A CTAS is a special server that host all Paterva’s OSINT transforms and executes them when requested by Maltego Desktop Client.
CTAS stands for Commercial Transform Application Server.
The CTAS server includes transforms for gathering OSINT from common sources on the Internet which includes querying DNS servers, search engines, social networks, various APIs and other sources. A full list of the transforms that are included with CTAS can be found in our transform guide here.
A private CTAS allows you to host all Paterva’s OSINT
transforms from within your organization.
CTAS is almost an exact copy of Paterva’s public CTAS except it can be hosted internally within your organisation. This means you can run all Paterva’s standard OSINT transforms without having your requests going over Paterva’s infrastructure.
Why use a private CTAS?
Out-of-the-box Maltego clients use Paterva’s public CTAS server to run transforms that are located on the Internet and used by other Maltego users. A private CTAS is for customers performing sensitive investigations – when they want to keep their transform requests private. Although Paterva will never log the questions asked or their answers when a transform query is run on our public server some customers still prefer the peace of mind provided by hosting their own copy of our CTAS. You can see what is logged when a transform is run on Paterva's public transform servers here.
A private CTAS also includes a management console where the server status can be viewed as well as other basic server configurations can be performed.
- CTAS is now delivered as a docker image or a VM image in OVA format pre-installed with docker images. If you want to use the image with other virtual machine providers you’ll need to convert it using the respective converters.
- The server is delivered as a virtual format that is downloaded on to a computer and no hardware is included.
- The server is (currently) built on a Ubuntu LTS 16.04 base. This image will need to be replaced with a new image when long term support for this server ends. This is currently scheduled for April 2019.
- The search engine transforms use the Bing Web-Search API & IBM transforms use IBM Watson API. These are paid-for services that are priced (by Microsoft & IBM) according to use. Server administrators should apply for their own API keys as these are not included in the default server image.
- Hardware Requirements:
- The virtual server requires at least 2GB of RAM, but the more the merrier.
- Any modern multi-core processor will have more than enough processing power.
- 25GB of hard drive space should be more than enough.
- Network Requirements:
- CTAS needs to have Internet access as the transforms running on the server will need to make connections to various online services.
- CTAS needs the following outgoing ports to be open: 80, 443, 25, 53 and 3306. This list will increase in the future as more transforms are created and we recommend that you do not limit the server from making outgoing connections to the Internet.
- Incoming connections need only to be on TCP ports 443, 8081 and from the various clients IP addresses that wish to use the server.