How to Configure Iptables Firewall for 389 Directory Server on CentOS 6.2

In this post i will show the ports that need to be by passed in iptables firewall in order to make 389 Directory server accessible and working perfectly. Before the Windows Console (installed 389 Console.msi) from client’ PC connecting to 389 administration server, there are 3 important ports has to opened from iptables firewall. This will allow linux administrator or LDAP administrator to perform LDAP server search query or linux administration’s task. There are three(3) ports that are normally should be opened on 389 Directory Server.

a) Port 389 (ldap)
b) Port 636 (ldaps – only if using TLS/SSL)
c) Admin server port (9830 by default)

Run netstat command to see opened port :

[root@centos62 ~]# netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1105/sshd
tcp        0      0 127.0.0.1:5432              0.0.0.0:*                   LISTEN      1140/postmaster
tcp        0      0 0.0.0.0:9830                0.0.0.0:*                   LISTEN      1415/httpd.worker
tcp        0      0 :::22                       :::*                        LISTEN      1105/sshd
tcp        0      0 ::1:5432                    :::*                        LISTEN      1140/postmaster
tcp        0      0 :::389                      :::*                        LISTEN      1792/ns-slapd

Open the iptables firewall configuration file then enable port 389, 636 and 9830 go through iptables firewall :

[root@centos62 ~]# vi /etc/sysconfig/iptables

Add these three(3) lines:

 
-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9830 -j ACCEPT

Then restart the iptables firewall :

[root@centos62 ~]# service iptables restart

How to Fix “cannot restore segment prot after reloc: Permission denied” error While Restarting zmcontrol on Zimbra

Question :

I want to start the Zimbra services. But i am getting the following issue while restarting zmcontrol using “zmcontrol start” command as per below error messages :

[zimbra@mail ~]$ zmcontrol start
Host mail.bloggerbaru.local
        Starting zmconfigd...Done.
        Starting logger...Done.
        Starting mailbox...Done.
        Starting antispam...Done.
        Starting antivirus...Done.
        Starting snmp...Done.
        Starting spell...Failed.
Starting apache...httpd: Syntax error on line 232 of /opt/zimbra/conf/httpd.conf: Cannot load /opt/zimbra/httpd/modules/libphp5.so into server: /opt/zimbra/httpd/modules/libphp5.so: cannot restore segment prot after reloc: Permission denied
failed.

Answer :
It was SELinux caused the Zimbra services problems failed to start and you have to disable selinux file as below :

1. Disable SELinux on your next reboot.

[root@centos6 ~]# vi /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

To disable SELinux, without having to reboot, you can use the setenforce command as below:

[root@mail ~]# setenforce 0

2. Rerun zmcontrol start command again :

[zimbra@mail ~]$ zmcontrol start
Host mail.bloggerbaru.local
        Starting zmconfigd...Done.
        Starting logger...Done.
        Starting mailbox...Done.
        Starting antispam...Done.
        Starting antivirus...Done.
        Starting snmp...Done.
        Starting spell...Done.
        Starting mta...Done.
        Starting stats...Done.

How to Disable iptables on Linux CentOS 5.7 Server

Iptables is used to set up, maintain, and inspect the tables of IPv4 packet filter rules in the Linux kernel. It can run as a host based firewall if properly configured. Iptables places rules into predefined chains (INPUT, OUTPUT and FORWARD) that are checked against any network traffic packets. In certain case, system administrator will need to disable this iptables due to some reasons. In this post, i will show the quick step to disable iptables on linux CentOS 5.7 server. This steps may working on other version such as CentOS 5.1, CentOS 5.2, CentOS 5.3, CentOS 5.4, CentOS 5.5 and CentOS 5.6.

