From: Karanbir Singh <mail-lists at karan.org> > What other, reasonable, steps should one consider ? I think you can password protect the interactive editing in grub. Did not see: - Disable usb booting (and CD, if there is a CD/DVD drive). - lock the server case (if there is a lock). - enable case intrusion detection (if available). JD