When you use your PC and internet, many time you feels that you are downloading a sea of nonsense. Computer and Internet have their own language. No one needs to know all its words but some simple words may be confuse you and mostly newbies. Lets see some simple grammar.

Download : Transferring data from a server/website to your PC.

Favorite : Its like a bookmark. We can make bookmark of sites we like so we can check them again.

Browser : Browser is a software which people use to visit websites. The most common is Internet Explorer, it comes with all version of windows.

FTP : File Transfer Protocol. It used to upload and sometime download data to server.

Javascript : Its one of most common language to write scripts for websites. This make site more interactive. It cause many problem these days.

JPEG. Joint Photographic Experts Group. This is one of most popular format on web of pictures.
Hardware: opposite of software. Part of PC that physically exist.

Hosting : If you have website online then you must be paying for hosting or getting it for free for some cause. Its a service that make site available for visitors.

HTML. Hyper Text Markup Language. Its a language that webmaster use to design websites.

Hyperlink : Hyperlink is when a text take you to another place by clicking on it. For example you click on a mail address and it open a new page.

Programming : When computer is given instruction, using "programming languages".

Server : Server is like a normal computer where your website is stored and visitors connect it to visit your site.

Software : opposite of hardware. It make you PC run.

Spider : Its not spider that you see in real life. Its a software that used by search engines to scan you site so your site can come on their search result. Its good if spiders visit you website.

Upload : opposite of download. When you transfer data from your computer to your website/server.

URL. Uniform Resource Locator. Its is sort for saying Web Address.

Below you will find list of top 10 web vulnerabilities classified by OWASP, here is also description of the problem and some examples.

I will just give you the list in case you missed it before, i will not comment on any of these as there is already hot discussion about this matter on several sites/forums.

So here it starts:



1. Cross site scripting (XSS)

The problem: The “most prevalent and pernicious” Web application security vulnerability, XSS flaws happen when an application sends user data to a Web browser without first validating or encoding the content. This lets hackers execute malicious scripts in a browser, letting them hijack user sessions, deface Web sites, insert hostile content and conduct phishing and malware attacks.

Attacks are usually executed with JavaScript, letting hackers manipulate any aspect of a page. In a worst-case scenario, a hacker could steal information and impersonate a user on a bank’s Web site, according to Snyder.

Real-world example: PayPal was targeted last year when attackers redirected PayPal visitors to a page warning users their accounts had been compromised. Victims were redirected to a phishing site and prompted to enter PayPal login information, Social Security numbers and credit card details. PayPal said it closed the vulnerability in June 2006.

How to protect users: Use a whitelist to validate all incoming data, which rejects any data that’s not specified on the whitelist as being good. This approach is the opposite of blacklisting, which rejects only inputs known to be bad. Additionally, use appropriate encoding of all output data. “Validation allows the detection of attacks, and encoding prevents any successful script injection from running in the browser,” OWASP says.


2. Injection flaws

The problem: When user-supplied data is sent to interpreters as part of a command or query, hackers trick the interpreter — which interprets text-based commands — into executing unintended commands. “Injection flaws allow attackers to create, read, update, or delete any arbitrary data available to the application,” OWASP writes. “In the worst-case scenario, these flaws allow an attacker to completely compromise the application and the underlying systems, even bypassing deeply nested firewalled environments.”

Real-world example: Russian hackers broke into a Rhode Island government Web site to steal credit card data in January 2006. Hackers claimed the SQL injection attack stole 53,000 credit card numbers, while the hosting service provider claims it was only 4,113.

How to protect users: Avoid using interpreters if possible. “If you must invoke an interpreter, the key method to avoid injections is the use of safe APIs, such as strongly typed parameterized queries and object relational mapping libraries,” OWASP writes.


3. Malicious file execution

The problem: Hackers can perform remote code execution, remote installation of rootkits, or completely compromise a system. Any type of Web application is vulnerable if it accepts filenames or files from users. The vulnerability may be most common with PHP, a widely used scripting language for Web development.

