Archive for the ‘Windows’ Category

Time Synchronisation on a Windows 7 Network

Monday, November 30th, 2009

Windows 7 is the latest instalment in the Microsoft operating system family. Following on from the much maligned Windows Vista, Windows 7 has a much warmer reception from critics and consumers.

Time synchronisation on Windows 7 is extremely straight forward as the protocol NTP (Network Time Protocol) is built-in to Windows 7 and the operating system automatically synchronises the computer’s clock by connecting to the Microsoft time service time.windows.com.

This is useful for many home users but the synchronisation across the Internet is not secure enough for a computer network for the following reason:

To connect to any Internet time source such as time.windows.com a post is required to be left open in the firewall. As with any open port in a network firewall this can be used as a point of entry by a malicious user or some malicious software.

The time synchronisation facility in Windows 7 can be turned off and is quite simple to do by opening the time and date dialogue box and uncheck the synchronization box.

However, time synchronisation on a network is vital so if the Internet time service is turned off it needs to be replaced with a secure and accurate source of time.

By far the best way of doing this is to use a time source that’s external to the network (and the firewall).

The simplest, safest and most accurate way of synchronizing a Windows 7 network is to use a dedicated NTP server. These devices use a time reference from either a radio frequency (usually distributed by national physics laboratories such as Britain’s NPL and America’s NIST) or from the GPS satellite network.

Because both these reference sources come from atomic clock sources they are incredibly accurate too and a Windows 7 network that consists of hundreds of machines can be synchronised to within a few milliseconds of the global timescale UTC (Coordinated Universal Time) by utilising just one NTP time server.

Setting up Windows XP as an NTP Server

Friday, November 20th, 2009

A network time server or NTP server (Network Time Protocol), is a central computer or server on a network that controls the time and synchronises all machines on that network to it.

Windows XP can be set up to operate as an NTP server to synchronise the rest of the computers and devices on a network. Setting up a Windows XP machine to act as a NTP server involves editing the registry, however, editing an operating system registry can lead to potential problems and should only be conducted by somebody with experience of registry editing.

To configure Windows XP as an NTP server the first thing to do is to open the registry editor in Windows. This is done by clicking the Start button and selecting “Run” from the menu. Enter “regedit” in the run menu and press return. This should open the Windows registry editor.

Select the: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\ folder in the left hand pane. This folder holds the values for the NTP server.

Right-click the “Enabled” key in the right window pane and select “Properties”. This should open a dialog box where you can alter the value of the registry key. Enter “1″ in the window, setting the value to “True” which turns the XP computer into a time server.

Close the registry and open the DOS command prompt by clicking the Windows Start button, selecting “Run”. Then type “cmd” in the text box and press return.

Type “Net stop w32time” into the command prompt and press “Enter.” Now type “net start w32time” this will restart the time server for Windows XP.

However, the XP machine, which is now set as a NTP server, will merely distribute the time it currently holds. If this time is inaccurate then it will inaccurate time that is distributed amongst the network.

To ensure an accurate and secure source of time is used then a dedicated NTP time server that receives the time from an atomic clock source should be used.

Time Synchronization on Windows 7

Wednesday, November 4th, 2009

Windows 7, the latest operating system from Microsoft is also their first operating system that automatically synchronizes the PC clock to an internet source of UTC time (Coordinated Universal Time). From the moment a Windows 7 computer is switched on and is connected to the Internet it will request time signals from the Microsoft time service – time.windows.com.

While for many home users this will save them the hassle of setting and correcting their clock as it drifts, for business users it may be problematic as internet time sources are not secure and receiving a time source through the UDP port on the firewall could lead to security breaches and as Internet time sources can’t be authenticated by NTP (Network Time Protocol) the signals can be hijacked by malicious users.

This internet time source can be deactivated by opening the clock and date dialogue box, and opening the Internet Time tab, clicking the ’Change’ setting button and unchecking the ‘Synchronize with an Internet time server option.’

Whilst this will unsure no unwanted traffic will be coming through your firewall it will also mean that the Windows 7 machine will not be synchronised to UTC and its timekeeping will be reliant on the motherboard clock, which will eventually drift.

To synchronize a network of Windows 7 machines to an accurate and secure source of UTC then the most practical and simplest solution is to plug in a dedicated NTP time server. These connect directly to a router or switch and enable the safe receiving of an atomic clock time source.

NTP time servers use the highly accurate and secure GPS signal (Global Positioning System) available everywhere on the planet or more localized long wave radio signals transmitted by several national physics laboratories such as NIST and NPL.

Configuring a Dedicated NTP Time Server on Windows 7

Saturday, October 31st, 2009

Windows 7 is the very latest operating system from Microsoft. Replacing the rather disappointing Windows Vista, Windows 7 promises to correct the flaws that made its predecessor so unpopular.

