CTAS

Commercial Transform Application Server

A private CTAS server allows you to host all Paterva’s OSINT
transforms from within your organization.

What is CTAS?

CTAS stands for Commercial Transform Application Server and is almost an exact copy of Paterva’s public CTAS except it can be hosted internally within your organisation. This means you can run all Paterva’s standard OSINT transforms without having your requests going over Paterva’s infrastructure.

The CTAS server includes transforms for gathering OSINT from common sources on the Internet which includes querying DNS servers, search engines, social networks, various APIs and other sources. A full list of the transforms that are included with CTAS can be found in our transform guide here.

Why use a private CTAS?

Out-of-the-box Maltego clients use Paterva’s public CTAS server to run transforms that are located on the Internet and used by other Maltego users. A private CTAS is for customers performing sensitive investigations – when they want to keep their transform requests private. Although Paterva will never log the questions asked or their answers when a transform query is run on our public server some customers still prefer the peace of mind provided by hosting their own copy of our CTAS. You can see what is logged when a transform is run on Paterva's public transform servers here.

A private CTAS also includes a management console where the server status can be viewed as well as other basic server configurations can be performed.

Technical Details

  • CTAS is delivered as a VMware image in OVF format. If you want to use the image with other virtual machine providers you’ll need to convert it using the respective converters.
  • The server is delivered as a virtual image that is downloaded and no hardware is included.
  • The server is (currently) built on a Ubuntu LTS 14.04.01 base. This image will need to be replaced with a new image when long term support for this server ends. This is currently scheduled for April 2019.
  • The search engine transforms (*_SE) use the Bing Web-Search API. This is a paid-for service that is priced (by Microsoft) according to use. Server administrators should apply for their own API keys as these are not included in the default server image.

  • Hardware Requirements:
    • The virtual server requires at least 2GB of RAM, but the more the merrier (as this is a 32 bit server more than 4GB of RAM would be an overkill).
    • Any modern multi-core processor will have more than enough processing power.
    • 25GB of hard drive space should be more than enough.

  • Network Requirements:
    • CTAS needs to have Internet access as the transforms running on the server will need to make connections to various online services.
    • CTAS needs the following outgoing ports to be open: 80, 443, 25, 53 and 3306. This list will increase in the future as more transforms are created and we recommend that you do not limit the server from making outgoing connections to the Internet.
    • Incoming connections need only to be on TCP ports 80, 443, 8081 and from the various clients IP addresses that wish to use the server.