Limit State Definitions of the Connection Design Calculations SDS2 V7331
(TS) NSA QUANTUM Tasking Techniques for the R&T Analyst · · 2017-08-01- Booz Allen Hamilton...
Transcript of (TS) NSA QUANTUM Tasking Techniques for the R&T Analyst · · 2017-08-01- Booz Allen Hamilton...
PO: TAO RTD I Team - Booz Allen Hamilton SDS2
The overall classification of this brief is
10± 3.11.18. 1-1.14.u4:1.00/1! a. all:"
If.. - .1. 10 •']0110301 ' ilicon0 01 11 1 1i 1.0:=151114.•:'
• . ei l.130 Lb I.0¢:: - .Del . M. I 00 1 ,....X905 '
. ...
TOP SECRET/151/43EL USA, AUS, CAN, GBIR, NZL
(TS) NSA QUANTUM Tasking Techniques for the R&T Analyst
TOP SECRETUSIIIREL USA, AUS, CAN, GBR, NZL •
Derived From: NSA/CSSM Dated: 2007DIO8
Declassify On: 20370801
1 SPIEGEL ONLINE
TOP SECRET/ISUIREL USA, Au S 1 CAN, GBP, NZL
(TSPSIUREL) Only R&T Analysts can submit QUANTUMTHEORY Tasking to the QUANTUM team. TOPI Analysts can submit QUANITUMNATION Tasking through Target Profiler. The biggest difference is QUANTUMTHEORY deploys a stagel implant called VALIDATOF (soon to be COMMONDEER) and QUANTUM I f deploys a stage° implant called SEASONEDMOTH (SMOTI-1). SMOTHs die within 30 days of deployment unless requested to extend the life.
(T5f/SIUREL) This presentation does not cover FAA QUANTUM, but if you identify an active selector, compare the SIGAD in Marina to the SIGAD on the GO QUANTUM wiki page to see if FAA QUANTUM is an option.
(TS/ISIIIREL) This presentation is geared towards targets seen at US - If you are unfamiliar with this SIGAD, it is equivalent 10 a TI/NF SIGAD that cannot be mentioned in this PowerPoint. You can contact the POC of this brief for more information,
2
SPIEGEL OF
TOP SECRED/COMINTS/REL TO LISA, EVE Y
Web Browsing (Exploit with QUANTUM The concept man-on-the-side)
• QUANTUM is a man-on-the-side capability. If your target has a selector that is active in the last 14 days, vulnerable to the QUANTUM technique, and seen by an 550 site that has QUANTUM capabilities, then there might be the opportunity to detect that communication in real-time and piggy back with the requested content back into the target's network and implant the host.
a QUANTUMTHEORY can be used only if a TAO Project is set up (must coordinate with your R&T Analyst)
• QUANTUMNATION can be used regardless of a TAO Project (T PI does the tasking in Target Profiler)
• The biggest difference is QUANTUMTHEORY deploys a stage' implant called VALIDATOR (soon to be COMMONDEER) and QUANTUMNATION deploys a stage0 implant called SE_ASONEDMOTH (SMOTH). SMOTHs die within 30 days of deployment unless requested to extend the life. The exploit technique is the same.
TOP SECRETKOMINTIREL TO USA, FVEY
8 SPIEGEL ONLINE
TOP SECRET/MI/MEL USA, AUS, CAN, GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works
1117 Target
Internet Router
Yahoo's Web Server
SSO Site
SI I
4 SPIEGEL ONLINE
TOP SECRETUSWREL USA, AU S, CAN, GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works
1. Target logs into his Yahoo accounI
Target
Internet Router
Yahoo's Web Server
550 Site
I INT • ',eel m ''on
4
SPIEGEL ONLINE
TOP SECRETUSIHREL USA, AUS, CAN, GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works
1. Target logs into hEs Yahoo account
Target
limnternet Router
11■1111114
Yah oo' s Web Server
SSO Site
2. SSO site sees the QUANTUM tasked yahoo
selector's packet and forwards it to TAO'S FOXACID Server
I INT • rn OF
4 SPIEGEL ONLINE
lit Target
Internet Router
11111110.