1. How to stop iptables on Linux RHEL 5/CentOS 5 server :

[root@CentOS57 ~]# service iptables stop

or

[root@CentOS57 ~]# /etc/init.d/iptables stop

How to stop ip6tables on Linux RHEL 5/CentOS 5 server :

[root@CentOS57 ~]# service iptables stop

or

[root@CentOS57 ~]# /etc/init.d/ip6tables stop

Note : Ignore this steps if ipv6 not configured or disabled
2. To ensure that iptables will not start after rebooting, please run this chkconfig command :

[root@CentOS57 ~]# chkconfig iptables off

3. How to check iptables status on Linux RHEL 5/CentOS 5 server. Make sure that it was stop :

[root@CentOS57 ~]# service iptables status
Firewall is stopped.

or

[root@CentOS57 ~]# /etc/init.d/iptables status
Firewall is stopped.

How to Install nmap on RHEL 6 Linux Server

Nmap (“Network Mapper”) is a free and open source tool for network exploration or security auditing. It can help you to find open port on a network. Nmap very useful for system and network administrator to perform system and network administration’s task and sometimes may helps in troubleshooting to narrow down the issue. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In this post i will show the quick step to install nmap on your Red Hat Enterprise Linux 6 (RHEL 6) server.

Simply run the following yum command :

[root@rhel6 ~]# yum install nmap -y
Loaded plugins: rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package nmap.i686 2:5.21-3.el6 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package          Arch             Version                   Repository                        Size
====================================================================================================
Installing:
 nmap             i686             2:5.21-3.el6              DVD-RHEL6-Repository             2.2 M

Transaction Summary
====================================================================================================
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 2.2 M
Installed size: 7.2 M
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : 2:nmap-5.21-3.el6.i686                                                       1/1

Installed:
  nmap.i686 2:5.21-3.el6

Complete!

Type nmap without argument will show the available option for nmap command :

[root@rhel6 ~]# nmap
Nmap 5.21 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
  Can pass hostnames, IP addresses, networks, etc.
  Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
  -iL : Input from list of hosts/networks
  -iR : Choose random targets
  --exclude : Exclude hosts/networks
  --excludefile : Exclude list from file
HOST DISCOVERY:
  -sL: List Scan - simply list targets to scan
  -sP: Ping Scan - go no further than determining if host is online
  -PN: Treat all hosts as online -- skip host discovery
  -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports
  -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
  -PO[protocol list]: IP Protocol Ping
  -n/-R: Never do DNS resolution/Always resolve [default: sometimes]
  --dns-servers : Specify custom DNS servers
  --system-dns: Use OS's DNS resolver
  --traceroute: Trace hop path to each host
SCAN TECHNIQUES:
  -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
  -sU: UDP Scan
  -sN/sF/sX: TCP Null, FIN, and Xmas scans
  --scanflags : Customize TCP scan flags
  -sI : Idle scan
  -sY/sZ: SCTP INIT/COOKIE-ECHO scans
  -sO: IP protocol scan
  -b : FTP bounce scan
PORT SPECIFICATION AND SCAN ORDER:
  -p : Only scan specified ports
    Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
  -F: Fast mode - Scan fewer ports than the default scan
  -r: Scan ports consecutively - don't randomize
  --top-ports : Scan  most common ports
  --port-ratio : Scan ports more common than 
SERVICE/VERSION DETECTION:
  -sV: Probe open ports to determine service/version info
  --version-intensity : Set from 0 (light) to 9 (try all probes)
  --version-light: Limit to most likely probes (intensity 2)
  --version-all: Try every single probe (intensity 9)
  --version-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:
  -sC: equivalent to --script=default
  --script=:  is a comma separated list of
           directories, script-files or script-categories
  --script-args=: provide arguments to scripts
  --script-trace: Show all data sent and received
  --script-updatedb: Update the script database.
OS DETECTION:
  -O: Enable OS detection
  --osscan-limit: Limit OS detection to promising targets
  --osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
  Options which take 

How to Disable Firewall on RHEL 6

In this post, i will show how to disable Linux Iptables Firewall on Red Hat Enterprise Linux 6 (RHEL 6). A Linux firewall on RHEL 6 can be configured to filter every network packet that passes into or out of network. In some cases such as testing and development environment, you will need to disable the iptables firewall. To disable linux iptables firewall on RHEL6, you just to execute the following commands :

1. Before stop the iptables, save the firewall setting using the following command :

[root@rhel6 ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]

2. Stop iptables using the following command :

[root@rhel6 ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]

