[Tor-BSD] New: DNS hijacking Old: Re: NYCBUG1 earns a T-shirt!
nanotek at bsdbox.co
Thu Dec 12 11:07:33 EST 2013
On 13/12/2013 3:02 AM, George Rosamond wrote:
> offlist again ;)
> reply below..
>> On 13/12/2013 2:52 AM, George Rosamond wrote:
>>> Kyle Isom:
>>>> On 12/12/13 01:15, nanotek wrote:
>>>>> I'm hesitant to upgrade now, though, as the relay is up and running
>>>>> without a problem.
>>>> This is a case where you *really* do want to upgrade. There were several
>>>> major things fixed in the latest version; the latest version that was
>>>> released last night is largely the same as devel version in the repo.
>>> He is actually running the latest Tor in FreeBSD ports... just not
>>> But the Tor tarballs are now at 0.2.4.19 for stable and 0.2.5.1 for
>>> Both ports should be updated soon... but OTOH, I do recommend running
>>> tor-devel out of FreeBSD ports. It's in alpha/devel that the itches
>>> seem to be scratched first, and for years, I've never had an issue
>>> running that branch.
>>> But quick primer on installing a newer Tor before the FreeBSD ports are
>>> 1. Download the "Source Tarball" from the extended downloads list from
>>> the Tor www site and dump into /usr/ports/distfiles
>>> 2. Edit the appropriate Makefile for the new version on the
>>> DISTVERSION= line.
>>> 3. from the port directory, run: make makesum
>>> 4. Deinstall and reinstall with new version. Seems that when you
>>> uninstall it now, the daemon actually stops and needs to be manually
>>> restarted after it's been reinstalled.
>>> A list focused on porting and running Tor software on *BSD Unix
>>> Tor-BSD mailing list
>>> Tor-BSD at nycbug.org
>> Thanks, George. I appreciate the advice. Out of interest, am I posing a
>> security risk to others by running the version I currently am? I don't
>> run Tor as a client on my server at all. Only on Win7 where I have the
>> latest release; so, I'm assuming I'm as protected as the current version
>> of Tor affords. But, I do care about the level of security I'm providing
>> my relay users.
> I don't think there's a specific vulnerability with that version, and it
> is the most recent version at this second in FreeBSD ports, but since
> anonymity online is such a psychotic arms race, it's a good idea to keep
> as current as possible.
True. In light of Eitan's email, I think I'll give it a week to see if
the maintainer updates the latest release in /tor-devel. If not, I'll
update myself from the source tarball. I'm relatively new to FreeBSD and
don't want to make things harder than they need to be. Although, your
instructions are very precise -- it would be hard to mess up.
nanotek at bsdbox.co
More information about the Tor-BSD