Real-world example: A teenage programmer discovered in 2002 that Guess.com was vulnerable to attacks that could steal more than 200,000 customer records from the Guess database, including names, credit card numbers and expiration dates. Guess agreed to upgrade its information security the next year after being investigated by the Federal Trade Commission.

How to protect users: Don’t use input supplied by users in any filename for server-based resources, such as images and script inclusions. Set firewall rules to prevent new connections to external Web sites and internal systems.


4. Insecure direct object reference

The problem: Attackers manipulate direct object references to gain unauthorized access to other objects. It happens when URLs or form parameters contain references to objects such as files, directories, database records or keys.

Banking Web sites commonly use a customer account number as the primary key, and may expose account numbers in the Web interface.

“References to database keys are frequently exposed,” OWASP writes. “An attacker can attack these parameters simply by guessing or searching for another valid key. Often, these are sequential in nature.”

Real-world example: An Australian Taxation Office site was hacked in 2000 by a user who changed a tax ID present in a URL to access details on 17,000 companies. The hacker e-mailed the 17,000 businesses to notify them of the security breach.

How to protect users: Use an index, indirect reference map or another indirect method to avoid exposure of direct object references. If you can’t avoid direct references, authorize Web site visitors before using them


5. Cross site request forgery

The problem: “Simple and devastating,” this attack takes control of victim’s browser when it is logged onto a Web site, and sends malicious requests to the Web application. Web sites are extremely vulnerable, partly because they tend to authorize requests based on session cookies or “remember me” functionality. Banks are potential targets.

“Ninety-nine percent of the applications on the Internet are susceptible to cross site request forgery,” Williams says. “Has there been an actual exploit where someone’s lost money? Probably the banks don’t even know. To the bank, all it looks like is a legitimate transaction from a logged-in user.”

Real-world example: A hacker known as Samy gained more than a million “friends” on MySpace.com with a worm in late 2005, automatically including the message “Samy is my hero” in thousands of MySpace pages. The attack itself may not have been that harmful, but it was said to demonstrate the power of combining cross site scripting with cross site request forgery. Another example that came to light one year ago exposed a Google vulnerability allowing outside sites to change a Google user’s language preferences.

How to protect users: Don’t rely on credentials or tokens automatically submitted by browsers. “The only solution is to use a custom token that the browser will not ‘remember,’” OWASP writes.


6. Information leakage and improper error handling

The problem: Error messages that applications generate and display to users are useful to hackers when they violate privacy or unintentionally leak information about the program’s configuration and internal workings.

“Web applications will often leak information about their internal state through detailed or debug error messages. Often, this information can be leveraged to launch or even automate more powerful attacks,” OWASP says.

Real-world example: Information leakage goes well beyond error handling, applying also to breaches occurring when confidential data is left in plain sight. The ChoicePoint debacle in early 2005 thus falls somewhere in this category. The records of 163,000 consumers were compromised after criminals pretending to be legitimate ChoicePoint customers sought details about individuals listed in the company’s database of personal information. ChoicePoint subsequently limited its sales of information products containing sensitive data.

How to protect users: Use a testing tool such as OWASP’S WebScarab Project to see what errors your application generates. “Applications that have not been tested in this way will almost certainly generate unexpected error output,” OWASP writes.


7. Broken authentication and session management

The problem: User and administrative accounts can be hijacked when applications fail to protect credentials and session tokens from beginning to end. Watch out for privacy violations and the undermining of authorization and accountability controls.

“Flaws in the main authentication mechanism are not uncommon, but weaknesses are more often introduced through ancillary authentication functions such as logout, password management, timeout, remember me, secret question and account update,” OWASP writes.

Real-world example: Microsoft had to eliminate a vulnerability in Hotmail that could have let malicious JavaScript programmers steal user passwords in 2002. Revealed by a networking products reseller, the flaw was vulnerable to e-mails containing Trojans that altered the Hotmail user interface, forcing users to repeatedly reenter their passwords and unwittingly send them to hackers.

