3 {{ upvoteCount | shortNum }}
3 {{ upvoteCount | shortNum }}

Security: Any danger with home directory being make public?

by David Maschke
2 replies
Hey guys,

I'm making a tutorial on how to set up a script.

And more specifically, right now I'm showing the reader how
to set up a cron job.

Is there any security risks in showing my full path to the home directory?

Thanks,
Dave
#danger #directory #home #make #public #security
  • Profile picture of the author Terry Crim
    You mean "/home/username" ?

    Not really, other than showing your username for your site which could save a hacker sometime by giving one of the two required bits of information to access your hosting account, FTP, email, cpanel etc...

    But without the password isn't really a concern. Most usernames are the first 4 or 5 letters of the domain name anyway so isn't a real big deal. Someone that wants into your sites will get in if they are determined enough.

    If you are concerned you can just white out that part after the screen casts are recorded in post editing. I have in the past gone so far as to replace the username via drop in image I created in a graphics program during the final editing phase.

    Many screen cast software allow you to do this AS you are recording too, white out sections.. draw on screen etc... But usually the first second or two the section you want hidden is still visible due to not catching it quick enough during recording. That is why I usually did that stuff in post editing.

    Really upto you. Just make sure the password is secure enough, over 8 characters with upper and lower case and alpha and numeric characters with special characters added too. Change the password periodically as well.

    But really, it shouldn't be an issue. Depends how paranoid you are.



    - T
    {{ DiscussionBoard.errors[5053351].message }}
  • Profile picture of the author DEaFeYe
    Banned
    [DELETED]
    {{ DiscussionBoard.errors[5053363].message }}
    • Profile picture of the author ericsouthga
      You should setup another directory to do this work in. By doing this, you can not only prevent uploads/downloads, but you can also enable tracking on the server in order to keep track of anyone (IP) that touches that directory.

      This will at least give you an idea if something is going on, or if someone is trying to do something to the area.

      Passwords?? YES, make the COMPLEX, at least 10-12 characters. If you go to at least 10-12 characters for a password, most password cracking tools will take many "man-years" to crack the password

      If you don't want to memorize a complex password, do what Microsoft says. Write the password on a credit card size of paper, no account name on the paper, and place it in your wallet. You always know where your wallet is, right?
      {{ DiscussionBoard.errors[5071577].message }}

Trending Topics