Edith & Associates is a modern law firm. They have an Internet Link that is an ADSL 8MB links from JJNET. The server they are to deploy will the main service giving server and will give email services to 98 users in the organization by the use of SMTP and IMAP services. The server will also serve the organisational web page using Apache services and should be accessible by all except those IP's that are determined to be malicious by the IDS. This list of denied IP's is reviewed monthly & Firewall routing is changed appropriately. This server is placed in a DMZ though it is expected that the server produced will be highly secure. The server will only run SSH for selected users from within the organizational network these are admin, jill and jack. Edith & Associates is strictly an 8:00am to 6:00pm operation at which point in time the premises are secured and all staff are made to vacate the premises. There is no access to the internal network after hours by any organisational staff. A number of staff want to access their POP3 accounts from the corporate ISP who has a dynamically allocated subnet range of 172.16.15.0-172.16.65.0 and management has agreed to this and have asked for a high level of security for the transport of the email across the Internet. The server will be backed up from 2-4 am every morning. DNS services are forwarded from the ISP's DNS Server, which has an IP of 172.16.1.1. Edith & Associates has an internal IP address range of 10.77.27.X and should permit all connections from this address space to the server. The server should also have IDS capabilities.
a. Deploy a secured Linux Server that will run set network services & functions, including the setup and configuration of network countermeasures and forensics capability. The server will require to run the following servicesWeb Services - ApacheEmail Services - IMAP and SMTPSSHAs a minimum the server should have firewalling and intrusion detection solutions deployed with full logging.
b. Create the associated documentation associated with the policies and procedures relating to the deployment of the server.