rajujayaraman
Newbie
Hi, admin, Would you allow to share this link with a staff concerned with the security, so that some soiution or explanation is received.
BSNL is inserting ads in websites, sending their users to malware sites through malware code injection
- Thread starter CRACING
- Start date
- Featured
- Replies 645
- Views 199,812
rajujayaraman
Newbie
Hi, admin, Normally anybody could visit your site and see the posts . But i want a kind of your approval to forward this particular link, which annoy so much individual with hidden websites pages in the weblink, like naganoadigei.com to which my website redirects. If suppose, one finds solution, that would fix the problem. Hoping to get your nod
The ADs can be blocked by setting up IP Security policy on local machine/ domain that prevents the initial JavaScript that gets injected in the insecure (HTTP) page.
Last edited by a moderator:
@davidsekar thanks for your awesome blog post, i would also like to add this blog post where you have explained in depth about how BSNL is injecting the scripts in non https sites.
https://davidsekar.com/misc/bsnl-isp-injects-illegal-ad-scripts
https://davidsekar.com/misc/bsnl-isp-injects-illegal-ad-scripts
rajujayaraman
Newbie
Hi, David , i have read your links, the finding of injection and the solultion.
I have some doubts , please clarify.
Did you check the speedtest.net , with your remedy removed. I mean, not using the solultion.
My website redirects to first, naganoadigei.com and then to flipkart site. What is this naganoadigei is doing in the speed test net site? Checked that it is having its place in netherlands.
Please check this site now and then give your comment.
adblock is good , but it is also that much not safe and it automatically installs something on its own.
Your script description is fantastic and do you think , that you could add rules after rules to from time to time.
I talked with a staff concerning the security of bsnl, and she wants me to send the link . I asked admin permission , because so much has participated in this thread with their comments and replies.
I told the staff, that i will give the link , if the admin gives the permission.
Deep analysis has been done by you to find the scripts and solution.
how we do conclude that the malware redirects are from BSNL if they have not seen this thread and analyse.
One such example has been posted my post 105, wherein , i have explained the vulnerability the avast wifi scan gave me.
I contacted then bsnl staff, and they said, the suspicious site has been redirected to bsnl for security purpose and no cause of anything.
Please check the speed test at your end, by disabling your solution and then see.
Most of the http redirects to naganoadigei.com, which i have been redirecting to flilpkart , java install, adobe flash install updates
I am not a tech savvy person , but solution is for all bsnl users. Thanks
I have some doubts , please clarify.
Did you check the speedtest.net , with your remedy removed. I mean, not using the solultion.
My website redirects to first, naganoadigei.com and then to flipkart site. What is this naganoadigei is doing in the speed test net site? Checked that it is having its place in netherlands.
Please check this site now and then give your comment.
adblock is good , but it is also that much not safe and it automatically installs something on its own.
Your script description is fantastic and do you think , that you could add rules after rules to from time to time.
I talked with a staff concerning the security of bsnl, and she wants me to send the link . I asked admin permission , because so much has participated in this thread with their comments and replies.
I told the staff, that i will give the link , if the admin gives the permission.
Deep analysis has been done by you to find the scripts and solution.
how we do conclude that the malware redirects are from BSNL if they have not seen this thread and analyse.
One such example has been posted my post 105, wherein , i have explained the vulnerability the avast wifi scan gave me.
I contacted then bsnl staff, and they said, the suspicious site has been redirected to bsnl for security purpose and no cause of anything.
Please check the speed test at your end, by disabling your solution and then see.
Most of the http redirects to naganoadigei.com, which i have been redirecting to flilpkart , java install, adobe flash install updates
I am not a tech savvy person , but solution is for all bsnl users. Thanks
pothi
@127.0.0.1
It is not necessary to get permission to share a link to this thread with anyone else in the world. It is a public thread. So, can be shared without permission.
rajujayaraman
Newbie
Hi, David sekar, Please see the first post in this thread, where in the OP, has stated that malware redirects occur in http in particular speedtest sites. In this connection only, i asked you to recheck, by disabling your solution and say, what is your experience. Pothi has given a workaround in making fix thro hosts file in etc folder.
Your ads redirect would have been experienced at different sites.
I experienced mail bsnl redirects on times of browsing thro the sites.
When i raised that issue, and searched for that in google, the answer was given that mail bsnl redirect will occur on the first log of the day and will not repeat. But , i experienced frequent dsl blilnks and obtaining a fresh ip and on every attempt of this, the site again redirects causing annoyance in my browser experience.When i wirte, sayl to a forum a lengthy reply, suddenly redirect would occur and i would lost all that written. It will not go to the site, if you click the back arrow.
