Posts Tagged ‘403 error’

403 error on BSNL — changing your DNS

October 23, 2010 3 comments

I have had some severe problems recently in connecting to the internet, running into a “403 Error — Forbidden” message for several popular websites. The reason is probably a virus which redirects internet requests by my computer to some very strange sites which look like a fancy search engine interface but do not seem to do anything. It was not clear where this virus was, on my computer or on the DNS server of BSNL, which is my ISP. The last time the problem occurred, a full scan by malwarebytes (free!) did not find anything, so I reset my DNS to the google public DNS.

This I did (under Windows XP) from the Network Connections tab under Control Panel. Select your connection, open the “Change settings of the connection” tab from the left, select TCP/IP -> properties, then under DNS open “Advanced” and enter the DNS addresses and Then move them up to the top of the DNS list by clicking on the arrow. You may want to restart your modem after this.

It is  usually a good idea to write down (using pen and paper!)  all the settings before you change them, so that if your computer crashes and settings are lost, you can at least go back to the old settings before calling for further help.


403 Error – Hijacked websites

September 30, 2010 9 comments

I have been getting a peculiar error for a while now — some of the most popular sites return a “403 Error — Forbidden” in boldface. At first sight it might seem that this is a result of too many requests from my network (ISP) to these sites. But occasionally I get the view of a hijacked website as well, like the following:

And if I look carefully, I see that the browser connects to and also tries to connect to some address, which is not an address on my own network (and which it does not find). This picture also shows the browser connecting to, which I have no clue about. The browser can still find secure websites. But this is clearly the work of some malware, probably not on my machines which run Kaspersky anti-virus 2010, but on the nameserver/proxy server of my ISP. And since the said ISP is BSNL, it is impossible to find any way of lodging a complaint beyond the simplest ones like `no connection’. I have had this problem earlier, but thought it was a result of the google and yahoo!/youtube sites being hacked. Now I think this is the result of a more local hacking.

In another incident, not sure if it is related, I found that the homepage of both my browsers had been set to

Update: Searching for this IP address on the net gives this post and not much else. Searching about hijacked google I could find several suggestions, and I am trying out some of them, like running malwarebytes and an anti-virus (Kaspersky). Nothing so far. Of course I have already tried clearing the cache and deleting cookies. I still don’t know if it’s my machine that is affected, or the network/ISP.

Update: The problem may have been on my computer. I ran Malwarebytes after reading some advice on the internet, and it found several files, including many in the registry, infected with trojans. I have not had the problem since cleaning the infected files. Malwarebytes is available at, but if your computer has been infected, you have to find another computer to download it. The funny thing is, I am running Kaspersky anti-virus, and it didn’t stop this trojan.

Update: It happened again yesterday, and this time nothing showed up on the virus scans, either by malwarebytes or kaspersky. So I set my DNS to the google public DNS, and it seemed to solve the problem. See here for the procedure.