pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/tor As suggested by Steven M. Bellovin:
details: https://anonhg.NetBSD.org/pkgsrc/rev/ea13ded2d8d6
branches: trunk
changeset: 506469:ea13ded2d8d6
user: jschauma <jschauma%pkgsrc.org@localhost>
date: Mon Jan 16 16:52:31 2006 +0000
description:
As suggested by Steven M. Bellovin:
Add a note reminding users to manually set up EntryNodes in order to
prevent an information disclosure vulnerability in this version of tor.
diffstat:
net/tor/MESSAGE | 18 +++++++++++++++++-
1 files changed, 17 insertions(+), 1 deletions(-)
diffs (30 lines):
diff -r c7a6afa48a5c -r ea13ded2d8d6 net/tor/MESSAGE
--- a/net/tor/MESSAGE Mon Jan 16 15:18:06 2006 +0000
+++ b/net/tor/MESSAGE Mon Jan 16 16:52:31 2006 +0000
@@ -1,5 +1,5 @@
===========================================================================
-$NetBSD: MESSAGE,v 1.2 2005/08/04 10:55:31 drochner Exp $
+$NetBSD: MESSAGE,v 1.3 2006/01/16 16:52:31 jschauma Exp $
You probably want to install www/privoxy to torify your browsers. Please
see http://tor.eff.org/cvs/tor/doc/tor-doc.html for details.
@@ -13,3 +13,19 @@
http://wiki.noreply.org/wiki/TheOnionRouter/TorInChroot
===========================================================================
+
+Security Note:
+
+If you offer a Tor hidden service, an adversary who can run a fast Tor server
+and who knows some basic statistics can find the location of your hidden
+service in a matter of minutes to hours.
+
+See http://archives.seul.org/or/announce/Jan-2006/msg00001.html
+for details.
+
+To prevent this information disclosure, manually configure a half dozen
+EntryNodes.
+
+See http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ChooseEntryExit
+
+===========================================================================
Home |
Main Index |
Thread Index |
Old Index