3. To ensure that iptables will not started at boot time, pleas execute this chkconfig command :

[root@rhel6 ~]# chkconfig iptables off

4. If IPv6 firewall is enabled, please disable it using the following commands :

[root@rhel6 ~]# service ip6tables save
ip6tables: Saving firewall rules to /etc/sysconfig/ip6table[  OK  ]
[root@rhel6 ~]# service ip6tables stop
ip6tables: Flushing firewall rules:                        [  OK  ]
ip6tables: Setting chains to policy ACCEPT: filter         [  OK  ]
ip6tables: Unloading modules:                              [  OK  ]
[root@rhel6 ~]# chkconfig ip6tables off

How to Install, Configure and Use Linux Iptables Firewall on CentOS 6.2

Iptables is the most popular packet filtering firewall package in linux. It can be used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. Iptables interfaces to the Linux netfilter module to perform filtering of network packets. In this post, i will show on how to install, configure and use Iptables Firewall on CentOS 6.2 server :

1. Check iptables installed package :

[root@centos62 ~]# rpm -qa | grep iptables
iptables-1.4.7-4.el6.i686
iptables-ipv6-1.4.7-4.el6.i686

2. Check Iptables version :

[root@centos62 ~]# iptables --version
iptables v1.4.7

3. If Iptables not installed, simply run this command to install :

[root@centos62 ~]# yum install iptables

4. Check Iptables status whether up or not :

[root@centos62 ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

If Iptables not running, it will return this message :

[root@centos62 ~]# service iptables status
iptables: Firewall is not running.

5. Display Default Iptables rules:

[root@centos62 ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

6. To start, stop, and restart iptables, you can run below commands :

[root@centos62 ~]# service iptables start
[root@centos62 ~]# service iptables stop
[root@centos62 ~]# service iptables restart

7. To set iptables start at boot :

[root@centos62 ~]# chkconfig iptables on

8. Display current opened port :

[root@centos62 ~]# netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1102/sshd   
tcp        0      0 :::22                       :::*                        LISTEN      1102/sshd   

Note : Only ssh port has been opened on this server and listening port is 22.

9. Add below line to enable certain port/programs to pass through firewall such as:

80 = Web service / httpd service
3306 = MySQL service / mysqld service

10. View and modify original Iptables configuration file :

[root@centos62 ~]# vi /etc/sysconfig/iptables

Original Iptables configuration file

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

11. Modify the Iptables configuration file as below. Add port “80” and port ” 3306″ :

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

12. Start httpd and mysqld daemon service :

[root@centos62 ~]# service httpd start
[root@centos62 ~]# service mysqld start

13. Print updated opened port :

[root@centos62 ~]# netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1102/sshd   
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      2482/mysqld 
tcp        0      0 :::80                       :::*                        LISTEN      2345/httpd  
tcp        0      0 :::22                       :::*                        LISTEN      1102/sshd   

How to Install Wireshark on CentOS 6.2

In this post, i will show on how to install Wireshark on CentOS 6.2 server. Wireshark is a free and open-source network packet analyzer that will help to capture network packets and tries to display that packet data as detailed as possible. This post assumed that you have set up local yum repository using your DVDROM. If you haven’t set up the local yum repository, please proceed to this steps :
How to Setup Local Yum Repository from CD-ROM/DVD-ROM image on RHEL 6

Simply run this command to install Wireshark :

