Category: advanced NTP

Keeping Your Network Secure A Beginners Guide

  |   By

Network security is vitally important for most business systems. Whilst email viruses and denial-of-service attacks (DoS attack) may cause us headaches on our home systems, for businesses, these sorts of attacks can cripple a network for days – costing businesses hundreds of millions each year in lost revenue.

Keeping a network secure to prevent this type of malicious attack is usually of paramount importance for network administrators, and while most invest heavily in some forms of security measures there is often vulnerabilities inadvertently left exposed.

Firewalls are the best place to begin when you are trying to develop a secure network. A firewall can be implemented in either hardware or software, or most commonly a combination of both. Firewalls are used to prevent unauthorized users from accessing private networks connected to the Internet, especially local intranets. All traffic entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified criteria.

Anti-virus software works in two ways. Firstly it acts similarly to a firewall by blocking anything that is identified in its database as possibly malicious (viruses, Trojans, spyware etc). Secondly Anti-virus software is used to detect, and remove existing malware on a network or workstation.

One of the most over-looked aspects of network security is time synchronization. Network administrators either fail to realise the importance of synchronization between all devices on a network. Failing to synchronize a network is often a common security issue. Not only can malicious users take advantage of computers running at different times but if a network is struck by an attack, identifying and rectifying the problem can be near impossible if every device is running on a different time.

Even when a network administrator is aware of the importance of time synchronization they often make a common security mistake when attempting to synchronize their network. Instead of investing in a dedicated time server that receives a secure source of UTC (Coordinated Universal Time) externally from their network using atomic clock sources like GPS, some network administrators opt to use a shortcut and use a source of Internet time.

There are two major security issues in using the Internet as a time server. Firstly, to allow the time code through the network a UDP port (123) has to be left open in the firewall. This can be taken advantage of by malicious users who can use this open port as an entrance to the network. Secondly, the inbuilt security measure used by the time protocol NTP, known as authentication, doesn’t work across the Internet which means that NTP has no guarantee the time signal is coming from where it is supposed to.

To ensure your network is secure isn’t it time you invested in an external dedicated NTP time server?

Configuring a Network to use a NTP Server Part two: Distributing the Time

  |   By

NTP (Network Time Protocol) is the protocol designed for time distribution amongst a network. NTP is hierarchical. It organises a network into strata, which are the distance from a clock source and the device.

A dedicated NTP server that receives the time from a UTC source such as GPS or the national time and frequency signals is regarded as a stratum 1 device. Any device that is connected to a NTP server becomes a stratum 2 device and devices farther down the chain become stratum 2, 3 and so on.

Stratum layers exist to prevent cyclical dependencies in the hierarchy. But the stratum level is not an indication of quality or reliability.

NTP checks the time on all devices on the network it then adjusts the time according to how much drift it discovers. Yet NTP goes further than just checking the time on a the reference clock, the NTP program exchanges time information by packets (blocks of data) but refuses to believe the time it is told until several exchanges have taken place, each passing a set of tests known asprotocol specifications. It often takes about five good samples until a NTP server is accepted as a timing source.

NTP uses timestamps to represent the current time the day. As time is linear, each timestamp is always greater than the previous one. NTP timestamps are in two formats but they relay the seconds from a set point in time (known as the prime epoch, set at 00:00 1 January 1900 for UTC) The NTP algorithm then uses this timestamp to determine the amount to advance or retreat the system or network clock.

NTP analyses the timestamp values including the frequency of errors and the stability. A NTP server will maintain an estimate of the quality of both its reference clocks and itself.

Configuring a Network to use a NTP Server Part one: Finding a Time Source

  |   By

Keeping your network synchronized with the correct time is crucial for modern networking. Because of the value of timestamps in communciating globally and across multi-networks, it is imperative that every machine is running a source of UTC (Coordinated Universal Time).

UTC was developed to allow the entire global community to use the same time no matter where they are on the globe as UTC doesn’t use time-zones so it allows accurate communication regardless of location.

However, finding a source of UTC is often where some network administrators fall down when they are attempting to synchronize a network. There are many areas that a source of UTC can be received from but very few that will provide both accurate and secure reference to the time.

The internet is full of purported sources of UTC, however, many of them offer no where near their acclaimed accuracy. Furthermore, resorting to the internet can lead to security vulnerabilities.

Internet time sources are external to the firewall and therefore a hole has to be left open which can be taken advantage of by malicious users. Furthermore, NTP, the protocol used to distribute and receive time sources, cannot instigate its authentication security measure across the internet so it is not possible to ensure the time is coming from where it is supposed to.

