Keeping Your Network Secure A Beginners Guide

  |   By

Network security is vitally important for most business systems. Whilst email viruses and denial-of-service attacks (DoS attack) may cause us headaches on our home systems, for businesses, these sorts of attacks can cripple a network for days – costing businesses hundreds of millions each year in lost revenue.

Keeping a network secure to prevent this type of malicious attack is usually of paramount importance for network administrators, and while most invest heavily in some forms of security measures there is often vulnerabilities inadvertently left exposed.

Firewalls are the best place to begin when you are trying to develop a secure network. A firewall can be implemented in either hardware or software, or most commonly a combination of both. Firewalls are used to prevent unauthorized users from accessing private networks connected to the Internet, especially local intranets. All traffic entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified criteria.

Anti-virus software works in two ways. Firstly it acts similarly to a firewall by blocking anything that is identified in its database as possibly malicious (viruses, Trojans, spyware etc). Secondly Anti-virus software is used to detect, and remove existing malware on a network or workstation.

One of the most over-looked aspects of network security is time synchronization. Network administrators either fail to realise the importance of synchronization between all devices on a network. Failing to synchronize a network is often a common security issue. Not only can malicious users take advantage of computers running at different times but if a network is struck by an attack, identifying and rectifying the problem can be near impossible if every device is running on a different time.

Even when a network administrator is aware of the importance of time synchronization they often make a common security mistake when attempting to synchronize their network. Instead of investing in a dedicated time server that receives a secure source of UTC (Coordinated Universal Time) externally from their network using atomic clock sources like GPS, some network administrators opt to use a shortcut and use a source of Internet time.

There are two major security issues in using the Internet as a time server. Firstly, to allow the time code through the network a UDP port (123) has to be left open in the firewall. This can be taken advantage of by malicious users who can use this open port as an entrance to the network. Secondly, the inbuilt security measure used by the time protocol NTP, known as authentication, doesn’t work across the Internet which means that NTP has no guarantee the time signal is coming from where it is supposed to.

To ensure your network is secure isn’t it time you invested in an external dedicated NTP time server?

Parking Tickets and the NTP Server

  |   By

There is nothing worse than returning to your car only to discover that your parking meter time limit has expired and you’ve got a parking ticket slapped on to your windscreen.

More-often-than-not it’s only a matter of being a couple of minutes late before an over eager parking attendant spots your expired meter or ticket and issues you a fine.

However, as the people of Chicago are discovering, whilst a minute may be the difference between getting back to the car in time or receiving a ticket, a minute may also be the difference between different parking meters.

It seems the clocks on the 3000 new parking meter pay boxes in Cale, Chicago have been discovered to be unsynchronized. In fact, of the nearly 60 pay boxes observed, most are off at least a minute and in some cases, nearly 2 minutes from what is “actual” time.

This has posed a headache to the firm in charge of parking in the Cale district and they could face legal challenges from the thousands of motorists that have been given tickets from these machine.

The problem with the Cale parking system is that while they claim they regularly calibrate their machine there is no accurate synchronization to a common time reference. In most modern applications UTC (Coordinated Universal Time) is used as a base timescale and to synchronize devices, like Cale’s parking meters, a NTP server, linked to an atomic clock will receive UTC time and ensure every device has the exact time.

NTP servers are used in the calibration of not just parking meters but also traffic lights, air traffic control and the entire banking system to name but a few applications and can synchronize every device connected to it to within a few milliseconds of UTC.

It’s a shame Cale’s parking attendants didn’t see the value of of a dedicated NTP time server – I’m sure they are regretting not having one now.

Which time signal? GPS or WWVB and MSF

  |   By

Dedicated NTP time server devices are the easiest, most accurate, reliable and secure method of receiving a source of UTC time (Coordinated Universal Time) for synchronizing a computer network.

NTP servers (Network Time Protocol) operate outside the firewall and are not reliant on the Internet which means they are highly secure and not vulnerable to malicious users who, in the case of Internet time sources can use the NTP client signals as a method of accessing the network or penetrating the firewall.

A dedicated NTP server will also receive it’s time code direct from an atomic clock, this makes it a stratum 1 time server as opposed to online time servers which are stratum 2 time servers, that is they get the time from a stratum 1 server and so are not as accurate.

In using a NTP time server there is only really one decision to make and that is how the time signal is to be received and for this there is only two choices:

The first is to make use of the time standard radio transmissions broadcast by national physics laboratories such as NIST in the USA or the UK’s NPL. These signals (WWVB in the US, MSF in the UK) are limited in range although the USA signal is available in most parts of Canada and Alaska. However, they are vulnerable to local interference and topography as other long wave radio signals are.

The alternative to the WWVB/MSF signal is to utilise the GPS satellite network (Global Positioning System). Atomic clocks are used by GPS satellites as the basis for navigational information used by satellite receivers. These atomic clocks can be used by using a NTP time server fitted with a GPS antenna.

Whilst the GPS time signal is strictly speaking not UTC- it is 17 seconds behind as leap seconds have never been added to GPS time (as the satellites are unreachable) but NTP can account for this (by simply adding 17 whole seconds). The advantage of GPS is that it is available anywhere on the planet just as long as the GPS antenna has a clear view of the sky.