[root@centos62 ~]# yum install wireshark
[root@centos62 ~]# yum install wireshark
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.maulvi.net
 * extras: centos.maulvi.net
 * updates: centos.maulvi.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package wireshark.i686 0:1.2.15-2.el6 will be installed
--> Processing Dependency: libpcap.so.1 for package: wireshark-1.2.15-2.el6.i686
--> Processing Dependency: libsmi.so.2 for package: wireshark-1.2.15-2.el6.i686
--> Processing Dependency: libgnutls.so.26 for package: wireshark-1.2.15-2.el6.i686
--> Processing Dependency: libgnutls.so.26(GNUTLS_1_4) for package: wireshark-1.2.15-2.el6.i686
--> Running transaction check
---> Package gnutls.i686 0:2.8.5-4.el6 will be installed
--> Processing Dependency: libtasn1.so.3(LIBTASN1_0_3) for package: gnutls-2.8.5-4.el6.i686
--> Processing Dependency: libtasn1.so.3 for package: gnutls-2.8.5-4.el6.i686
---> Package libpcap.i686 14:1.0.0-6.20091201git117cb5.el6 will be installed
---> Package libsmi.i686 0:0.4.8-4.el6 will be installed
--> Running transaction check
---> Package libtasn1.i686 0:2.3-3.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package         Arch       Version                                Repository                  Size
====================================================================================================
Installing:
 wireshark       i686       1.2.15-2.el6                           CentOS6.2-Repository       9.9 M
Installing for dependencies:
 gnutls          i686       2.8.5-4.el6                            CentOS6.2-Repository       336 k
 libpcap         i686       14:1.0.0-6.20091201git117cb5.el6       CentOS6.2-Repository       125 k
 libsmi          i686       0.4.8-4.el6                            CentOS6.2-Repository       2.4 M
 libtasn1        i686       2.3-3.el6                              CentOS6.2-Repository       239 k

Transaction Summary
====================================================================================================
Install       5 Package(s)

Total download size: 13 M
Installed size: 64 M
Is this ok [y/N]: y
Downloading Packages:
----------------------------------------------------------------------------------------------------
Total                                                                30 MB/s |  13 MB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : libtasn1-2.3-3.el6.i686                                                          1/5
  Installing : gnutls-2.8.5-4.el6.i686                                                          2/5
  Installing : libsmi-0.4.8-4.el6.i686                                                          3/5
  Installing : 14:libpcap-1.0.0-6.20091201git117cb5.el6.i686                                    4/5
  Installing : wireshark-1.2.15-2.el6.i686                                                      5/5

Installed:
  wireshark.i686 0:1.2.15-2.el6

Dependency Installed:
  gnutls.i686 0:2.8.5-4.el6 libpcap.i686 14:1.0.0-6.20091201git117cb5.el6 libsmi.i686 0:0.4.8-4.el6
  libtasn1.i686 0:2.3-3.el6

Complete!

How to Allow and Deny Access for Remote SSH to CentOS 6.2

In this post, i will show on how to allow and deny access for Remote SSH to CentOS server. This post will configure SSH access as follows:
– Only ehowstuff and root has remote SSH access to the machine within ehowstuff.local
– Clients within bloggerbaru.com should NOT have access to ssh on your system

Please note that all systems in that domain are in the 192.168.1.0/255.255.255.0 subnet, and all systems in that subnet are in bloggerbaru.com.

1. Modify ssh_config as below :

[root@centos62 ~]# vi /etc/ssh/sshd_config
AllowUsers ehowstuff root

2. Make sshd auto start on boot and restart sshd service :

[root@centos62 ~]# chkconfig sshd on
[root@centos62 ~]# /etc/init.d/sshd restart

3. Open iptables configuration as below :

[root@centos62 ~]# vi /etc/sysconfig/iptables

4. Append this line on your iptables setting :

-A INPUT -s 192.168.1.0/24 -p tcp --dport 22 -j REJECT

5. Restart the iptables :

[root@centos62 ~]# /etc/init.d/iptables restart

How to Deny ICMP Ping Request on CentOS 6.2

Ping is a computer network administration utility used to test the reachability of a host on an Internet Protocol (IP) network. Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP response. ICMP protocol is used by ping command to check the connectivity between two computers. By defaults all Linux CentOS servers will response on ICMP request. Hacker can misuse this service. They can generate countless ping requests to your Linux server. This is what called DOS denial of services.

Before changes, i can ping 192.168.1.44 as below :

D:\>ping 192.168.1.44

Pinging 192.168.1.44 with 32 bytes of data:

Reply from 192.168.1.44: bytes=32 time=1ms TTL=64
Reply from 192.168.1.44: bytes=32 time=1ms TTL=64
Reply from 192.168.1.44: bytes=32 time=2ms TTL=64
Reply from 192.168.1.44: bytes=32 time=1ms TTL=64

Ping statistics for 192.168.1.44:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 2ms, Average = 1ms

In this post, i will show on how to block ICMP ping request from others.