External sources of UTC time are far more secure. There are two methods used by most administrators. Long wave radio signals as broadcast by national physics laboratories and the GPS signal which is available everywhere on the globe.

The external sources of UTC ensure your NTP network is receiving not just an accurate source of UTC but also a secure one.

Perfect Time Synchronization for Windows

  |   By

Most Windows operating systems have an integrated time synchronisation service, installed by default that can synchronise the machine or indeed a network. However, for security reasons, it is highly recommended by Microsoft, amongst others, that an external time source is used.

NTP time servers
securely and accurately receive the UTC time signal from the GPS network or the WWVB radio transmissions (or European alternatives).  NTP time servers can synchronize a single Windows machine or an entire network to within fractions of a second of the correct UTC time (Coordinated Universal Time).

A NTP time server provides precise timing information 24 hours-a-day, 365 days-a-year anywhere on the entire globe. A dedicated NTP time server is the only secure, safe and reliable method of synchronizing a computer network to UTC (Coordinated Universal Time). External to the firewall, an NTP time server does not leave a computer system vulnerable to malicious attacks unlike Internet timing sources via the TCP-IP port.

A NTP time server is not only secure, it receives a UTC time signal direct from atomic clocks unlike Internet timing sources which are really time servers themselves. NTP servers and other time synchronization tools can synchronize entire networks, single PCs, routers and a whole host of other devices. Using either GPS or the North American WWVB signal, a dedicated NTP time server from will ensure all your devices are running to within a fraction of UTC time.

A NTP time server will:

•    Increase network security
•    Prevent data loss
•    Enable logging and tracking of errors or security breaches
•    Reduce confusion in shared files
•    Prevent errors in billing systems and time sensitive transactions
•    Can be used to provide incontestable evidence in legal and financial disputes

Differences in Time

  |   By

We are all aware of the differences in time zones. Anybody that has travelled across the Atlantic or Pacific will feel the effects of jet lag caused by having to adjust our own internal body clocks. In some countries, such as the USA, several different time zones exist in the one country meaning there are several hours difference in time from the East Coast to the West.

This difference in time zones can cause confusion although for residents of countries that straddle more than one time zone they soon adapt to the situation. However, there are more timescales and differences in time than just time zones.

Different time standards have been developed for decades to cope with time zone differences and to allow for a single time standard that the whole world can synchronize too. Unfortunately since the first time standards were developed such as British Railway Time and Greenwich Mean Time, other standards have had to be developed to cope with different applications.

One of the problem of developing a time standard is choosing what to base it on. Traditionally, all systems of time have been developed on the rotation of the Earth (24 hours). However, following the development of atomic clocks, it was soon discovered that no two days are exactly the same length and quite often they can fall short of the expected 24 hours.

New time standards where then developed based on Atomic clocks as they proved to be far more reliable and accurate than using the Earth’s rotation as a starting point. Here is a list of some of the most common time standards in use. They are divided into two types, those that are based on Earth’s rotation and those that are based on atomic clocks:

Time standards based on Earth’s rotation
True solar time is based on the solar day – is the period between one solar noon and the next.

Sidereal time is based on the stars. A sidereal day is the time it takes Earth to make one revolution with respect to the stars (not the sun).

Greenwich Mean Time (GMT) based upon when the sun is highest (noon) above the prime meridian (often called the Greenwich meridian). GMT used to be an international time standard before the advent of precise atomic clocks.

Time standards based on atomic clocks

International Atomic Time (TAI) is the international time standard from which the time standards below, including UTC, are calculated. TAI is based on a constellation of atomic clocks from all over the world.

GPS Time Also based on TAI, GPS time is the time told by atomic clocks aboard GPS satellites. Originally the same as UTC, GPS time is currently 17 seconds (precisely) behind as 17 leap seconds have been added to UTC since the satellites were launched.
Coordinated Universal Time (UTC) is based on both atomic time and GMT. Additional Leap seconds are added to UTC to counter the imprecision of Earth’s rotation but the time is derived from TAI making it as accurate.

UTC is the true commercial timescale. Computer systems all over the world synchronize to UTC using NTP time servers. These dedicated devices receive the time from an atomic clock (either by GPS or specialist radio transmissions from organisations like NIST or NPL).

Dealing With Time computers synchronisation and timestamps

  |   By

Time is important for the smooth running of our day to day lives. Everything we do is either governed by or restrained because of time. Yet time is even more essential for computer systems as it is the only point of reference a computer has to distinguish between events and processes.

Everything a computer does is logged by the processor with what process was done and exactly when it was carried out. As computers can process hundreds if not thousands of transactions a second so the time stamp is vital for establishing the order of events.

