> > The best thing to do is take the nit support out of the kernel and > > remove /dev/nit. Now someone would have to build a new kernel and > > reboot the machine to replace the nit support. > > > is it not possible for a hacker to set his own boot device before performing > his reboot, and then reset it back to whatever-it-was later? ie by messing > with /dev/openprom or whatever its called Sounds too complex to me... If you take out NIT, I know of two ways I can put it back in WITHOUT rebooting. Modifying running kernels isn't all that hard. Remember, anything is possible... -Mike mcn@EnGarde.com En Garde Systems Computer Security Software and Consulting