Method 1 :
To disable ICMP ping immediately, type the following command :

[root@centos62 ~]# echo  1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

Method 2 :
To disable ICMP ping after reboot, modify the /etc/sysctl.conf as below. This will permanently disable the ICMP ping echo. Kindly append at the end line of the file :

[root@centos62 ~]# vi /etc/sysctl.conf
..
..
..
# Controls the maximum size of a message, in bytes
kernel.msgmnb = 65536

# Controls the default maxmimum size of a mesage queue
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 4294967295

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 268435456

net.ipv4.icmp_echo_ignore_all = 1

Change will take effect after reboot :

[root@centos62 ~]# reboot

Try to ping again. The server will not reply now :

D:\>ping 192.168.1.44

Pinging 192.168.1.44 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.1.44:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

How to Unblock and Reclassify a Website That Trend Micro Blocked ?

Symptoms :
I am running Trend Micro OfficeScan and while trying to access a website. Unfortunately one of my site has been blocked by Trend Micro and return the following error message :

URL Blocked

The URL that you are attempting to access is a potential security risk. Trend Micro OfficeScan has blocked this URL in keeping with network security policy.
URL: 	http://www.xxxxxxx.net/
Risk Level: 	High
Details: 	For more information about this URL or to report it to Trend Micro for reclassification,visit http://reclassify.wrs.trendmicro.com.

I have checked the site thoroughly and i cannot find any malware on it. This is very very frustrating? for me as i will lost a lot of visitors who used Trend Micro antivirus on their computers or notebook.

Solutions :

To verify your site safety, you may check at this site :
McAfee SiteAdvisor, top FREE safe search tool
How to Check and Verify The Site That You Want You Visit Using SiteAdvisor

Follow the steps below to request for a website reclassification:

Step 1 Go to the Site Safety Center.

Step 2 Type the website address that you want to verify, then click Check Now.

The website will display a message saying if the address you typed is safe or dangerous. It will also provide you with the address’ category.

Step 3 Click Give Feedback if you want to reclassify the website.

Step 4 Select the correct rating of the website under the Safety Rating section.

Step 5 Select the correct category of the website under the Content section.

Step 6 Fill up the fields in the Introduce yourself section.

Step 7 Click OK once you are done.

You will receive the message below once you have successfully submitted your request.

A confirmation message will be sent to the email address you specified.

Step 8 Click the link in the email to confirm the feedback.

Your request will now be processed.

Thanks for your confirmation.

Trend Micro will start processing your request immediately and we will send you the result once it is done.

Check the safety of a website or request reclassification of a site references:

Website classification list and definition
How to request for website reclassification
Need site unblocked/reclassified
Website Reclassification
Trend Micro Site Safety Center

How to Restrict the Access to Specific Web sites Using Squid Proxy Server on CentOS 6.2

This howto covers the steps necessary to restrict the access to specific web sites using Squid Proxy cache server for CentOS 6.2. Before beginning this steps, please make sure you have properly configured the squid proxy server. If not, please follow this article to install squid proxy server on CentOS 6.2 (How to Install and Configure Squid Proxy Server on CentOS 6.2)

Squid has capability to read the containing lists of web sites or domains for use in ACLs. In this example, the setup always restricting access to ehowstuff.com network and Bad_Websites, but allow surfing during surfing_hours group’s only if the sites does not in Bad_Wesites (other that Bad_Websites). Follow this steps to implement restricting access to specific websites.

1. Open the squid.conf configuration file :

    [root@centos62 ~]# vi /etc/squid/squid.conf
    

2. Create web folder under /etc/squid. This is to store any anonymous files such as Bad_Websites.squid.

    [root@centos62 ~]# mkdir /etc/squid/web
    

3.Create Bad_Websites.squid and add the bad websites list.