One of the changes Windows 7 makes is that it automatically synchronizes the time using the Windows Time service located at windows.time.com. Whilst this is an accurate stratum 2 time server, managed by Microsoft, it can be changed for another source of Internet time. However, even Microsoft recommend that Internet time sources should not used for computer networks as they can’t be authenticated by the time protocol NTP (Network Time protocol). Furthermore, an internet time source needs a port left open in the firewall for the time signals to make it through. Any open port in a firewall can be used by a malicious user to gain access to the network.

For a secure, authenticated and accurate method of synchronizing a Windows 7 network, then it is wise to use a dedicated network time server. Most of these time servers use the protocol NTP (Network Time Protocol) which can easily distribute a single time server throughout a network of hundreds and even thousands of machines.

Time servers plug directly into the router/switch for the network or can be installed on a single machine. Rather than rely on the Internet for a source of time and risk leaving the firewalls UDP port open, dedicated NTP time servers use either the GPS signals or long wave radio broadcasts transmitted from national physics laboratories such as the MSF signal broadcast by the UK’s NPL and the USA WWVB signal broadcast by NIST.

As these signals are external to the firewall and are able to be authenticated by NTP to establish the authority of the signals and are a more accurate and secure method of synchronizing a Windows 7 network.

2038 The Next Computer Time Bug

Tuesday, October 6th, 2009

Remember the turn of the millennium. Whilst many of us were counting down the seconds until midnight, there were network administrators across the globe with their fingers crossed hoping their computer systems will still be working after the new millennium kicked in.

The millennium bug was the result of early computer pioneers designing systems with only two digits to represent the time as computer memory was very scarce at the time. The problem didn’t arise because of the turn of the millennium, it arose because it was the end of the century and two digit year flicked around to 00 (which the machines assume was 1900)

Fortunately by the turn of the millennium most computers were updated and enough precautions were taken that meant that the Y2K bug, as it became known, didn’t cause the widespread havoc it was first feared.

However, the Y2K bug is not the only time related problem that computer systems can be expected to face, another problem with the way computers tell the time has been realised and many more machines will be affected in 2038.

The Unix Millennium Bug (or Y2K38) is similar to the original bug in that it is a problem connected with the way computers tell the time. The 2038 problem will occur because most machines use a 32 bit integer to calculate the time. This 32 bit number is set from the number of seconds from 1 January 1970, but because the number is limited to 32 digits by 2038 there will be no more digits left to deal with the advance of time.

To solve this problem, many systems and languages have switched to a 64-bit version, or supplied alternatives which are 64-bit and as the problem will not occur for nearly three decades there is plenty of time to ensure all computer systems can be protected.

However, these problems with timestamps are not the only time related errors that can occur on a computer network. One of the most common causes of computer network errors is lack of time synchronization. Failing to ensure each machine is running at an identical time using a NTP time server can result in data being lost, the network being vulnerable to attack from malicious users and can cause all sorts of errors such as emails arriving before they have been sent.

To ensure your computer network is adequately synchronized an external NTP time server is recommended.

Basic Time Server Information

Thursday, October 9th, 2008

All PC’s and networking devices use clocks to maintain an internal system time. These clocks, called Real Time Clock chips (RTC) provide time and date information. The chips are battery backed so that even during power outages, they can maintain time.

Computer networks rely on timekeeping for nearly all their applications, from sending an email to saving data, a timestamp is necessary for computer to keep track. All routers and switches need to run at the same rate, out of sync devices can lead to data being lost and even entire connections.

For some transactions it is necessary for computers to be perfectly synchronised, even a few seconds difference between machines can have serious effects, such as finding an airline ticket you had booked had been sold moments later to another customer or you could draw your savings out of a cash machine and when your account is empty you could quickly going to another machine and withdraw it all again.

However, personal computers are not designed to be perfect clocks, their design has been optimized for mass production and low-cost rather than maintaining accurate time. However, these internal clocks are prone to drift and although for many application this can be quite adequate, often machines need to work together on a network and if the computers drift at different rates the computers will become out of sync with each other and problems can arise particularly with time sensitive transactions.

Time servers are like other computer servers in the sense they are usually located on a network. A time server gathers timing information, usually from an external hardware source and then synchronises the network to that time.

Most time servers use NTP (Network Time Protocol) which is one of the Internet’s oldest protocols still used, invented by Dr David Mills from the University of Delaware, it has been in utilized since 1985. NTP is a protocol designed to synchronize the clocks on computers and networks across the Internet or Local Area Networks (LANs).

NTP utilises an external timing reference and then synchronises all devices on the network to that time.

There are various sources that a NTP time server can use as a timing reference. The Internet is an obvious source, however, internet timing references from the Internet such as nist.gov and windows.time can not be authenticated, leaving the time server and therefore the network vulnerable to security threats.

Often time servers are synchronised to a UTC (Coordinated Universal time) source which is the global standard time scale and allows computers all over the world to synchronised to exactly the same time. This has obvious importance in industries where exact timing is crucial such as the stock exchange or airline industry.