Duel systems that can utilise both types of signal are also available.

Configuring a Network to use a NTP Server Part two: Distributing the Time

  |   By

NTP (Network Time Protocol) is the protocol designed for time distribution amongst a network. NTP is hierarchical. It organises a network into strata, which are the distance from a clock source and the device.

A dedicated NTP server that receives the time from a UTC source such as GPS or the national time and frequency signals is regarded as a stratum 1 device. Any device that is connected to a NTP server becomes a stratum 2 device and devices farther down the chain become stratum 2, 3 and so on.

Stratum layers exist to prevent cyclical dependencies in the hierarchy. But the stratum level is not an indication of quality or reliability.

NTP checks the time on all devices on the network it then adjusts the time according to how much drift it discovers. Yet NTP goes further than just checking the time on a the reference clock, the NTP program exchanges time information by packets (blocks of data) but refuses to believe the time it is told until several exchanges have taken place, each passing a set of tests known asprotocol specifications. It often takes about five good samples until a NTP server is accepted as a timing source.

NTP uses timestamps to represent the current time the day. As time is linear, each timestamp is always greater than the previous one. NTP timestamps are in two formats but they relay the seconds from a set point in time (known as the prime epoch, set at 00:00 1 January 1900 for UTC) The NTP algorithm then uses this timestamp to determine the amount to advance or retreat the system or network clock.

NTP analyses the timestamp values including the frequency of errors and the stability. A NTP server will maintain an estimate of the quality of both its reference clocks and itself.

Configuring a Network to use a NTP Server Part one: Finding a Time Source

  |   By

Keeping your network synchronized with the correct time is crucial for modern networking. Because of the value of timestamps in communciating globally and across multi-networks, it is imperative that every machine is running a source of UTC (Coordinated Universal Time).

UTC was developed to allow the entire global community to use the same time no matter where they are on the globe as UTC doesn’t use time-zones so it allows accurate communication regardless of location.

However, finding a source of UTC is often where some network administrators fall down when they are attempting to synchronize a network. There are many areas that a source of UTC can be received from but very few that will provide both accurate and secure reference to the time.

The internet is full of purported sources of UTC, however, many of them offer no where near their acclaimed accuracy. Furthermore, resorting to the internet can lead to security vulnerabilities.

Internet time sources are external to the firewall and therefore a hole has to be left open which can be taken advantage of by malicious users. Furthermore, NTP, the protocol used to distribute and receive time sources, cannot instigate its authentication security measure across the internet so it is not possible to ensure the time is coming from where it is supposed to.

External sources of UTC time are far more secure. There are two methods used by most administrators. Long wave radio signals as broadcast by national physics laboratories and the GPS signal which is available everywhere on the globe.

The external sources of UTC ensure your NTP network is receiving not just an accurate source of UTC but also a secure one.

Reasons for Atomic Clock Timing

  |   By

Atomic clocks have, unbeknown to most people, revolutionised our technology. Many of the ways we trade, communicate and travel are now solely dependent on timing from atomic clock sources.

A global community often means that we have to communicate with people on other areas of the world and in other time zones. For this purpose a universal time zone was developed, known as UTC (Coordinated Universal Time), which is based on the time told by atomic clocks.

Atomic clocks are incredibly accurate, losing only a second in every hundred million years, which is staggering when you compare it to digital clocks that will lose that much time in a week.

But why do we need such accuracy in timekeeping? Much of the technology we employ in modern times is designed for global communication. The Internet is a good example. So much trade is done across continents in fields such as the stock exchange, seat reservation and online auctioning that exact time is crucial. Imagine you are bidding for an item on the Internet and you place a bid a few seconds before the end, the last and highest bid, would it be fair to lose the item because the clock on your ISP was a little fast and the computer therefore thought the bidding was over. Or what about seat reservation; if two people on different sides of the globe book a seat at the same time, who gets the seat. This is why UTC is vital for the internet.

Other technologies too such as global positioning and air traffic control are reliant on atomic clocks to provide accuracy (and in the case of air traffic is paramount for safety). Even traffic lights and speed cameras have to be calibrated with atomic clocks otherwise speeding ticket may not be valid as they could be questioned in court.

For computer systems NTP time servers are the preferred method for receiving and distributing a source of UTC time.

Time Server Basic Questions Answered

  |   By

What is a time server?

A time server is a device that receives and distributes a single time source across a computer network for the purposes of time synchronization. These devices are often referred to as a NTP server, NTP time server, network time server or dedicated time server.

And NTP?

NTP – Network Time Protocol is a set of software instructions designed to transfer and synchronize time across LANs (Local Area Network) or WANS (Wider Area Network). NTP is one of the oldest known protocols in use today and is by far the most commonly used time synchronization application.

What timescale should I use?

Coordinated Universal Time (UTC) is a global timescale based on the time told by atomic clocks. UTC doesn’t take into account time zones and is therefore ideal for network applications as in principle by synchronizing a network to UTC you are in effect synchronizing it to every other network that utilises UTC.