YahoWs Web Server
TOP SECRETUSIHREL USA, AU, CAN, GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works 4. Yahoo server receives the
packet requesting email content
NSA
ialipsolispoi A
S50 Site
TAO FOXACID Server
3. FO ACID 'meets a FOXACID url into the packet and sends it back to
the targets computer
I I k T V Of
4 SPIEGEL ONLINE
TOP SECRET1/511/REL USA, AUS, CAN, GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works
th7H4-4 Yahoo's
Web Server
[nternet Router
5. ,PDXACiD packet beats the Yahoo packet back to llie
endocn t
NSA
411- apilipi TAO FOXACID
Server
Jr
4 SPI EG EL ONLINE
11 1111116
411[■■■■
Yahoo's Web Server
NSA -
411. 16 .1
11111fr
TOP SECRETUSIHREL USA, AU S, CAN GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works
1/1111 Tru-get
6. The target's 'Yahoo welvage is loaded but in the background the
FOXACID URL hpads which redirects to the FORA ID Exploit
Server..
Internet Router
11111111P1IF
TAO FOX ACID Server
SIGNT Da on t
4
E.17. TEE.EL OFILME
TOP SECRETBSIMEL USA, AU S, CAN, GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works
Tt3 Yahoo's
Web Server
) 1.1111111' 11111 Target
Internet Router
SSO Site
■11111111-
iNSA
TAO FOXACID Server
7. If the browser is exploitable and the PSP is sale, FOXACID deploys a Stage I implant back
to the target
/GRIT en rt
1 4
SPIEGEL CHLIIIE
Internet Router
.11111°X 41111r■I■
110 Target
Target Implanted!
Yahoo's Web Server
0111111111.1.11 -, --- . - NSA
TAO FOXACID Server
7. If the browser is exploitable and the PSP is safe, FOXACID deploys a Stage I. implant back
to the target
TOP SECRETBSIMEL USA, AU S, CAN, GBR, NZL
What is QUANTUM?
QUANTUM Generic Animation - High Level of How It Works
4 SPIEL EL oNLINE
TOP SECRETPCOMINTUREL TO LISA, FVEY
QUANTUM Capabilities NSA (TS/1311/REL) NSA QUANTUM has the greatest success against <yahoo>, <facebook>, and Static IP Addresses. New QUANTUM realms are often changing, so check the GO QUANTUM vviki page or the QUANTUM SpySpace page to get more up-to-date news.
NSA QUANTUM is capable of targeting the following realms: • 6 IPv4_public • mailrulvircu ▪ • alibabaForumUser • msnMailToken64 • • doubleclickID • cici
• • emailAddr • face book • • rocketmail • simbarUuid • hi5Uid • twitter • • hotmailCID • yahoo • • linkedin • yahooBcookie • • mail • ymail • • mailruMrcu • youTube • • msnMailToken64 • WatcherlD
TOP SECR ET/TCOM INTi/R EL TO USA, EVE Y
5 SPI EG EL ONLINE
TOP SEC ETPCOM INTIIR EL TO LISA, EVE Y
QUANTUMTHEORY - GCHQ If a Partnering Agreement Form (PAF) is set up with GCHQ for the CNO project, then the IT Analyst can utilize GCHQ QUANTUMTHEORY to include additional capabilities such as:
• • ALI BABA • AL • • BEBO_EMAIL • DOUBLE CLICK
• FACEBOOKCUSER • GOOGLE PREFID • • GRAIL • HI5 • • HOTMAIL • LINKEDIN • • MAIL RU • MICROSOFT_MUID • • MICROSOFLANONA • RAMBLER • • RADIUS • SIMBAR • • TWITTER • YAHOO_13 • • YAHOO_L/Y • YANDEX_EMAIL • • YOUTUBE • IP Address
More information on: https://wiki.gchqi
/QUANTUM BISCUIT If you cannot get to the link try: http:I/
TOP SE CR ETECOM INMR EL TO LISA. FVEY
TOP SECRETKOMAT/AREL TO USA, FVEY
QUANTUM SIGDEV - QFDs (TS/151 MEL) Find all Selectors associated to your target (Yahoo, Yahoo B Cookies, Facebook, Hotmail, etc) using Marina, NSA or GCHQ QFDs.
NSA SAT C QFDs: I •
ALTEREGO QFD:
GCHC., " vuene Selector A Iten ate Se I e 191 Ouerleci Alternate Intersection Stele Selector Selector {1.10} Degree Degree
5
, 14,154?
'CaitUE. l fir}
11-.. -clfehcon.
