CHAPTER 28 System Security
Mark Henderson's change-sun-hostid package provides a lot of useful information about Sun NVRAMs, including how to change the hostid and how to recover should the NVRAM battery fail. It can be found at: http://www.squirrel.com/squirrel.
Using STOP-A, or break, anyone can interrupt your machine and reboot from CDROM or their disk, and have complete access to your files. To help prevent this you should password protect your EEPROM. You are allowed 3 levels of EEPROM security, none-secure, command-secure, and fully-secure. The first one is the default, i.e. no security. Anyone can issue any command at the EEPROM prompt. With command-secure a password would have to be used to boot from anything other than the default device. The most secure is fully-secure, where the password has to be supplied to boot in all cases. The EEPROM password is different from the OS password. Should you forget your EEPROM password you won't be able to change it unless you have access to the running system; from there you can use the eeprom command to reset any EEPROM parameters. So whatever you choose for this password, make sure it's easy to remember or you might just lock yourself out of your machine. In which case, you might have to buy a new EEPROM (which in some cases involves swapping the CPU).