    [root@centos62 ~]# vi /etc/squid/web/Bad_Websites.squid
    

Example Bad website list :

    #List in /etc/squid/web/Bad_Websites.squid
    www.porn.com
    www.badwebsites.com
    

4. Define surfing_hour group’s name, surfing time and restricted websites file list.

    #Add this at the bottom of the ACL Section
    #
    acl surfing_hours time M T W H F 08:00-17:00
    acl Bad_Websites  dstdomain "/etc/squid/web/Bad_Websites.squid"
    #
    

5. Always restricting access to ehowstuff.com network and Bad_Wesites, but allow surfing during surfing_hours group’s only if the sites does not in Bad_Websites (other that Bad_Websites).

    # Only allow cachemgr access from ehowstuff.com
    http_access allow ehowstuff.com surfing_hours !Bad_Websites
    http_access deny Bad_Websites
    http_access deny ehowstuff.com
    

6. Restart Squid proxy server to take effect :

    [root@centos62 ~]# service squid restart
    Stopping squid: ................                           [  OK  ]
    Starting squid: .                                          [  OK  ]
    

Full Configuration of the Squid Cache Proxy Configuration :

    #
    # Recommended minimum configuration:
    #
    acl manager proto cache_object
    acl localhost src 127.0.0.1/32 ::1
    acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
    
    # Example rule allowing access from your local networks.
    # Adapt to list your (internal) IP networks from where browsing
    # should be allowed
    acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
    acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
    acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
    acl localnet src fc00::/7       # RFC 4193 local private network range
    acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
    acl ehowstuff.com src 192.168.1.0/24    # Your internal network
    
    acl SSL_ports port 443
    acl Safe_ports port 80		# http
    acl Safe_ports port 21		# ftp
    acl Safe_ports port 443		# https
    acl Safe_ports port 70		# gopher
    acl Safe_ports port 210		# wais
    acl Safe_ports port 1025-65535	# unregistered ports
    acl Safe_ports port 280		# http-mgmt
    acl Safe_ports port 488		# gss-http
    acl Safe_ports port 591		# filemaker
    acl Safe_ports port 777		# multiling http
    acl CONNECT method CONNECT
    
    #Add this at the bottom of the ACL Section
    #
    acl surfing_hours time M T W H F 08:00-17:00
    acl Bad_Websites  dstdomain "/etc/squid/web/Bad_Websites.squid"
    
    #
    # Recommended minimum Access Permission configuration:
    #
    # Only allow cachemgr access from localhost
    http_access allow manager localhost
    http_access deny manager
    
    # Only allow cachemgr access from ehowstuff.com
    http_access allow ehowstuff.com surfing_hours !Bad_Websites
    http_access deny Bad_Websites
    http_access deny ehowstuff.com
    
    
    
    # Deny requests to certain unsafe ports
    http_access deny !Safe_ports
    
    # Deny CONNECT to other than secure SSL ports
    http_access deny CONNECT !SSL_ports
    
    # We strongly recommend the following be uncommented to protect innocent
    # web applications running on the proxy server who think the only
    # one who can access services on "localhost" is a local user
    #http_access deny to_localhost
    
    #
    # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
    #
    
    # Example rule allowing access from your local networks.
    # Adapt localnet in the ACL section to list your (internal) IP networks
    # from where browsing should be allowed
    #http_access allow localnet
    http_access allow localhost
    
    # And finally deny all other access to this proxy
    http_access deny all
    
    # Squid normally listens to port 3128
    http_port 3128
    
    # We recommend you to use at least the following line.
    hierarchy_stoplist cgi-bin ?
    
    # Uncomment and adjust the following to add a disk cache directory.
    #cache_dir ufs /var/spool/squid 100 16 256
    
    # Leave coredumps in the first cache dir
    coredump_dir /var/spool/squid
    
    # Add any of your own refresh_pattern entries above these.
    refresh_pattern ^ftp:		1440	20%	10080
    refresh_pattern ^gopher:	1440	0%	1440
    refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
    refresh_pattern .		0	20%	4320
    

How to Restrict Web Access By Time Using Squid Proxy Server on CentOS 6.2

This howto covers the steps necessary to control internet access by time using Squid Proxy cache server for CentOS 6.2. Before beginning this steps, please make sure you have properly configured the squid proxy server. If not, please follow this article to install squid proxy server on CentOS 6.2 (How to Install and Configure Squid Proxy Server on CentOS 6.2)

1. Open the squid.conf configuration file :

    [root@centos62 ~]# vi /etc/squid/squid.conf
    

2. In this example, the setup just allow surfing_hour’s access from the ehowstuff.com network, while always restricting access to ehowstuff.com network other than surfing hour.