How to protect users: Communication and credential storage has to be secure. The SSL protocol for transmitting private documents should be the only option for authenticated parts of the application, and credentials should be stored in hashed or encrypted form.

Another tip: get rid of custom cookies used for authentication or session management.


8. Insecure cryptographic storage

The problem: Many Web developers fail to encrypt sensitive data in storage, even though cryptography is a key part of most Web applications. Even when encryption is present, it’s often poorly designed, using inappropriate ciphers.

“These flaws can lead to disclosure of sensitive data and compliance violations,” OWASP writes.

Real-world example: The TJX data breach that exposed 45.7 million credit and debit card numbers. A Canadian government investigation faulted TJX for failing to upgrade its data encryption system before it was targeted by electronic eavesdropping starting in July 2005.
How to protect users: Don’t invent your own cryptographic algorithms. “Only use approved public algorithms such as AES, RSA public key cryptography, and SHA-256 or better for hashing,” OWASP advises.

Furthermore, generate keys offline, and never transmit private keys over insecure channels.


9. Insecure communications

The problem: Similar to No. 8, this is a failure to encrypt network traffic when it’s necessary to protect sensitive communications. Attackers can access unprotected conversations, including transmissions of credentials and sensitive information. For this reason, PCI standards require encryption of credit card information transmitted over the Internet.

Real-world example: TJX again. Investigators believe hackers used a telescope-shaped antenna and laptop computer to steal data exchanged wirelessly between portable price-checking devices, cash registers and store computers, the Wall Street Journal reported.

“The $17.4-billion retailer's wireless network had less security than many people have on their home networks,” the Journal wrote. TJX was using the WEP encoding system, rather than the more robust WPA.

How to protect users: Use SSL on any authenticated connection or during the transmission of sensitive data, such as user credentials, credit card details, health records and other private information. SSL or a similar encryption protocol should also be applied to client, partner, staff and administrative access to online systems. Use transport layer security or protocol level encryption to protect communications between parts of your infrastructure, such as Web servers and database systems.


10. Failure to restrict URL access

The problem: Some Web pages are supposed to be restricted to a small subset of privileged users, such as administrators. Yet often there’s no real protection of these pages, and hackers can find the URLs by making educated guesses. Say a URL refers to an ID number such as “123456.” A hacker might say ‘I wonder what’s in 123457?’ Williams says.

The attacks targeting this vulnerability are called forced browsing, “which encompasses guessing links and brute force techniques to find unprotected pages,” OWASP says.

Real-world example: A hole on the Macworld Conference & Expo Web site this year let users get “Platinum” passes worth nearly $1,700 and special access to a Steve Jobs keynote speech, all for free. The flaw was code that evaluated privileges on the client but not on the server, letting people grab free passes via JavaScript on the browser, rather than the server.

How to protect users: Don’t assume users will be unaware of hidden URLs. All URLs and business functions should be protected by an effective access control mechanism that verifies the user’s role and privileges. “Make sure this is done … every step of the way, not just once towards the beginning of any multi-step process,’ OWASP advises.


Comments and introduction to Top-10 list can be found on following:
www.owasp.org ( www.owasp.org )
www.networkworld.com (http://www.networkworld.com/news/2007/100407-web-site-vulnerabilities.html?page=1)
www.infoworld.com (http://www.infoworld.com/article/07/10/05/Top-10-reasons-Web-sites-get-hacked_1.html)
www.computerworld.com.au (http://www.computerworld.com.au/index.php?id=1126870565&eid=-6787)

IZEA (PayPerPost)is going to make one more ranking solution "IZEA RealRank™".

What they say about it:
The problem with Google PageRank is that it is both self serving and irrelevant to actual traffic and influence. The arbitrary and unpredictable nature of this ranking system has left both bloggers and advertisers longing for accurate statistical data since long before PayPerPost. Unfortunately, there are few options out there when it comes to determining the value of a blog. While sites like Alexa attempt to estimate traffic they are inaccurate and do a terrible job when it comes to blogs with smaller niche audiences.