67 114 1 SY
DOGCOLLAR QFD:
Selector
TIP
Enrichient Value Obsermions First Seen On Last Seen Date
9 ZOU /a5P1 2013/0347
Skip to Step 5 once you have all of your selectors...
tei tonal 1911.
TOP SECRETPCOMINTIIREL TO LISA, FVEY
6 SPIEGEL ONLINE
Fddriier 11440. 11.1},
T %-ri•
ailimmagitper. voredRocheirri
4..1. Mit) Sprdl,
i*FIE q 3•114NY
cqt:1--fina- Hem Same. 'Prat F ksc - lidanbly •• Pr*Emcwi 4 41*.
7
..1 ,1441. 1g Redo.*
dimply
Matimagyilliers
6
ixilib ClaraaJ:13 "M. 20i20210 7 .D59.50 ikka-rthi
j Al* vg Pffirre,* d ■Cintiol* 141ralmr*
646.1 gr..
TOP SECRET/ISUIREL USA, AUS, CAN, GBR, NZL
QUANTUM SIGDEV Marina Step 1: Skip to Step 5 if you used the QFDs to identify alternate selectors
4 (I-Si/SI/MEL) If you do not use the GCHQ or NSA QEDs you can use Marina. Run a Marina Selector/Identifier Profile (Federated) search for a 3 month range to look for additional selectors.
7 SPIEGEL ONLINE
i4ectar h41 -1.1m71 –
wet Can I Ph otos:6
Equivalent 11337 S
Pao 1 pi 1
Appikdaden
I New Selector I fc no van Selector
Ft/
er {r4orie Una"' (Deleu11). - • %mime krt• Stree AS • laDIS * ' LetaCICarnMe Erbtity A L... ) 1p Activity
10" Entity 11
<yalipv -;
-0••13.4yailna
4verialicom.macoltD. —.31EMM-651wetisee5.
Fses dNalay nave
has at d
1-45 alt d
cob Ir141.>
<51eypeirialidtan
•
a
TOP SECRETBSUIREL USA, AU S, CAN, GBR, NZL
' (TS//511/REL) Once the query finishes. look at the Equivalent Os section. This will show you other selectors that your target is using. This is determined by linking content (logins/email registrations/etc). It is worth verifying that these are indeed selectors associated to your target. NSA QUANTUM works best against <yahoo> and <facebook>. Although, it is worth making note of a <gnriail> selector for possible GCHQ QUANTUM support or for your own notes.
8 SPIEGEL ONLINE
TOP SECREVISUIREL USA, AUS, CAN GBR, NZL
(TSI/SIHREL) if your search was on a <yahoo> email address, then click on Machine IDs and look for a recent <yahooBcookie>. YahooBcookiers are unique to a specific computer and can hold other <yahoo> addresses that are being logged into on that computer as long as the user does not clear browser cookies. If you see multiple <yahooBcookie> pick the most recent Last Heard date. Also higher the Num Heard is, the more likely that selector does not change.
Fleecing Ple•ecaam
Levine y= 27
.18‘11.5r`
Pear 1 cC 1 Fter (None:: - Limit(Elateu13- - • • 7: • , Save ks 7 Nropk.likei NM, UPIlt 42. b
New Selector
15 ) p P91*L kat 1-14201) -
sr •
IP 0 riartilcie A '; Nab ‘walice•p mcirai4.0(compotole: n; ..7(dDr.S e
cyarocemokie:-
MI [ I 15 L3 5133Z •2131.1.1Z135 Ids
.zo aunr .;21)LI 1Z1:15 10.32Z
'3 0 Oki - cyahx.7. y.st.x13rociatia. J LDS 1.1:107. I. LE . ZOL1.111% 1=1.7.
.4 n ,.eb - 201E1.115 19521.2 '3:4 1I2[5 1611.1237
:5 U.et. regolL0.0 [0:4.3 USE. L33514 . 2011 1205 11264167
6 D wt.t. 0.51.5Y. nfl_hilV_Uairridditeljr1V_Nel.NIC10 I 21.1L L115 L353:122 . 23Ll13:15 PR
7 ❑ axial ..KV*4•0 .CylieCiacCdue .ZIULLICSIVfc X.111L.7•5053:7
Unique Selerdara FcwitEL <yahoo> (Known Selector)
@grnail.com<google> (New Selector)
<yahnoBcookie> New Selector)
9 SPIEGEL ONLINE
Sem.a At • laNt. • %Mut: Load Ce.piele
Entity ■
IM
.!•11
ers •-•
I-. 5!.