    # Example rule allowing access from your local networks.
    # Adapt to list your (internal) IP networks from where browsing
    # should be allowed
    acl ehowstuff.com src 192.168.1.0/24    # Your ehowstuff.com internal network
    

3. Define surfing_hour group’s name and time.

    #Add this at the bottom of the ACL Section
    #
    acl surfing_hours time M T W H F 08:00-17:00
    #
    

4. Always restricting access to ehowstuff.com, but allow during surfing hours only.

    # Only allow cachemgr access from ehowstuff.com
    http_access allow ehowstuff.com surfing_hours
    http_access deny ehowstuff.com
    

5. Restart Squid proxy server to take effect :

    [root@centos62 ~]# service squid restart
    Stopping squid: ................                           [  OK  ]
    Starting squid: .                                          [  OK  ]
    

Full Configuration of the Squid Cache Proxy Configuration :

    #
    # Recommended minimum configuration:
    #
    acl manager proto cache_object
    acl localhost src 127.0.0.1/32 ::1
    acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
    
    # Example rule allowing access from your local networks.
    # Adapt to list your (internal) IP networks from where browsing
    # should be allowed
    acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
    acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
    acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
    acl localnet src fc00::/7       # RFC 4193 local private network range
    acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
    acl ehowstuff.com src 192.168.1.0/24    # Your ehowstuff.com internal network
    
    acl SSL_ports port 443
    acl Safe_ports port 80		# http
    acl Safe_ports port 21		# ftp
    acl Safe_ports port 443		# https
    acl Safe_ports port 70		# gopher
    acl Safe_ports port 210		# wais
    acl Safe_ports port 1025-65535	# unregistered ports
    acl Safe_ports port 280		# http-mgmt
    acl Safe_ports port 488		# gss-http
    acl Safe_ports port 591		# filemaker
    acl Safe_ports port 777		# multiling http
    acl CONNECT method CONNECT
    
    #Add this at the bottom of the ACL Section
    #
    acl surfing_hours time M T W H F 08:00-17:00
    #
    # Recommended minimum Access Permission configuration:
    #
    # Only allow cachemgr access from localhost
    http_access allow manager localhost
    http_access deny manager
    
    # Only allow cachemgr access from ehowstuff.com
    http_access allow ehowstuff.com surfing_hours
    http_access deny ehowstuff.com
    
    
    
    # Deny requests to certain unsafe ports
    http_access deny !Safe_ports
    
    # Deny CONNECT to other than secure SSL ports
    http_access deny CONNECT !SSL_ports
    
    # We strongly recommend the following be uncommented to protect innocent
    # web applications running on the proxy server who think the only
    # one who can access services on "localhost" is a local user
    #http_access deny to_localhost
    
    #
    # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
    #
    
    # Example rule allowing access from your local networks.
    # Adapt localnet in the ACL section to list your (internal) IP networks
    # from where browsing should be allowed
    #http_access allow localnet
    http_access allow localhost
    http_access allow ehowstuff.com
    
    # And finally deny all other access to this proxy
    http_access deny all
    
    # Squid normally listens to port 3128
    http_port 3128
    
    # We recommend you to use at least the following line.
    hierarchy_stoplist cgi-bin ?
    
    # Uncomment and adjust the following to add a disk cache directory.
    #cache_dir ufs /var/spool/squid 100 16 256
    
    # Leave coredumps in the first cache dir
    coredump_dir /var/spool/squid
    
    # Add any of your own refresh_pattern entries above these.
    refresh_pattern ^ftp:		1440	20%	10080
    refresh_pattern ^gopher:	1440	0%	1440
    refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
    refresh_pattern .		0	20%	4320