I we believe we have a solution and that solution is RealRank. RealRank data is gathered from the IZEA Toolkit "ITK" (formerly PPP Tools). It is a piece of javascript that many of you already have and those outside of PPP will be able to get from a separate site without joining PPP or SocialSpark. ITK gathers REAL traffic information, much like your analytics platform and ranks users based on their standing within the network. The formula is relatively simple.

70% weighted towards visitors per day
20% weighted towards amount of ACTIVE inbound links per day
10% weighted towards pageviews per day

We are currently working on implementing RealRank inside of the PPP platform next week. The public site will be up within two weeks. I am excited to be able to finally provide bloggers and advertisers with a measuring stick that actually means something.

Unlike Google, we are open to feedback. We will publish the actual formulas for all to view. If we make any changes over time based on user input you will see what those changes are and why. We hope this becomes the most valuable site measurement tool worldwide and look forward to rolling this out.
Down with PageRank (beats war drum)!
Source


I like what they said in this post. 70% weighted towards visitors per day is good idea to decide rank but if they are really going to decide it by visitors then people get good ranking by getting fake visitors.

20% weighted towards amount of ACTIVE inbound links per day and 10% weighted towards pageviews per day. 20% on inbound link but I still want to know that they will care for nofollow or not. As I know they are creating this new rank because they don't like Google. Only 10% weighted for pageviews means you need unique visitors to get high RealRank.

The best thing I like is they will accept peoples feedback on improving theur system and will publish actual formula that how they decide rank for a site. At Google Rank, no one is sure how they decide ranks for pages.

Now a days lot of ranks available for checking how much a site important. Do they really work?
Let check some examples:

Google Pagerank
Most of people know what Google page rank. For those who don't now, Google PageRank is a google's way to say how much a site important to web. They ranked between 1 to 10. To rank a site they count back links on a site. More backlinks you get means better PageRank.
My this blog is now PR3. When it become PR3 is was not really important but it had lot of backlinks. It is very easy to create backlinks, more easy if you have some money to spend.

If you post your site to many fourm like i did, you will get lot of backlinks for free or you can spend some money to get links. At the end your site will get PR, no matter your site deserve it or not.

Alexa the Web Information Company
Alexa decide rank based on traffic. The no. 1 site its still Yahoo from the time I know about it. They give toolbar to download. I didn't downloaded this toolbar yet, its not available for Vista.

The rank is based on traffic but traffic count is based on visitors only who have Alexa Toolbar installed. That means if you don't have toolbar installed then your visit doesn't effect their ranking.

Technorati Rank
This is only for blogs. Their Rank depends on how much authority your blog has.
Authroty: It means how much links you get from another blog. Maximum 1 authroty from a blog no matter how many time it linking to you. You can say authroty is how many blogs are linking to your blog.

You can get authority by link exchanging with other blog or giving comment on other blogs also added to authroty. You can also buy links on other blogs to improve your Technorati Rank. So if you have money you can be on top rank no even your blog has only one post that is showing your name.

Trust Rank - Combating Web Spam
It still in beta so can't tell you how much it sucks, may be they are improving it before making it out of beta.
If you search your site on this you will find some result like.
PageRank
Alexa Rank
Listed in DMOZ
Backlinks from Google
Backlinks from Yahoo
Backlinks from MSN
Results from AltaVista
Results from All the Web

And the Trust Rank is same as Google page rank. If they are showing Google Pagerank With different name then whats new in it. Yes, you can use it for getting some other ranking info.

Google PageRank Prediction
iWebTool is a company that provide some online tools for webmaster and other who need some tools to make their site hot. This tool is one of them. Normaly google upldate their pagerank quaterly so you will see many new site with lot of backlinks without pagerank. This tool is like a live pagerank tool.

When search google.com it shows message "Insufficient backlinks. To predict your PageRank, you need a minimum of 100 backlinks.
Google.com is PR10 site and it showing ****. So I don't think its usefull.