.g--
r.75,4a7130,
360/f.11 care rtmocgjia
d..-1-.^51-xoetisar
—aer_<VaniXr}
. Equtwaleet 1M 5 *IP
,I II'ne I of 1 Frier Tkin0 .... Leioul pefaut) Ne11kielze Seve - To-A 31.4tes . LO ecr Cctriplete
❑ AppilEann Entity A Entity 1■OBOrnallom<g06911 e>
.113£1.1al.COhlr.c0:146 -:-
•- (Vahlia
:44371N1c:arnIC9DK1/9
(514neUser
Rao:
(TS//SUIREL) You can do
this by clicking on the selector, scroll down to Selector Profile, and click Range.
ForietIrd CcretArIx .<= 22
kevetse ContacbR
...I Sent PLIC55.30C6'
Recebred nes4at.Tes: - 29
tagrnp; ‹=
IgEmords.
Whdore 91:11rdinutes)
Day (-14- p2Hokas)
Verir (-1 Year)
*KM- PITON"
5!Iezbar ditals
911 icivaiisdgt AnalytIcs
Chuts
Ov:Id To Inquiry
Usef Atilinay
FV.Mnre Event 0
Navel Detail
F■ nd In
TOP SECREVISIIIREL USA, AUS, CAN, GBR, NZL
1
■
1Papriv.slent ION; .%
• POVe 1 et/ 1
1:7; Appac.totl.an IR • .41...Vettp 141.•
r11-1.1R y
New <google> selector
.43' rim; inProis L I ntR {1>tleit-t1 •
tr"tV A. r fa
(TS/iSII/IREL) Since mail.com<google> is a new selector, you will want to do a Marina Selector Profile query on it to see if there are additional accounts associated to the target, Remember NSA QUANTUM cannot target the ‹google> selector.
111 SPIEGEL ONLINE
Selector PireIle Search
5eletirs Prone
511:1• Ch Selector probe [ Agrnal.ciamcgcogisA
-
Stark Ditio 20111110 I-9 BD: Mr CC End Datig 20120210 23.50:59 3 1.46e!Lfri.2
Seim:tars birdy
Ye5.temday
Acid 4 Remove Conlage [1:1Bntif ilE1
This Weep
lrput Last Wed.( Ream
4iggrialLcan gingle Parater s This Month
skyp eMailticen
goo*
skypisMairciken
Parameters
Paramaters
Firterrieters
Lag Month 3 Day
2 Days
3 EtiY5'
10§1grnautccra
skypcMaiTcken Ptserrnkers 5 DM.
• bays &JEN& MoIradE■1=1111:1 - 5144.p eMafliniteri Parane;tus 14 Days
152grnall.corn 40041e Paharivtati:. 1,15nith
_ Quick Add: ! tritEe.:re or wale sisleitlaira seriaratipj by canmes end I errter .
1"forokis •6 imnths
.1yea.
Authority 19It ers
0. hi!!
E1 •
TOP SECRET/ISIBREL USA, AU S, CAN, GBR, NZL
, (TSIISIHREL) Change the query to search for the fast 3 Months and click SUBMIT
SPIEGEL ONLINE
3
All Unique Selectors Found From Both Searches: <yatioo> (Known Selector
@gmail.corri<google, (New Selector) <yahocrBcookie> (New Selector)
4acebook> (New Selector)
TOP SECRETUSUIREL USA, AUS, CAN, GBR, NZL
I.
(TS1/51fiREL) Once the query finishes, look at the Equivalent IDs section and make note of any new <yahoo>, <hotnnail>, <yahooBcookie>, and <facebook> selectors and do the same process to identify additional selectors.
Equivalent IDE. 26
i 1 Page I of 1 iar FAIN Nona) Lorarl Visualize h - Soy r rE5 - Twig Enrichniriz... Wangar Nava. rapparae
1=1 Application
Entity A
& t1 > .c• Activity Entity B
WWI
z El er.."1
el".113 4 ❑ slial
5 ❑ 0.10
6 El: EMall
7 ❑
Emal
8 M erwt3i
1-1 1,1
LO El 0431
I] la-um
12 ❑
IEI451
L5 ❑ elcla i
Atagn5i.cor cCrocke:. ,
-r-Va/Dcrnal.cam<CPEr.cde)
weitrol-vAnqIcagic>
alirrga-C.?Ir':i1W9leCP
Egicrnal.t.arr.qpcoe>
ncrinad_cm-no3 cie5.