Where does a time server receive the time from?

A time server can utilise the time from anywhere such as a wrist watch or wall clock. However, any sensible network administrator would opt to use a source of UTC time to ensure the network is as accurate as possible. UTC is available from several ready sources. The most used is perhaps the internet. There are many ‘time servers’ on the internet that distribute UTC time. Unfortunately, many are not at all accurate an in using an internet time source you could be leaving the network vulnerable as malicious users can take advantage of the open port in the firewall where the timing information flows.

It is far better to use a dedicated NTP time server that receives the UTC time signal external to the network and firewall. The best methods for doing this is to either use the GPS signals transmitted from space or the national time and frequency transmissions broadcast by several countries in long wave.

Using NTP Networks

  |   By

Network Time Protocol is by far the most widely used application for synchronizing computer time across local area networks and wider areas networks (LANs and WANs). The principles behind NTP are fairly simple. It checks the time on a system clock and compares it with an authoritative, single source of time, making corrections to the devices to ensure they are all synchronized to the time source.

Selecting the time source to use is perhaps the fundamentally most important thing in setting up a NTP network. Most network administrators opt, quite rightly to use a source of UTC time (Coordinated Universal Time). This is a global timescale and means that a computer network synchronized to UTC is not only using the same timescale as every other UTC synchronized network but also there is no need to worry about different time zones around the globe.

NTP uses different layers, known as strata, to determine the closeness and therefore accuracy, to a time source. As UTC is governed by atomic clocks, any atomic clock giving out a time signal is referred to as stratum 0 and any device that receives the time directly from an atomic clock is stratum 1. Stratum 2 devices are devices that receive the time from stratum 1 and so on. NTP supports over 16 different stratum levels although accuracy and reliable decrease with each stratum layer further away you get.

Man network administrators opt to use an internet source of UTC time. Apart from the security risks of using a time source from the internet and allowing it access through your firewall. Internet time servers are also stratum 2 devices in that they are normally servers that receive the time from single stratum 1 device.

A dedicated NTP time server on the other had are stratum 1 devices in themselves. They receive the time directly from atomic clocks, either via GPS or long wave radio transmissions. This makes them far more secure than internet providers as the time source is external to the network (and firewall) but also it makes them more accurate.

With a stratum 1 time server a network can be synchronized to within a few milliseconds of UTC without risk of compromising your security.

Perfect Time Synchronization for Windows

  |   By

Most Windows operating systems have an integrated time synchronisation service, installed by default that can synchronise the machine or indeed a network. However, for security reasons, it is highly recommended by Microsoft, amongst others, that an external time source is used.

NTP time servers securely and accurately receive the UTC time signal from the GPS network or the WWVB radio transmissions (or European alternatives).  NTP time servers can synchronize a single Windows machine or an entire network to within fractions of a second of the correct UTC time (Coordinated Universal Time).

A NTP time server provides precise timing information 24 hours-a-day, 365 days-a-year anywhere on the entire globe. A dedicated NTP time server is the only secure, safe and reliable method of synchronizing a computer network to UTC (Coordinated Universal Time). External to the firewall, an NTP time server does not leave a computer system vulnerable to malicious attacks unlike Internet timing sources via the TCP-IP port.

A NTP time server is not only secure, it receives a UTC time signal direct from atomic clocks unlike Internet timing sources which are really time servers themselves. NTP servers and other time synchronization tools can synchronize entire networks, single PCs, routers and a whole host of other devices. Using either GPS or the North American WWVB signal, a dedicated NTP time server from will ensure all your devices are running to within a fraction of UTC time.

A NTP time server will:

•    Increase network security
•    Prevent data loss
•    Enable logging and tracking of errors or security breaches
•    Reduce confusion in shared files
•    Prevent errors in billing systems and time sensitive transactions
•    Can be used to provide incontestable evidence in legal and financial disputes

Computer Network Timing Solutions

  |   By

Computer networks and the internet have dramatically changed the way we live our lives. Computers are now in constant communication with each other making possible transactions such as online shopping, seat reservation and even email.

However, all this is only possible thanks to accurate network timing and in particular the use of Network Time Protocol (NTP) used to ensure all machines on a network are running the same time.

Timing synchronization is crucial for computer networks. Computers use time in the form of timestamps as the only marker to separate two events, without synchronization computers have difficulty in establishing the order of events or indeed if an event has happened or not.

Failing to synchronize a network can have untold effects. Emails may arrive before they are sent (according to the computer’s clock), data may get lost or fail to store and worst-of-all, the entire network could be vulnerable to malicious users and even fraudsters.

Synchronization with NTP is relatively straight forward as most operating systems have a version of the time protocol already installed; however, choosing a timing reference to synchronize to is more challenging.

UTC (Coordinated Universal Time) is a global timescale governed by atomic clocks and is used by nearly all computer networks across the globe. By synchronizing to UTC a computer network is essentially synchronizing the network time with ever other computer network in the world that uses UTC.

The internet has plenty of sources of UTC available but security issues with the firewall means the only safe method of receiving UTC is externally. Dedicated NTP time servers can do this using either long wave radio or GPS satellite transmissions.