Collaboration in Maltego provides the ability to share graphs and have multiple users work on a graph at the same time.
Figure 261: collaboration tab
Figure 262: Share Current Graph Button
Clicking Share Current Graph will open the Graph sharing window which consists of three tabs for setting up your shared graph sessions, namely: Session, Server and Encryption.
Figure 263: Graph sharing window – Session tab
From the Session tab, you can configure your shared graph sessions:
Session name – This is the name of the shared graph session.
Security key – This is the security key that is used to encrypt all graph traffic. Only users who have this security key will be able to join the graph. Clicking the Generate will create a random and secure session key. Generated keys will be more secure, but difficult to remember.
User Alias – this is the alias that you will be identified by in the shared graph session.
Figure 264: Session tab
Under the Server tab you will be able to configure the server that you wish to use for your shared graph session. There are three options:
Paterva (Public) – Using the Paterva’s public communication server is the easiest way to start a shared graph session in Maltego. All graph traffic will travel over a server owned by Paterva on the Internet. All graph traffic is encrypted (end-to-end) with the security key that was chosen in the previous step. The Maltego clients also communicate with the graphs server over HTTPS.
Paterva (Private) – Paterva sells copies of the communication server to customers. Allowing it to be hosted internally. This private communications server is almost an exact copy of the one that is hosted by Paterva. You will need to enter the IP address or hostname of the communications server on your network.
Other – It is also possible to run a shared graph session on your own Jabber (XMPP) server. Details on configuring your own XMPP server are beyond the scope of this user guide.
Figure 265: Encryption tab
By default, packets transferred during a shared graph session are encrypted end-to-end with AES 128 bit. To use 256 bit AES encryption JCE Unlimited Strength Jurisdiction needs to be installed on the machine running the Maltego client. JCE Unlimited Strength Jurisdiction can be downloaded from the links found in the client.
To start a new shared graph session, navigate back to the session tab and click Connect. The Maltego client will establish a connection to the communication server and then open the graph window. If a shared graph with the same session name already exists on the communications server that you are using and you enter the correct security key, then the Maltego client will join the existing shared graph session. If a shared graph with the same session name does not exist, then a new one will be created with the security key that was specified.
When you are in a shared graph session there are a few things that you will notice. On the graph title tab, shared graphs will always have their name written in aqua color. Additionally, YOUR_ALIAS@SESSION_NAME will be written in the graph’s title:
Two new windows will also be opened.
The Collaboration Session window will list all the users that are currently in the shared graph session as well as their status and the version of Maltego that they are running. Additionally, the collaboration window will list meta information about the graph session.
Figure 267: Collaboration window
Shared graph sessions are cross platform which means Maltego XL, Maltego Classic, Maltego CE and CaseFIle can all join the same shared graph. However, graph size limitations in the different clients will still apply when in a shared graph.
The Chat window will also open when a shared graph is created, it is found at the bottom of the Maltego client window tabbed next to the transform output. This Chat window allows users on the graph to communicate as well as provides status updates about what is happening on the graph.
Figure 268: Chat window
Each different type of message in the chat window has a different color. Clicking the Message filter button will open a window where you can choose which message types you want to display in the Chat window. The image below shows the types of messages that can be filtered and the color that they correspond to in the chat window:
Figure 269: Filter message types
The next button in the Chat window is used to send the graph selection link as a chat message. This will create a message with a hyper link to the selected entities on your graph. Any user that clicks the hyper link will zoom to the relevant entities.
Messages can also be typed and sent from the bottom input bar in the Chat window.
The following few sub-sections cover additional important things to know about when working with shared graphs in Maltego.
Figure 270: Entity added by Roelof
In all shared graph sessions, each entity added to the graph will have the name of the user who added it shown on the graph above the entity icon as seen in the image above.
When in a shared graph session, it is important to note that every user that in the graph has complete control to read/write to the graph. Be careful who you give the security key to for the graph.
If a single user changes the layout of a graph, then the layout will change for every user that is in the graph. However, when a user changes their view, it will only change for the person who made the change.
The communication for the shared graph session is managed with an XMPP server. None of the data for the graph is ever stored on the server, the data is stored on each client that is in the shared graph session. The graph will be available if there is at least one person with the graph open.
Under the Collaboration tab, there is a Work Offline button, clicking it will disconnect you from the shared graph but keep a copy of the shared graph in an offline window. From this offline graph, you can Reconnect to the shared graph by clicking the Reconnect button:
Figure 271: Reconnect button
The two buttons, Chat Window and Collaboration Window, will open the two respective windows in the client if they are not already open.
The Show Usernames checkbox will allow the user to toggle between showing and not showing the username above entities that are added in a shared graph session.
© Copyright 2017, Paterva PTY Limited