Block BSNL ADs using IPSec

14 Oct 2018

Bharat Sanchar Nigam Limited (BSNL) is a state run Indian company that offers telecom & broadband services. Using their internet service comes bundled with AD scripts viciously injected to all HTTP/Unsecured websites that you browse online without your consent. They certainly call it a feature, but everyone else categorize it as

  1. Security risk
  2. Privacy violation

BSNL claims that it benefits the customer, where as it actually

  1. Makes your browsing sluggish with a huge load of JavaScripts downloaded and run on every page loads. 
  2. Follows intrusive AD behaviour like Hijacking your mouse clicks to malicious AD sites.

I have discussed about their script injection and information collected in BSNL ISP Injects illegal AD scripts post. This article is more about a solution using IP Security policy to block their AD scripts. 

1. Microsoft Management Console: Open Microsoft Management Console (MMC) by running mmc.exe from the command prompt.

2. Add IP Security Policy Management snap-in: In the MMC, click File > Add or Remove Snap-ins. Select IP Security Policy Management and Add it to the right side - Selected snap-ins box.

3. IP Security Policy Management screen: In the next screen,
If you are setting it for a standalone machine then Select Local computer or else if you need it for multiple systems in a domain then select Active Directory Domain. 

4. Add New IP Security Policy: Right click on the IP Security Policy on Local Computer node, and right click to create new IP Security Policy.

5. IP Security Policy properties: It opens up a wizard view, On first step - Provide a IP Security Policy Name - 'Block BSNL ADs'

On next screen, check 'Activate the default response rule' and then check 'Edit Properties' and click on Finish.

6. Create IP Filter Rule: Click on 'Add', It opens up screen for adding the IP filter List where you can specify the IP filter rules i.e., source & destination IP Address to match.

7. Create IP filter rule: Rules are created to match following BSNL Server IP addresses (any port)

  • 61.0.245.90, 
  • 117.254.84.212,
  • 117.205.13.171

8. Final rules list will be as below, with 2 filter rules added for IPs

9. Create Block filter action for the matched IP rules:

10. Finally, enable the filter rules by enabling the checkboxes near the rule-name and apply.

11. Finally, assign the security policy to the local machine, that will activate the rule.

Now, try to load the HTTP website where you've noticed BSNL injected AD scripts. You'll notice that the AD scripts are no longer present there. To re-confirm the fix, try browsing the previously copied URL that will end up in 'Unable to find site' error. This policy is not specific to BSNL IPs, you can add ranges of IP address to the IP filter List that you wish to block.

Hope this solves the issue and enhance your browsing experience without lags & nags. Do share your experience & feedback !

Related Posts