Anyone got any suggestions for reading material? I'm interested in knowing how easy/hard/impossible it would be for an intruder to alter a running kernel in order to bypass audit mechanisms. Thanks, Colman To Unsubscribe: send mail to majordomo at trustedbsd.org with "unsubscribe trustedbsd-discuss" in the body of the message