Differences

This shows you the differences between two versions of the page.

--- namespaces [2024-04-14 19:33] – 105.112.17.95
+++ namespaces [2024-05-15 10:24] (current) – [Referring Images] 217.70.164.142
@@ Line 1: / Line 1: @@
-====== Malware Analysis Methodologies ======
+===== Creating Namespaces =====
-==== Introduction ====
+You don't need to create namespaces separately; simply create pages with colons in the [[pagename]].
+The token after the last colon will be the name of the page itself, while all other tokens are namespaces.
+All namespaces used in your pagename that don't exist already will be created by DokuWiki automatically.
-Malware analysis methodologies involve systematic approaches to understanding the behavior, purpose, and impact of malicious software (malware), like viruses, worms, Trojans, and ransomware. It is like dissecting malware samples to reveal their inner workings and uncovering their intended targets and actions. Here’s an outline of a typical methodology, which is often refined and adapted based on the specific goals of the analysis and the type of malware being examined;
+A namespace can be created in the media manager after having selected a file on the local computer and adding a ''name:'' (of namespace wanted) just before the media file name and then clicking ''upload''. This will create on the fly the namespace (folder) for the file media, visible after a refresh of the windows.
-. **Preparation**;
+In DokuWiki, pages are created as in every other wiki. Simply create a link to a non existing page, follow this link, and click on Create this page. See also [[.:page#create_a_page|Adding pages]].
-   - **Define Objectives**: We need to determine the goals of the analysis, such as identifying the malware's functionality, origins, propagation methods, or potential countermeasures.\\
-   - **Establish Environment**: We need to set up a controlled and isolated environment for analysis, such as a virtual machine or a dedicated sandbox, to prevent the malware from affecting our production systems.
-. **Static Analysis**:
+^  Examples:                                                                                                                                                                                                                                                                                                                                                                      ||
-   - **File Identification**: We have to identify the malware file(s) under investigation, which could be an executable, document, script, or other forms of malicious code.\\
+| example\\ .example\\ .:example          | refers to the page "example" in the **current** namespace.                                                                                                                                                                                                                                                                             |
-   - **File Metadata**: We then need to extract metadata such as file size, creation/modification timestamps, digital signatures, and embedded resources to gather initial insights.\\
+| :example                                | refers to the page "example" in the **root** namespace.                                                                                                                                                                                                                                                                                |
-   - **Hashing and Signature Matching**: We generate file hashes next and compare them against known malware signatures to determine if the file is already documented as malicious.\\
+| ..example\\ ..:example\\ .:..:example   | refers to the page "example" in the **parent** namespace                                                                                                                                                                                                                                                                               |
-   - **File Structure Analysis**: After that, we examine the structure of the file, including headers, sections, and embedded components, to understand its internal organization.\\
+| wiki:example                            | refers to the page "example" in the namespace "wiki". The namespace "wiki" is located **beneath the root** namespace.                                                                                                                                                                                                                  |
-   - **String Analysis**: We then extract and analyze strings within the file, including plaintext strings, encoded/encrypted data, URLs, and API function calls, for potential indicators of malicious behavior.\\
+| ns1:ns2:example\\ :ns1:ns2:example      | refers to the page "example" in the namespace ns2. The namespace ns2 is located beneath the namespace ns1; the namespace ns1 is located **beneath the root** namespace.                                                                                                                                                                |
-   - **Code Disassembly/Decompilation**: Lastly, we disassemble or decompile the executable code to analyze the assembly language or high-level code, respectively, for suspicious or malicious instructions.
+| .ns1:ns2:example\\ .:ns1:ns2:example    | refers to the page "example" in the namespace ns2. The namespace ns2 is located beneath the namespace ns1; the namespace ns1 is located **beneath the current** namespace.                                                                                                                                                             |
+| ..ns1:ns2:example\\ ..:ns1:ns2:example  | refers to the page "example" in the namespace ns2. The namespace ns2 is located beneath the namespace ns1; the namespace ns1 is located **beside the current** namespace (i.e. both ns1 and the current namespace are beneath the same parent namespace, wherever according to the root namespace this parent may be located itself).  |
+| .ns1:ns2:\\ .:ns1:ns2:                  | refers to start page of the namespace ns2. The namespace ns2 is located beneath the namespace ns1; the namespace ns1 is located beneath the current namespace.\\ \\ Please refer to [[#Namespace Default Linking]] below how the start page is determined |
+| ~example\\ ~:example                    | refers to the page "example", using the current page as a namespace. Eg. if used on the page "foo:bar", the link will refer to "foo:bar:example". This is an effective way of creating sub-namespaces from existing pages.                                                                                                             |
+:!: Gotcha: The syntax for relative and absolute internal links is non-unique and complex relative to directory and filename conventions.
