Comments (5)
cvandeplas
commented on May 30, 2024
It's excellent if your Plume is running correctly. That indicates all dependencies and so on are fine.
When running as remote transform (like you plan to do) configuration wise the misp_url, and apikey are set in the Maltego client.
You could choose to change this behaviour, and set the variables in the [MISP_maltego.remote] section of the MISP_maltego.conf file so that all users connect with the parameters you have set. If you wish to do so you will need to do a minor patch in util.py#L82. It's only a few lines of code, so no rocket science, a pull-request is welcome.
When making those changes, you will need to restart plume.
Last, but not least, you will have to configure everything too, on your private CTAS. I would recommend you to look at Paterva's documentation on how to do so.
What I did (for the public transforms hosted in the transform hub)
- Paired Configurations: 1 (see here for my notes)
- Entities: 7
- Transform Settings: 2 (except if you choose to patch the code and provide server-side config support)
- Transforms: 14
- Seeds: 1
Then configure the seed in Maltego.
Here are some screenshots of my configuration for the transform hub transforms:
When all is configured:
from misp-maltego.
netmg
commented on May 30, 2024
Thank you Christophe for all the details above - very helpful!
I did follow the notes in here but I must have missed a step on the iTDS server admin page. Based on your screen shots and comments above, I'll revisit my path. It's probably something simple (e.g. connecting the seed to the config name maybe?)
I was starting to believe that I needed to add the transforms manually, but that doesn't appear to be the case if I do this correctly.
Thanks again - will update here with progress.
from misp-maltego.
cvandeplas
commented on May 30, 2024
Afaik it's manual, but for more info you best liaise with Paterva support.
from misp-maltego.
netmg
commented on May 30, 2024
I was able to get this working with your help above. Part of the effort included co-locating the MISP-maltego container alongside the Maltego iTDS and MISP containers, so we could avoid tweaking Maltego-provided yaml files. In the future, we don't have to worry about merging our changes into updated configs from them. (It also has the added benefits of all traffic remaining on-host between them, on a private docker network and references to container names vs. hosts or IP's - nice for trans-portability between platforms).
We are still contemplating which way we will deploy MISP keys (each desktop providing their own, or a single one inside the container). If we decide to centralize, I'll provide an update and PR for you.
Thank you for your time - both in supporting us, and in developing this tool!
from misp-maltego.
cvandeplas
commented on May 30, 2024
Thank you for the update !
from misp-maltego.
Related Issues (20)
- Local MISP sends an error message to Maltego client HOT 11
- MISP ask for URL and Server on Maltego HOT 1
- How to add local Transforms to an Windows XXL Maltego Client HOT 3
- MISP_maltego is no connecting. HOT 5
- Meltago to MISP server not connecting HOT 5
- MISP-Maltego locally installed HOT 7
- Transform Execution Failed HOT 2
- Cannot Connect to MISP server HOT 3
- affiliation facebook HOT 2
- Who to contact for security issues HOT 1
- port supported in URL in MISP_maltego.conf? HOT 10
- externalize timeouts? HOT 6
- ERROR
- error: Setup script exited with error in safedexml setup command: use_2to3 is invalid. HOT 3
- ImportError: cannot import name 'Iterable' from 'collections' (/usr/lib/python3.10/collections/__init__.py)
- Maltego transform fails to run HOT 1
- cannot import misp-maltego package
- AttributeError: type object 'meta' has no attribute 'namespace' in safedexml packages HOT 2
- ToTags returns error: TypeError: 'NoneType' object is not subscriptable (from entity )
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from misp-maltego.