That was stopped after so many written to the bsnl in all forums.
Hi, david i wait for your reply
Your ads redirect would have been experienced at different sites.
I experienced mail bsnl redirects on times of browsing thro the sites.
When i raised that issue, and searched for that in google, the answer was given that mail bsnl redirect will occur on the first log of the day and will not repeat. But , i experienced frequent dsl blilnks and obtaining a fresh ip and on every attempt of this, the site again redirects causing annoyance in my browser experience.When i wirte, sayl to a forum a lengthy reply, suddenly redirect would occur and i would lost all that written. It will not go to the site, if you click the back arrow.
That was stopped after so many written to the bsnl in all forums.
Hi, david i wait for your reply
rajujayaraman
Newbie
Hi, one more update: Instructions are on the page how to replace the hosts file in the etc folder in driver folder of system 32 in windows 7 and appropriate folders in other OS version. There is no need for any change in win 10 as given in the link.
Just download hosts.zip from msmvps.com and then extract to a selected folder, and then run the bat file inside the folder, it will create a HOSTS FILE in the donwload folder. Just rename the old hosts file with hosts.old and then copy the created HOSTS FILE to the etc folder. If permission is not given , just read the articles how to give permission to edit or access the files.
Once copied, just rename this HOSTS file toolder hosts in the same etc folder.
Now reboot your machine to take the hosts file effect changed.
Before rebooting , For windows 7 user, please also disable dns client services or set to manual in services. msc.
Just type services.msc and select dns client and right click properties, and then stop the service and then select manual from the dropdown menu and then click apply. If you go to the screen , you will know it is a simple process. Please , if you open the RENAMED hosts file, you find updated hosts file, entirely different from the original hosts file.
the explanation has also been given, why this hosts file is secure.
The file is being updated with 0.0.0.0 added in the hosts file is like a solution given by Pothi, but contains numerous suspicious sites updated up to april 2018 from a to z. You could see the genuiness of the team to include those ad sites and suspicious sites and it is also starts with the machine 127 as the first entry.
Just go to the same speedtest net, no adv or popup or redirects.
It is needless to say here that by updating the hostsfile from the site, you could just live happily.
Link: start link
How can I remove redirection malware from my PC?
Just jump to MVSp hosts section on the article to use hosts file change. If you wish , you could use other tips in the article.
Just i have done the hosts file change.
The links are therer, for download and also the instructions for various OS.
If your HOSTS file is created , then you need to go the c: windows \system32\drivers\etc to find the hosts file.
For some, who do not know how to show hidden files, just go the folder options in explorer and then view tab, uncheck alll the items in Hide..... items.
please give your feed back.
I still await reply from david..
Just download hosts.zip from msmvps.com and then extract to a selected folder, and then run the bat file inside the folder, it will create a HOSTS FILE in the donwload folder. Just rename the old hosts file with hosts.old and then copy the created HOSTS FILE to the etc folder. If permission is not given , just read the articles how to give permission to edit or access the files.
Once copied, just rename this HOSTS file toolder hosts in the same etc folder.
Now reboot your machine to take the hosts file effect changed.
Before rebooting , For windows 7 user, please also disable dns client services or set to manual in services. msc.
Just type services.msc and select dns client and right click properties, and then stop the service and then select manual from the dropdown menu and then click apply. If you go to the screen , you will know it is a simple process. Please , if you open the RENAMED hosts file, you find updated hosts file, entirely different from the original hosts file.
the explanation has also been given, why this hosts file is secure.
The file is being updated with 0.0.0.0 added in the hosts file is like a solution given by Pothi, but contains numerous suspicious sites updated up to april 2018 from a to z. You could see the genuiness of the team to include those ad sites and suspicious sites and it is also starts with the machine 127 as the first entry.
Just go to the same speedtest net, no adv or popup or redirects.
It is needless to say here that by updating the hostsfile from the site, you could just live happily.
Link: start link
How can I remove redirection malware from my PC?
Just jump to MVSp hosts section on the article to use hosts file change. If you wish , you could use other tips in the article.
Just i have done the hosts file change.
The links are therer, for download and also the instructions for various OS.
If your HOSTS file is created , then you need to go the c: windows \system32\drivers\etc to find the hosts file.
For some, who do not know how to show hidden files, just go the folder options in explorer and then view tab, uncheck alll the items in Hide..... items.
please give your feed back.
I still await reply from david..
Redirections have stopped for me without any intervention/steps from my side. I guess BSNL resolved it from their end.