So now.... to whom you trust.
I say "Check everysite yourself that it really deserve the rank that it has"

I reviewed 5 rankers this time, if you know more then post a comment I will add them when I make antother post like this.

If you have a website it means you have a host too. If you don't have a host that means you don't have a website. Two major option available for web hosting are shared and dedicated hosting.

Website that uses dedicated hosting has a server for it site. Full server resources to a website besides a shared host is split amongst more customers.

Servers are simply computers that been set to respond to data request from the Internet. Each server has an Internet Protocol address (IP) i.e. 10.10.1.100

Shared Hosting
One server is shared with many websites and resources are also shared with all accounts on that server. All sites sharing same disk space, bandwidth and IP address of that server. Host limit each site to a specified amount of disk space and bandwidth to be used by per user per month and also limit to not to use more server resources. Site that exceed their limit may temporarily closed down for that month.


Dedicated Hosting
With this type of a server, all resources of the server, as well as the IP address, are unique to that website that uses that server and you can use as you want. You can host as many site as you want. All bandwidth is yours, you can use as much disk space you needed for your sites.

Big websites that receives lot of traffic really need a dedicated server. Hosting big website on shared hosting is not good thing. Your will be slow and sometimes your hosting company that giving you shared hosting will also advise you to move your site to a dedicated server. As full resources is yours so you can run any script you want.

On shared accounts you are not allowed to run all type of scripts. They don't allow scripts that use lot of server resources.


The main different between them is their cost. Shared hosting is more cheaper then dedicated server. You can get shared hosting account as low as 1$ per month while dedicated account can cost more them 75$ per month.

There is a very big risk in shared account. As there is more then 1 account in same server if other user run a script that goes bad, the server could be affected. In some conditions your site could down for a while. If your member do somethings wrong with search engines like using proxy and other things. SE bans server IP address so your site on that server that will be also banned from SEs.

How To Choose Between Them
Small companies with small sites are better with shared accounts. The cost is very low. Make sure to choose a host with good reputation who protect your site from other that could put your site at risk.

Large site needs dedicated server. Its also good for developers and researchers who test new technologies.

Web Directories: If you have made site its time to submit it to directory. Do this work slow and in long term because getting lot of backlinks in short time is not good for search engines. They will ast your site as a spam and your site will get chances to get banned from search engines.

1.Free directories: This are free or open directories where you can submit you sites for free.
Some Examples of these type of directries with PageRank-

http://www.dmoz.org 9
http://www.lii.org/pub/htdocs/home.htm 8
http://www.femina.com 7
http://www.gogreece.com 7
http://www.sacentral.sa.gov.au/site/page.cfm 7
http://www.worldhot.com/ 7
http://www.123india.com 7
http://www.elib.org/ 7
http://www.ezilon.com/ 6
http://www.epooch.com/ 6
http://www.christiansunite.com/ 6
http://www.toronto1.biz/ 6
http://www.canadianeh.com 6
http://www.aardvark.co.za 6
http://www.nzs.com/ 6
http://www.aigam.com/

2. Reciprocal Link Directories.
This is type of directories where you have to link back to directory. Its like link exchange.

Social Bookmarking Sites
For those who are new to it, in social bookmarking system, users store lists of Internet resources, which they find useful. These lists are accessible to the public for their views and comments. This became a great seo technique now

http://www.furl.net/
http://blogmarks.net/
http://www.clipmarks.com/
http://del.icio.us/
http://www.digg.com/
http://www.fark.com/
http://www.dzone.com/
http://www.blinklist.com/
http://www.connectedy.com/
http://www.backflip.com/
http://www.bmaccess.net/
http://www.bookmarktracker.com/
http://buddymarks.com/
http://www.butterflyproject.nl/
https://www.chipmark.com/
http://feedmarker.com/
http://www.i89.us/
http://www.jots.com/
http://linkatopia.com/
http://www.indiamarks.com/
http://www.sphere.com/
http://www.listible.com/
http://ma.gnolia.com/
http://www.metafilter.com/
http://reddit.com/
http://www.shoutwire.com/
http://reviews.stumbleupon.com/
http://www.techtagg.com/
http://www.videobomb.com/
http://www.bookmark-manager.com/
http://diggdot.us/
http://www.simpy.com/
http://www.spurl.net/
http://saysaid.com

I advised to use Both.

