Web Content Filtering
To better monitor outbound traffic to the commercial internet, the DoD has implemented a process called Web Content Filtering (WCF). Under normal circumstances, the encrypted traffic between a browser and a website, mediated by a cert, is opaque to the outside world. With WCF, a DoD-furnished certificate acts as an intermediary between the browser and whatever website that the user is attempting to access. As a result, the user’s request becomes visible and readable, such that it can be approved, before it is re-encrypted and passed along to the website.
When launching a virtual machine through CONS3RT, the DoD WCF Root Cert will come preloaded with the operating system. If, however, a user launches a virtual environment within their VM (for example, to run Python or Java), the WCF Cert will not be present in that environment and will need to be added in manually. The DoD WCF Root Cert has been included at the bottom of this article.