Configuring a NTP Time Server using Windows XP

Monday, September 8th, 2008

Microsoft Windows XP has a time synchronisation utility built into the operating system called Windows Time (w32time.exe) which can be configured to operate as a network time server. It can be configured to both synchronise a network using the internal clock or an external time source.

NTP (Network Time Protocol) is a protocol already installed on Windows XP and Windows Time uses it to keep machines synchronised to the single time source. There are several timing sources available on the Internet but Microsoft and others strongly recommend that you configure a time server with a hardware source rather than from the Internet where there is no authentication.

Specialist NTP time servers are available that can receive a reliable time source via the GPS signal or specialist radio transmissions that get their time from atomic clocks.

If you wish to configure Windows XP to operate as a time server then first thing is to locate the Windows Time subkey. To do this:
Run Regedit (Click start/run/then type REGEDIT/and click enter.

Note: editing your system registry can cause problems with your system. It is advisable to back up your system before editing the registry.

Now locate the following subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\parameters\
Right click the right-hand side and click Modify. In the Edit Value box, under Value Data, type NTP and then click OK.
Now go to the Config folder and right-click AnnounceFlags, Modify and in the Edit DWORD Value box, under Value Data, type 5, and then click OK.

Locate this subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\

Right-click in the right-side window and Modify. Edit the DWORD value box and type the number of seconds you want for each poll under Value data, i.e.: 900 will equal 15 minutes. The poll field represents the polling interval between NTP poll packets.

To enable the NTP server locate the subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\
Right click enabled (in the right-hand window) then Modify. Edit the DWORD Value and type 1. Right-click NtpServer, then Modify and in the Edit DWORD Value under Value Data type Peers, then click OK.

Locate:  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config
In the right pane, right-click MaxPosPhaseCorrection, then Modify, in the Edit DWORD Value box, under Base, click Decimal, under Value Data, type a time in seconds such as 3600 (an hour) then click OK. This adjusts the connection settings.

Now go back and click:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config

In the right pane, right-click MaxNegPhaseCorrection, then Modify.
In the Edit DWORD box under base, click Decimal, under value data type the time in seconds you want to poll such as 3600 (an hour).

Exit Registry then restart windows time service by clicking Start/Run then typing:
net stop w32time && net start w32time.
on each computer, other than the domain controller, type: W32tm/resync/rediscover.
The time server should be now up and running.

Configuring a Network Time Server on Windows

Monday, September 8th, 2008

All versions of Windows Server since 2000 have included a time synchronization facility, called Windows Time Service (w32time.exe), built into the operating system. This can be configured to operate as a network time server synchronizing all machines to a specific time source.

Windows Time Service uses a version of NTP (Network Time Protocol), normally a simplified version, of the Internet protocol which is designed to synchronise machines on a network, NTP is also the standard for which most computer networks across the global use to synchronise with.

Choosing the correct time source is vitally important. Most networks are synchronized to UTC (Coordinated Universal Time) source. UTC is a global standardized time based on atomic clocks which are the most accurate time sources.

UTC can be obtained over the Internet from such places as time.nist.gov (us Naval Observatory) or time.windows.com (Microsoft) but it must be noted that internet time sources can not be authenticated which can leave a system open to abuse and Microsoft and others advise using an external hardware source as a reference clock such as a specialized network time server.

Network time servers receive their time source from either a specialist radio transmission from national physics laboratories which broadcast UTC time taken from an atomic clock source or by the GPS network which also relays UTC as a consequence of needing it to pin point locations.

NTP can maintain time over the public Internet to within 1/100th of a second (10 milliseconds) and can perform even better over LANs.

To configure Windows Time Service to use an external time source simply follow these instructions.

Locate the registry subkey.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters

Right click type then Modify the Value by inserting NTP in the Value Data box.

Right click ReliableTimeSource, then Modify the Edit DWORD Value box, by inserting 0 (zero).

Right-click NtpServer then Modify the Edit Value by typing the Domain Name System (DNS), (note each DNS must be unique).

Now locate the original subkey and right-click Period Modify the Edit DWORD Value box with the poll interval (how often a NTP server polls the time), under Value Data (recommended 24)

Run the following command line, Net stop w32time && net start w32time.

Now enable NTP by locating the subkey, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\

Right click Enabled and modify the Value data box by typing 1.

Right Click SpecialPollInterval in the right pain of the subkey HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval. Edit the DWORD value box the time you want for each poll (900 will poll every 15 minutes)

Locate HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config

To configure the time correction settings right click MaxPosPhaseCorrection, then modify the DWORD Value box with a time in seconds such (select decimal under base first, 3600 = one hour)

Now do the same for MaxNegPhaseCorrection the restart windows time service by running (or alternatively use the command prompt facility) net stop w32time && net start w32time.

To synchronise each machine simply type W32tm/ -s in the command prompt and the time server should now be working correctly (note it may take several polls before the correct time is displayed).