Many Directories ask for a reciprocal link when you submit your site to them. But the end they do not list your site or blog to their directory. They make their own good PageRank on search engine by getting one way link (inbound link) from your sites.

Sometimes its not possible to check all directory that they are linking back to you or not.

Some Tips:
1. Always check each directory you submit your site for link back.
2. Before submiting your site don't forget to check that direcotry is not banned by search engines.
3. Submit your site in proper category.
4. Try to submit on directories that have higher pagerank.

Are you still thinking to cheat AdSense? Stop that.
It will never bring you anywhere. You can do this with smaller ad network but not with Google.
Here are some of the detection methods Google might use to catch cheaters.
At the very least, they have the resources to do so.

IP Address
If the AdSense click is originated from the same IP Address as the one used for accessing your AdSense account, your account is flagged.

Cookies
Most home users do not use static IP Address for Internet connection. In most cases just disconnect and reconnect will give you a new IP Address. But don?t forget, Google has set cookies on your computer.

Other Google Services
Thinking that you are safe just because you do not access your AdSense account? Think again. This time, consider these: GMail, Google Earth, Google Calendar, Google Search, Google Toolbar, Google Talk, Google Sitemap, Google Desktop, Blogger, and so on, and so on. With the wide range of services they provide, Google can trace the originator of most (or probably almost all) clicks.

Click Pattern 1
Oh, why this computer / IP address / person is so trigger-click-happy on this particular website but never click on the ads on other sites?

Click Pattern 2
And why is it that people accessing these sites direct (type-in URL or from bookmark) tend to be very active ad-clickers compared with those referred from search engine or other sites?

Click Pattern 3
And why the ad-clickers like to hit and run, compared with non ad-clickers that surf a few pages before leaving?
Click-Through-Rate (CTR)
Your CTR may range from 0.5% to 10%, but if it exceeds a certain point (probably around 10%), you are flagged.

Geo-Location
Used Urchin (Google Analytics) before? Then you should know that Google can trace traffics origin down to the small town. Different IP doesn?t mean much. Unless you site is really targetted to one small geo-point, a high number of clicks from nearby location will get you banned quickly.

Hardware address?
MAC address of the LAN card, modem, and router works almost like a fingerprint. I?m not sure if Google can track this, but probably they do. They have rocket scientist, remember?

Advertisers conversion rate
Ad click is one thing. But does it bring value to the advertisers? If none of the clicks on your site translate to conversion to the advertiser, you are in trouble. First the Smart-Pricing hits, then your AdSense account disabled.

Search Engine Ranking
Your website is not indexed on any search engine, not linked by any prominent website, but get consistently high traffic? That sounds like something is in play. Regardless of whether it is an adware-embedded software, spam, trojan clickbot, or intentionally installed click-exchange network, it doesn?t sound right.

Webpage design
How about the ?click here? or ?support us?? Google has the best search engine in the world. Is it really that hard to find those words?

Combo
Each of these detection methods might seem rather weak. But combine them together, and not many click-fraud can pass-through these filters. Even the smartest clickbot will have a hard time.
In short, it is impossible to cheat AdSense for a long term. Instead of spending time, money, and effort trying to outsmart Google, try some tips to improve your AdSense earning.
Note : I m not working for Google nor in anyway know anyone inside Google. Google might or might not use these methods to detect click-fraud. I think believe that they have much better detection mechanism.

Source of many available sources on net about this topic.

1. DMOZ
www.DMOZ.org
This is the granddaddy of all directories, and is greatly respected by Google and the all other search engines. Listings in this direcotry are free, but you have to wait for your site to be listed. According to the DMOZ site, expect your site to appear in the listings at Google, AOL and other major engines about 2 weeks after you are listed in DMOZ.

