I am running a Netware 6.5 server and use Remote Manager to login from
home to check things. I have already used filtcfg to filter port 8009 -
but is there any way to further lock down remote manager by not allowing
regular users (i.e. not admin-equivalent) users to login.

I have logged in as a regular user and they are able to see any volumes
they have access to - I have some sensitive data on one of these volumes
and would like this NOT to be able to be seen from home by regular