Using Novell iMonitor 2.4 221novdocx (en) 11 July 2008SASLDAPSNMP8.5 Ensuring Secure iMonitor OperationsSecuring access to your iMonitor environment involves the following protective steps:1. Use a firewall and provide VPN access (this also applies to Novell iManager and any otherWeb-based service that should have restricted access).2. Whether a firewall is in place or not, limit the type of access allowed through iMonitor tofurther protect against Denial of Service (DoS) attacks.Although substantial efforts have been made to ensure that iMonitor validates the data itreceives via URL requests, it is nearly impossible to guarantee that every conceivable invalidinput is rejected. To reduce the risk of DoS attacks via invalid URLs, there are three levels ofaccess that can be controlled through iMonitor’s configuration file using the LockMask: option.Platform Command or ToolNetWare Create SAS Service object and Certificates using iManager.Windows Create SAS Service object and Certificates using iManager.Linux, Solaris, and AIX ndsconfig add -t tree_name -o server_context -m sasPlatform Command or ToolNetWare Create LDAP Server and Group Objects using iManager.Windows Create LDAP Server and Group Objects using iManager.Linux, Solaris, and AIX ndsconfig add -t tree_name -o server_context -m ldaporCreate LDAP Server and Group Objects using iManager.Platform Command or ToolNetWare SNMPINST -c adminContext password ServerDNWindows rundll32 snmpinst, snmpinst -c createobj -a userFDN -ppassword -h hostname_or_IP_addressLinux, Solaris, and AIX ndsconfig add -t tree_name -o server_context -m snmp