@Tr.-34. or. ,croe.> i .yerk..>
Jicram.i.o.r.--ccrcogle>
cEnzebgck.:-
Klynal.t6eteigl*:,
'kacrt.M-"+"*E6Itt)
has cIG6o, Fh6#
has d5ciay na74
di§cgay naml
hos &Oay Ramo
1 1...4V4rf
has at
has de.fday wa=ll
hes display name
ha af•rd
hcr-, pi
rew.serre.....th
hexaked
d
New Facebook Selector I
t AFAI
-ckste balk
-''.0111116411411 cir'e-Suc*
IIMI=III_Vxyroilk.
12 SPIEG EL ONLINE
Search 41uAkye Llser..Ma once (Federated:I)
41 1_1 RiCenit
UserPteseritn
F•rtlif&tecl)
MGCI-IQ Presence Viant liry JP Arklre
%Wall P.Parfe.
31,101Calga;
Start Oath.
Reskrid Lard Nike. Only;
Pactback ID
End Due; 20130401 201=19 013:130;03 M:55:551 C•ays
Mutant Broth. Clutionis
Endur&I"PL2111 1;1.1:kW1 TOW!
INehgethea Roe;
trinigence 'taint ta-am:
I I Stant
If you have OVSC1700, check this box to search GCHQ databases
516E41" Dei•elr_prrelt
open mew lAirclatkk 1;71
TOP SECRETUSHIREL USA, AUS, CAN, GBR, NZL
1 (TS/./SIIIIREL) Once you have a list of your selector(s), you will want to look at each one
separately to check for the likelihood of successfully exploiting your target via NSA QUANTUM. We are checking to see if the target itself is seen at US- and if it is active.
2 (TS/./SIIIREL) First we want to run a Marina Active User/Presence (Federated) search on
<facebook> for the past 14 days.
E•Gci-iQ i'p;*EventINEiFii tG iFi4
9 _J.Arich:ry Saliketers
2r l_iEkUNS &Ad O. R. to °wear IEF Erman e I LcftrT
_40 Chartr
Li Kris diertn• KNOW. ENtfakklahl I WertlFler 11-1).1i 0 I:; PSC Faceboulc
I :Prtildo
• (c•Wilikkllij Quick ANC •- •••• • • •• - • - k•••••clars sepreroet1 tae.nee eircl ist wee
!...! SptrklePcm
• ..:'Uste ActlxIte (SelectorAdentker A.
enable Any Poelm!
Autlipinit-v Filters
Add Rearcrwer
Autlalty
_ wirkichba.
.. ,faichU;hogi
V
13 SP I EGEL ONLINE
) TOP SECRETBSIBREL USA, AUSI CAN, GBR, NZL
(TSI/SIIIIREL) You will either have results or not have results. The key is to look at the SIGAD for the results and if the SIGAD is capable of doing QUANTUM then you most likely have a vulnerable target! To check for SIGADs that NSA and GCHQ QUANTUM can target, type GO QUANTUM in your browser. If GCHQ QUANTUM is needed, then work with your IR&T Analyst to follow the appropriate steps on the wiki to set up a PAP.
(TSIISIIIREL) You will want to look at the Marina results and make note of the most frequent SIGAD/IP CIDR for each Active User/Presence (Federated) query
1) Selector a) SIGAD
b) Active User IP cop - The CDR will be added to the TLN's Whitelist.
-A TLN's Whitelist is a list containing the IF CIDRs your target uses. It is where the
FOXACO server will only continue with exploitation if the external IP Address of the targetiredirection is on the Whitelist for the TLN your R&T Analyst requests.
14 SPIEGEL ONLINE
tL U11:21 2
Activity
Tasked fur Survey
Technique; Q UAPITUIMNATIONfr.
Tasked: 2013 -Jan-29
Last Attempt: 2013-Fib-19 (success.)
TOP SECRETPCOMINTM E I- TO USA, FVEY
Is My Selector Tasked for UANTUM?