+Links are absolute if and only if they have a ":" prefix or have no prefix but do have intermediate (or suffix) ":"
+Links relative to the current namespace may also begin with either "." or ".:" (".." or "..:" for parent namespace).
+===== Referring Images =====
+Regarding referring of namespaces, images and other media files are handled like wiki pages. That means, the following refers to an image that belongs to the current namespace:
+<code>
+{{image.jpg}}
+</code>
+===== Deleting namespaces =====
+When all pages inside a namespace are removed (see [[page#delete_a_page|delete a page]]) the namespace logically doesn’t exist anymore. DokuWiki usually deletes the now empty directory as well.
+===== How  to rename namespaces? =====
+==== Manual way ====
+In order to rename a namespace manually you will have to:
+  * Rename the folders that represent the namespace in:
+    * ''data/pages''
+    * ''data/media'' (if this exists)
+  * Remove metadata for the namespace under ''data/meta''
+  * Remove attic data for the namespace under ''data/attic'' (or move that over as well, if you want to preserve old versions)
+For example, on a Unix host, you could:
+  * ''mv /dokuwiki_base/data/pages/old_namespace /dokuwiki_base/data/pages/new_namespace''
+  * ''mv /dokuwiki_base/data/media/old_namespace /dokuwiki_base/data/media/new_namespace''
+  * ''rm -Rf /dokuwiki_base/data/meta/old_namespace''
+  * move: ''mv /dokuwiki_base/data/attic/old_namespace /dokuwiki_base/data/attic/new_namespace'' \\ or remove: ''rm -Rf /dokuwiki_base/data/attic/old_namespace''
+Note that the ''old_namespace'' and/or ''new_namespace'' words may need to be encoded if they are on a non-Latin character set (i.e. Greek, Russian, etc).
+  * Correct (by editing them) all the links to the pages under the //moved// namespace (you can discover those before moving the namespace by reviewing each page's [[backlinks]]).
+  * Browse each and every page under the new namespace. This will create the missing indexing information and metadata for the pages under the moved namespace.
+However, you will still have lots of junk left around. For example in ''data/changes.log'', various files under cache (including the ''.idx'' files etc). If possible you could just start from a ''blank state'' as follows (again under Unix) but be warned that this will mean losing all your historical information (i.e. ''recent changes''):
+  * ''cat /dev/null > /dokuwiki_base/data/changes.log''
+  * ''rm -Rf /dokuwiki_base/data/attic/*''
+  * ''rm -Rf /dokuwiki_base/data/cache/?''
+  * ''rm -Rf /dokuwiki_base/data/cache/*.idx''
+  * ''rm -Rf /dokuwiki_base/data/cache/purgefile''
+  * Browse each and every page of your Wiki.
+DISCLAIMER: I understand this is convoluted (and maybe I missed/messed a couple of things you should also do). All in all this is a PITA. You may also use a couple of [[plugins]] that are available for (re)building the searchindex for the complete wiki, erasing entire cache and/or old wiki revisions thus avoiding having to do this manually.
+===== Namespace Default Linking =====
+It is possible to link to the default page of a namespace by ending the linkid
+with a colon: ''%%[[foo:bar:]]%%''. Which page the link links to is dependent on the
+existence of certain named files. For ''%%[[foo:bar:]]%%'' the following pages are
+checked:
+<code>
+foo:bar:$conf['start']
+foo:bar:bar
+foo:bar
+</code>
+The pages are checked in that order and whatever page is found first will be linked to. [[config:autoplural|Autoplural]] linking is not done for those links.
+See [[config:startpage]] to learn about configuring the startpage name (defaults to ''start'').