Assignment task: Harden a Bastion Host
Scenario:
A Web server is a bastion host that uses Secure Sockets Layer (SSL) for customer activity. In addition, the server provides Secure Shell (SSH) access to administrators. The security team has a hardware firewall in the demilitarized zone (DMZ), and you need to provide additional layers of security on the Web server by using a software firewall and Transmission Control Protocol (TCP) Wrappers.
Tasks:
Research and make recommendations about how the organization should harden a bastion host in the demilitarized zone (DMZ) that will serve data to users on the Internet.
Design some appropriate firewall rules.
Describe when it is appropriate to use TCP Wrappers.