If you sent your IT ana yst a selector to task for QUANTUMTHEORY and you want to see if it has been tasked yet, you can enter the selector in Target Profiler and if you see "tasked for survey" and the Technique to be QUANTUMTHEORY or QUANTUMNATION then it is tasked! You can also see when the last FOXACID redirection took place.
<yahoo> r.
P-aked
Tasked for Survey
Technique: VIATITUMTHEORY
saikedi 21912-1;41-26
Teri Last Attempts 21013-Ma r • 01 Owl) °Mai
Cia tasked
C
Ta
O F O I
• v<yahoo> Sena erodif 1013-P i•-U1 11:11:2; 1 Er
for siarq e y
A ethritY
TOP SECR ET/TCOMINTM E TO USA, EVE Y
16 SPIEGEL ONLINE
<facebook> retlil.tervti 21131a-Fliti-22_13:5).::() 4 IT
ea • YUlnerabIlttles
V.0 ' Vuirrarabie log Owenturn 0(12 davi ego) Urner PkgentFrilyzill1415.11) (iPad; CPU CS 5_0_1 roc... K) ApplaWr6Ki16/5a4.46 OKI-MAL irk ■ ciihrclg) Vftrzi.orLi5,1 Whabilmi54405
f r 7 4
TOP SECRETIICOMINTMEL TO USA, FVEY
UANTUMNATION QUANTUMNATION use new TAO CNE tradecraft and automation to drive broad scale initial access, specifically an SSG cloud-analytic to identify selectors in SSA] passive collection that are viable for end-point access, and the use of lightweight CNE implants to obtain initial access and survey data delivered to the TOPI offices via corporate SIGINT repositories. For More Information on QUANTUMNATION check the QUANTUMNATION wiki page
Target Profiler now shows if a selector is vulnerable to a QUANTUM exploit. If your target is valid for QUANTLIMNATION, A "Vulnerable" link in Target Profiler will appear. Simply click the link that sends an email to request QUANTUMNATlON tasking.
Note: QUANTUMNATION and standard QUANTUM tasking results in the same exploitation technique, The main difference is QUANTLIMNATION deploys a stage 0 implant and is able to be submitted by the TOPI. Any ios device will always get VALIDATOR deployed.
TOP SECRUilCOMINT,NREL TO USA, EVE Y
17 SPIEGEL ONLINE
TOP SECRETUSUIREL USA, AUS, CAN, GBIR, NZL
(TSI/SIUREL) Once you have a selector, SIGAD, and IP CIDR, you are ready to start the process for a FOXACID TLN and Tag request.
4 (TSIISII/REL) Depending on the teams, either an IREET analyst or the Branch Chief can create a TLN (Twisty Lobby Number), Contact your Branch Chief for information on creating a TLN for each selector you want to target,
(TSIISIOREL) Note: You will need 1 TLN and 1 FOXACID Tag per selector you task with QUANTUM.
lB SPI EG EL ONLINE
TOP SECRET/IV/MEL USA, AUS, CAN, GBR, NZL
Step 8: (TV/SI/MEL) Once you have a TLN, you will need to submit a FORA ID Tag request. (TV/SI/MEL) Go to titcpE:( nsalcgi pint and fill out the appropriate information in the top and within the body of the ticket update this information accordingly. Here is an example:
CT or Non-CT Non-CT Second Party/Partnering: No countryIRegigniType: in=m
RSA Target: No Type of Op: QUANTUM
WPTT: No Project Name;
TLN 12345 Insert Your TLN
IP Range: "1 Insert Your Active User IP CIOR WHITELIST
MAC Addresses' Unknown
Payload Requested: Val Start Date: 20130401 POC
IvISQ Support: No
19 SPI EG EL ONLINE
TOP SECRETHSUIREL USA, AUS, CAN, GBR, NZL
(1Si/81/MEL) Once the ticket is completed, you will receive an email with the FOXACID Tag for your TLN.
4 (T51/SUIREL) Go to hops:// .nsa.ic.gov, fEndex.php and fill out the appropriate information in the form to task your selector and tag for QUANTUM,
4 (T51/SUIREL) Once your selector is tasked for QUANTUM you will see the status changed to complete.
(TS//31/1REL) The last step it to monitor the TLN in FOISEARCH https:h .nsa - :ir to look for redirections and update the plugins or WHITELIST if needed.
(TsiisiIIREL) De-task your QUANTUM request when you hook your target]
20 SPIEGEL ONLINE