An iTDS allows you to easily manage and distribute custom Maltego transforms and settings from a central location within your organization.
TDS stands for Transform Distribution Server.
The server has a web front-end and gives you the ability to manage, share and distribute custom-built transforms from a central point within your organisation.
Public vs. internal TDS
The public TDS is located on the Internet and is free for all to use. It’s a convenient way to immediately start writing remote transforms. Since this server is located on Paterva’s infrastructure data will be flowing from the Maltego GUI to this server and finally to your transform code hosted on a web server of your choice. The server interface can be reached here.
For those dealing with sensitive internal data that cannot go over the Internet or over Paterva’s infrastructure we offer the (i)nternal TDS. The iTDS provide the same functionality as Paterva’s public TDS however it can be hosted internally on your own infrastructure.
What does an iTDS do?
An iTDS allows you to combine Maltego transforms, entities, machines, views and their configurations into a single item that can be distributed and installed by different Maltego users. This makes it easy to share custom transforms and configurations amongst a team of analysts or, should you choose so, with the rest of the world. The iTDS is configured and managed using a web-interface.
From the iTDS web-interface you can manage the following:
- Transforms - Manage custom Maltego transforms as well as their settings and properties.
- Seeds - Manage the seeds on the iTDS, specifically their names, URLs and which transforms and configurations they hold.
- Transform Settings - Manage the transform settings available to the various transforms.
- OAuth Settings - Manage the OAuth settings available to various transforms.
- Entity Management - Manage custom entities available to transforms.
- Paired Configurations - Manage the transform configurations sent to Maltego clients when a seed is installed. Paired configurations can include custom entities, transform sets, machines and managed services.
- Backups - Perform a backup to restore these transforms and settings for your iTDS.
Who is an iTDS for?
An iTDS will be useful to anyone who wants to integrate their data into Maltego by building custom Maltego transforms. An iTDS allows you to easily share the transforms you build amongst a team of Maltego users. This server should be useful to those who want to distribute their internal transforms to teams within their organization as well as to users who want to make their transforms available to the public on the Maltego Transform Hub.
How does iTDS work?
The easiest way to think of an iTDS is as a proxy for transforms. When executing an iTDS transform the Maltego client will make a request to the iTDS server with the transform name requested, transform seed and input entity. The iTDS will then look up that transform (within that transform seed) to find the target script and essentially 'proxy' the request to the end-point.
An iTDS is only used to manage and distribute your transforms and their configurations. The actual transform code is hosted on another web server which is also hosted by the end-user. For detailed documentation on configuring an iTDS please visit our Developer Portal.
- An iTDS is now delivered as a docker image or a VM image in OVA format pre-configured with iTDS docker container. If you want to use the image with other virtual machine providers you’ll need to convert it using the respective converters.
- The server is delivered as a virtual format that is downloaded on to a computer and no hardware is included.
- The server is built on an Ubuntu LTS 18.04 base.
- Hardware Requirements:
- The virtual server requires at least 2GB of RAM, but the more the merrier.
- Any modern multi-core processor will have more than enough processing power.
- 25GB of hard drive space should be more than enough.
- Network Requirements:
- All outgoing connections that the iTDS requires will depend on where the transforms that it is configured to call are located.
- Incoming connections need only to be on TCP ports 443, 8081 and from the various clients IP addresses that wish to use the server.