2. Yahoo
http://submit.search.yahoo.com/free/request
The name known to all. This free listing form may take a lonk time(months)to result in a link back to your site, but it is well worth a try this.

3. Zeal
www.zeal.com
A free listing just need to register. Zeal is owned by Looksmart.

4. Directory World
www.directoryworld.net
Requires a reciprocal link to their site, but is otherwise free. Good page ranks for all listing pages inside.

5.Really First
www.reallyfirst.com
This is one of the largest directories on web with over 50,000 links. Very poor navigation, but a free link if you add their link to your site.

This is just strating. Submit as many directoried you can. Remember lisiting to these site help you get get good pagerank, traffic and also improve your serch engine listing.

Google is heart of webmaster with its powerfull search engine and webmaster tools etc.
But yahoo is also in list. Yahoo can also help you in your business.

Yoy can use these two servies for your site sipport section.

Yahoo IM
You can use yahoo messanger for your support section. Everyone know what support ticket is so many people don't like to contact support team. Live is support is also good but if you have slow connection you will not open it.
So the best solution is yahoo. Just create a Yahoo Id with your company name and add it to your site and start living with your customer.

Yahoo Mail
Google apps gives you e-mail of your domain like you@your-domain.com, yahoo don't. You can still use its mail that is not on your domain. Yahoo gives unlimites webspace so you dont need to worry about it.

Domain Names are very cheap these days but many people still can't buy them.

The option is free Subdomain that looks likt domain names.

.tk
You can get your own .tk domain names like my-name.tk
It very easy and pupular but most of search engines don't like this and I don't like it too because it comes with adverstiment.

co.nr

It is also one of best free subdomains servie for your sites.
It Gives you
Free URL Forwarding, also known as Free URL Redirection


Intelligent Free Path Forwarding and Advanced Free META TAGS support

Free URL Cloaking also known as Free URL Masking

No banners or popup ads, actually, NO ANY ADS at all

Ability to use your free domain name with and without WWW, and more


uni.cc

UNI.CC is a free domain name that will help making your web sites more accessible using short and easy-to-remember Internet addresses.
This site provides domain name redirection service and a site builder tool. They do not offer hosting, mail or FTP services at this time.

Available services

Web forwarding
Convert your web site's address from something like
www.provider.com/users/something to www.name.uni.cc

Site builder
Create a complete site in few minutes. No programming or design skills required.

DNS Service
Delegate your UNI.CC domain name like a .com and get all the flexibility you need.


afraid.org
Here you can lot of free subdomain names with full domain control or you can use your own domain.

Google Webmaster Tools is one of Google's best free service.

It is very easy to use in blogger. To add your blog to Google Webmaster Tools you need to verify your blog by just uploading a simple META tag in your templates. It help Google to index your pages for Search result.

Using Webmaster tools you can also check that what problem is Googlebot getting to index your blog's pages to Google and Fix errors. Check how many pages Google has indexed and Check inbound and outbond links of your blog.


Adding Sitemap

If you are using Google Webmaster Tools to get your pages indexed by Google then you need a Sitemap to get top ranks in Google Search.

Its very easy to Add a sitemap but most of people don't know how to add Sitemap in blogger.
You don't need any external source for this because this feature comes with blogger.

Just add atom.xml at the end of your domain.
Like mine is http://www.runweb.org/atom.xml

Now you can add your blog's sitemap to google.

These days Domains are very cheap. You can get your own domain for 6-7$ per year.
Normaly The Registrar don't give full domain feature. Many of them only provide DNS control. Most of people don't need anything else but some people want more.

If you want to use your domain at blogger you need cname control that normaly registrar don't provide. What you will do?

Lots of option available for free. You can use any services. I am giving you some info about famous services that people mostly use.

www.afraid.org
This is a free service. They have better feature for paid users.
You just need to Point your domian to their Nameserver.

Afraid give good features with good speed but limited.


www.mydomain.com
MyDomain also give domain tools for free. You can register a free account and add as much site you want. All features are unlimited. You can also buy domain from them.