[Tor-BSD] New: DNS hijacking Old: Re: NYCBUG1 earns a T-shirt!

nanotek nanotek at bsdbox.co
Thu Dec 12 11:07:33 EST 2013

On 13/12/2013 3:02 AM, George Rosamond wrote:
> offlist again ;)
> reply below..
> nanotek:
>> On 13/12/2013 2:52 AM, George Rosamond wrote:
>>> Kyle Isom:
>>>> On 12/12/13 01:15, nanotek wrote:
>>>>> I'm hesitant to upgrade now, though, as the relay is up and running
>>>>> without a problem.
>>>> This is a case where you *really* do want to upgrade. There were several
>>>> major things fixed in the latest version; the latest version that was
>>>> released last night is largely the same as devel version in the repo.
>>> He is actually running the latest Tor in FreeBSD ports... just not
>>> tor-devel.
>>> But the Tor tarballs are now at for stable and for
>>> alpha/devel.
>>> Both ports should be updated soon... but OTOH, I do recommend running
>>> tor-devel out of FreeBSD ports.  It's in alpha/devel that the itches
>>> seem to be scratched first, and for years, I've never had an issue
>>> running that branch.
>>> But quick primer on installing a newer Tor before the FreeBSD ports are
>>> updated.
>>> 1.  Download the "Source Tarball" from the extended downloads list from
>>> the Tor www site and dump into /usr/ports/distfiles
>>> 2.  Edit the appropriate Makefile for the new version on the
>>> DISTVERSION= line.
>>> 3.  from the port directory, run: make makesum
>>> 4.  Deinstall and reinstall with new version.  Seems that when you
>>> uninstall it now, the daemon actually stops and needs to be manually
>>> restarted after it's been reinstalled.
>>> g
>>> _______________________________________________
>>> A list focused on porting and running Tor software on *BSD Unix
>>> Tor-BSD mailing list
>>> Tor-BSD at nycbug.org
>>> http://www.nycbug.org/mailman/listinfo/tor-bsd
>> Thanks, George. I appreciate the advice. Out of interest, am I posing a
>> security risk to others by running the version I currently am? I don't
>> run Tor as a client on my server at all. Only on Win7 where I have the
>> latest release; so, I'm assuming I'm as protected as the current version
>> of Tor affords. But, I do care about the level of security I'm providing
>> my relay users.
> I don't think there's a specific vulnerability with that version, and it
> is the most recent version at this second in FreeBSD ports, but since
> anonymity online is such a psychotic arms race, it's a good idea to keep
> as current as possible.
> g

True. In light of Eitan's email, I think I'll give it a week to see if 
the maintainer updates the latest release in /tor-devel. If not, I'll 
update myself from the source tarball. I'm relatively new to FreeBSD and 
don't want to make things harder than they need to be. Although, your 
instructions are very precise -- it would be hard to mess up.

nanotek at bsdbox.co

More information about the Tor-BSD mailing list