[Tor-BSD] New: DNS hijacking Old: Re: NYCBUG1 earns a T-shirt!

George Rosamond george at ceetonetechnology.com
Thu Dec 12 14:30:56 EST 2013


nanotek:
> On 13/12/2013 3:02 AM, George Rosamond wrote:
>> offlist again ;)
>>
>> reply below..
>>
>> nanotek:
>>> On 13/12/2013 2:52 AM, George Rosamond wrote:
>>>> Kyle Isom:
>>>>> On 12/12/13 01:15, nanotek wrote:
>>>>>> I'm hesitant to upgrade now, though, as the relay is up and running
>>>>>> without a problem.
>>>>>>
>>>>> This is a case where you *really* do want to upgrade. There were
>>>>> several
>>>>> major things fixed in the latest version; the latest version that was
>>>>> released last night is largely the same as devel version in the repo.
>>>>
>>>> He is actually running the latest Tor in FreeBSD ports... just not
>>>> tor-devel.
>>>>
>>>> But the Tor tarballs are now at 0.2.4.19 for stable and 0.2.5.1 for
>>>> alpha/devel.
>>>>
>>>> Both ports should be updated soon... but OTOH, I do recommend running
>>>> tor-devel out of FreeBSD ports.  It's in alpha/devel that the itches
>>>> seem to be scratched first, and for years, I've never had an issue
>>>> running that branch.
>>>>
>>>> But quick primer on installing a newer Tor before the FreeBSD ports are
>>>> updated.
>>>>
>>>> 1.  Download the "Source Tarball" from the extended downloads list from
>>>> the Tor www site and dump into /usr/ports/distfiles
>>>>
>>>> 2.  Edit the appropriate Makefile for the new version on the
>>>> DISTVERSION= line.
>>>>
>>>> 3.  from the port directory, run: make makesum
>>>>
>>>> 4.  Deinstall and reinstall with new version.  Seems that when you
>>>> uninstall it now, the daemon actually stops and needs to be manually
>>>> restarted after it's been reinstalled.
>>>>
>>>> g
>>>> _______________________________________________
>>>> A list focused on porting and running Tor software on *BSD Unix
>>>> Tor-BSD mailing list
>>>> Tor-BSD at nycbug.org
>>>> http://www.nycbug.org/mailman/listinfo/tor-bsd
>>>>
>>>
>>> Thanks, George. I appreciate the advice. Out of interest, am I posing a
>>> security risk to others by running the version I currently am? I don't
>>> run Tor as a client on my server at all. Only on Win7 where I have the
>>> latest release; so, I'm assuming I'm as protected as the current version
>>> of Tor affords. But, I do care about the level of security I'm providing
>>> my relay users.
>>>
>>
>> I don't think there's a specific vulnerability with that version, and it
>> is the most recent version at this second in FreeBSD ports, but since
>> anonymity online is such a psychotic arms race, it's a good idea to keep
>> as current as possible.
>>
>> g
>>
> 
> True. In light of Eitan's email, I think I'll give it a week to see if
> the maintainer updates the latest release in /tor-devel. If not, I'll
> update myself from the source tarball. I'm relatively new to FreeBSD and
> don't want to make things harder than they need to be. Although, your
> instructions are very precise -- it would be hard to mess up.
> 

bf@ is on this list IIRC, and not just because bf@ is, but s/he is very
quick in updating the ports.... so don't sweat it!

Go with the current tor-devel.. you'll be fine.

g



More information about the Tor-BSD mailing list