag-line has changed. The count's now jumped to two remote holes in the default install.

If you follow this column regularly you know that I don't cover the software aspect of wireless and mobility very often, but recently when user posted a question about managing client Wi-Fi profiles in a listserv I follow I thought that perhaps some enterprise wireless IT managers and admins might benefit from some of the responses that were posted in regards to that question and in previous threads.

Being always connected may be good for productivity, but it can wreak havoc with peace of mind.

Remember the battle between thin and thick access points? It's now been almost five years since Symbol Technologies, once the leading enterprise WLAN innovator, launched its Mobius "wireless switch," a diabolically deceptive name if there ever was one. Startup vendors Airesapce, Aruba Networks, and Trapeze Networks quickly followed suit, with similar product offerings packing enhanced functionality. The battle for best WLAN architecture continues to this day, and with new technologies like 802.11n and dual-mode telephony on the long-term strategy agenda of most enterprise network planners, the war continues. It's largely a battle for customer lock-in, because when it comes to enterprise WLANs, switching packets is a whole lot easier than switching vendors.

The co-founder, president and CEO of Imperva, and co-founder of Check Point, discusses database and Web application security.

Listen Now | Read The Interview

According to soon-to-be-released research from In-Stat:

The most effective way for an organization to manage its telecommunications resources is to treat wireless the way most organizations treat wireline services and other business productivity services. This means that users contract for centralized billing for business lines and allow for some incidental personal usage.

In an otherwise slow news day, this caught my eye, from an interview with Microsoft's CIO:

Q: How about the things we are hearing a lot about--spam and spyware?

A: We get a lot of spam. We get 10 million e-mails a day coming into Microsoft. We delete more than 9 million of those as spam.

Over 90 percent -- Wow!

Network Computing's editors and tech experts were in Orlando this week reporting from the forum for business IP telephony. Here is a list of the news, analysis and highlights from the show:

Verizon recently won a lawsuit against SMS spammers.

As e-mail providers, ISPs and enterprises have cracked down on e-mail spam, spammers have looked toward other mediums including instant messaging (discussed in Mike DeMaria's article this month on IM security appliances) and SMS.

Carriers have been cracking down on SMS SPAM as of late with some unintended consequences.

In our preliminary testing of Mobile Device Management software for the April 30th issue of Network Computing, two vendors found that SMS messages, sent via e-mail and used to reach mobile endpoints, were being rejected by some carriers (presumably as spam). The same messages sent to other carriers, however, worked fine.

Organizations that use SMS, especially via e-mail gateways, for enterprise applications may look to conduct monthly tests with all possible messages to ensure that messages aren't rejected in the fight to prevent SMS SPAM.

Last week our readers swooped in with their contributions to our Top 11 list, "Top 11 Reasons Batman would make a poor InfoSec Manager." But not everyone thought that the Caped Crusader would do a shoddy job protecting critical corporate data. Reader Matt Duda assumed the mantle of the Dark Knight's defender and sent in his own Top 10 list as to why he thought Batman would do a great job! So in the interest of fairness, we present Matt's list to you.