Are you pissed up with this kind of errors on websites like Paypal?
All those cookie tracking systems that are not efficiently managed or are too stringent in security violations run into this kind of errors all the time. Here is one example from Paypal.com

Bad Request

Your browser sent a request that this server could not understand.

Size of a request header field exceeds server limit.

Cookie: KHcl0EuY7AKSMgfvHl7J5E7hPtK=f6Siw-KN8p7lDN_hD52TJYDf......

What to do?

Clear your cookies and you are ready to roll.
Try to avoid working in multiple Tabs when accessing paypal in a logged in mode.

I hope that helped.

Raj

If you signed up for some class c IP hosting package recently and are wondering how to create custom nameservers like ns1.yourdomainname.com /ns2.yourdomainname.com then here is the solution for you.

click Zone and then click the record next to your domain.

change the NS records and add two A records.

6) Then you will fine “Add a new” at top of all the records.

7) Click on “Go” by selecting A record “A” from the drop down menu.

 Add these details in next step.

Host = ns1.yourdomain.com

TTL = Do not modify this.

IP Address = Add IPaddress of your domain.

9) Click on save.

10) repeat the same steps of 8 and 9 and add “ns2.yourdomain.com”

Was feeling like buying an Olympus Digital SLR cam today. The HDFC guys sent me a flyer with the specification and I was pretty happy with it.  So I call up the phone-banking service to order the cam. They tell me you need to order it on HDFC site. Fine, so I am on the HDFC shopping site and look what I get …

Bl0ody hell ! this is what our top urban bank has to offer us? See what the firefox report has to say about this.

This page tries to install programs that steal private information and use your computer to attack others or damage you computer.

This site is probably not a direct HDFC property. They are kind of affiliates through which they help sell consumer goods through easy installment system on their credit cards

Anyway I tried to open the same site in Opera Browser and it did not have a problem opening the site. But I could not find the product they had sent the flyers about. So I felt like contacting them online. I click the contact us link and this is what I get..

And everyone wonders why is Online Shopping not so popular in India? HDFC is the most Tech Savy bank in India in my opinion. Now this is what they offer. One sentence saying enter your contact information here. What next…? Design error? Cross browser compatibility failure? Whatever it is, it only pisses of a user.

I will of course be directing the attention of HDFC people about this and at the same time would like you to share it with your friends so that they are aware of the Crap they are being supplied with in the name of online technology.

I don’t know if it affects you or if my Anti-Virus is just acting up but every time I force refresh a page with Google Adsense with it Kaspersky (ver: 8.0.0.454) Internet Security detects a Trojan on the google javascript file. This even comes up on leading sites like lonelyplanet.com.

Here are the details.
To force refresh I mean using CTRL + F5. Then my antivirus gives this message.

Kaspersky detects Trojan on Site with Adsense

On further checking of this report Kaspersky gives me the following actions and errors.
This is the actual error report on Kaspersky. 1/25/2010 8:01:18 PM- http://pagead2.googlesyndication.com/pagead/show_ads.js Firefox Processing error: Trojan.JS.Redirector.ar

Report points to Adsense file

I get the same issue on IE6 with Kaspersky. On Internet Explorer I with Kaspersky installed I get an Additional Error. See Below.

Issue duplicates on separate machine with IE6 and Kaspersky

I have no idea whats going on. After a basic search on Google I found this related post. But this is an old case and the ads are not being hijacked. From the report it seems it is the original Google Adsense Javascript file that is being detected as malicious.

If some of you have kaspersky could you please test this issue at your end and let me know. I will mean while report this to Google.

I am going to share with you a funny but serious event that unfolded in my Inbox yesterday. There is a silly job listing site in the name of jobszone.info. They blast bulk mails to thousands of people about latest job openings. Yesterday I received a mail from them that reads.

Now what does a user like me do in this case. Carelessness like this leads to the hacking of email accounts and corporate websites.

Here is how a hacker would proceed once he is fed with information like this. I am not a hacker but I have read about them and I am somewhat familiar with their train of thought. Thanks to recent events like Iranian attack on Twitter.and previous Twitter Admin hack news.

So first of all we try out popular mail portals like Gmail, Yahoo, Hotmail, AOL etc. If our trial yields no result then we try to access the webmail accounts using urls like domain.com/webmail or mail.domain.com. How to find out the site? Use google for the most relevant term from the mail. It is not always that easy though.

In my case I struck gold with Gmail. Though I tried the domain.com/webmail approach first as the mails seemed to originate from the said website.

Normally what first timers would do is reset the password. But that is the stupid thing to do. Don’t let the original user suspect that the account has been compromised.

Next search for password or username using mail accounts search feature. Gmail in this case is just wow. I got around 40 results. This idiot left an excel file with a list of user ids and passwords for some 25 accounts. Wow. I can further use the same to get into more classified information. May be I could find some credit card details too but my ethics stop me going beyond this. LOL

Additionally one could use Gmail labels or folders in other email clients to reach out to specific information on your email accounts.

I hope this malicious email account access process would give you enough ideas about how to protect your accounts from being hacked. Many large organizations like twitter have been hacked using this very method.

This has been a long post already. Watch out for my next post that is a list of steps to keep your accounts safe from hacking.