Computers do not read and use the time in the same format that we do. A computer timestamp takes the form of a single digit that counts the number of seconds from a set point in time. In most systems this is known as the ‘prime epoch’ and is set from 00:00:00 UTC on January 1, 1970. So a timestamp for the date 23 June 2009 the timestamp would read: 1246277483 as this is the number of seconds from the prime epoch.

Computer timestamps are sent across networks and the internet, for instance every time an email is sent it is accompanied by a timestamp. When the email is replied to this too comes with a timestamp. Yet, when neither computer is synchronized the replied email could arrive back with an earlier code and this can cause untold confusion for a computer as according to its logs the email will have arrived back before the original was sent.

For this reason computer networks are synchronized to the global timescale UTC (Coordinated Universal Time). UTC is kept true by a constellation of atomic clocks which means that and computer network synchronised to a UTC source will be highly accurate.

Time synchronization on computers is dealt with by the protocol NTP (Network Time Protocol). Special dedicated NTP servers are available the receive a secure time code from either the GPS network or from specialist radio transmissions broadcast by national physical laboratories and then synchronize entire networks to the single time source.

Do I Really Need an NTP Time Server?

  |   By

The NTP time server is a much misunderstood piece of equipment. They are quite simple devices in the sense that they are used for the purposes of time synchronisation, receiving an external source of the time which is then distributed throughout a computer network using NTP (Network Time Protocol).

However, with a myriad of ‘free’ time servers available on the internet many network administrators take the decision that NTP time servers are not necessary pieces of equipment and that their network can do without it. However, there are a huge number of pitfalls in relying on the internet as a time reference; Microsoft and the USA physics laboratory NIST (National Institute of Standards and Time) highly recommend external NTP time servers rather than internet providers.

Here is what Microsoft says:
“We highly recommend that you configure the authoritative Time Server to gather the time from a hardware source. When you configure the authoritative Time Server to sync with an Internet time source, there is no authentication.”

Authentication is a security measure implemented by NTP to ensure that the time signal that is sent comes from where it claims to come from. In other words authentication is the first line of defence in protecting against malicious users. There are other security issues too with using the internet as a time source as any communication with an internet time source is going to require the TCP/IP port to be left open in the firewall this could also be manipulated by malicious users.

NIST too recognise the importance of NTP time server systems for prevention and detection of security threats in their Guide to Computer Security Log Management they suggest:
“Organizations should use time synchronization technologies such as Network Time Protocol (NTP) servers whenever possible to keep log sources’ clocks consistent with each other.”

Reported GPS Fears Should Not Affect Time Synchonisation

  |   By

Following recent media reports on the lack of investment in the USA’s Global Navigation Satellite System – GPS (Global Positioning System) and the potential failure of navigational receivers in recent years, time synchronisation specialists, Galleon Systems, would like to ensure all their customers that any failure of the GPS network will not affect current GPS NTP time servers.

Recent media reports following a study by the US government’s accountability office (GAO), that concluded mismanagement and a lack of investment meant some the current number of 31 operational satellites may fall to below 24 at times in 2011 and 2012 which would hamper its accuracy.

However, the UK’s National Physical Laboratory are confident that any potential problems of the GPS navigation facilities will not affect timing information utilised by GPS NTP servers.

A spokesman for the UK’s National Physical Laboratory confirmed that timing information should be unaffected by any potential future satellite failure.

“There is estimated to be a 20% risk that in 2011-2012 the number of satellites in the GPS constellation could drop below 24 at times.

“If that were to happen, there could be a slight reduction in the position accuracy of GPS receivers at some periods, and in particular they might take longer to acquire a fix in some locations when first powered up. However, even then the effect would be a degradation of performance, rather than complete failure to operate.

“A GPS timing receiver is unlikely to be affected significantly since, once it has determined its position when turned on, every satellite it observes provides it with useful timing information. A small reduction in the number of satellites in view should not degrade its performance much.”

The World in Perfect Synchronization

  |   By

Synchronization is something we are familiar with everyday of our lives. From driving down the highway to walking crowded street; we automatically adapt our behaviour to synchronize with those around us. We drive in the same direction or walk the same thoroughfares as other commuters as failing to do so would make our journey a lot more difficult (and dangerous).

When it comes to timing, synchronisation is even more important. Even in our day to day dealings we expect a reasonable amount of synchronisation from people. When a meeting starts at 10am we expect everybody to be there within a few minutes.

However, when it comes to computer transactions across a network, accuracy in synchronisation becomes even more important where accuracy to a few seconds is too inadequate and synchronisation to the millisecond becomes essential.

Computers use time for every transaction and process they do and you only have to think back to the furore caused by the millennium bug to appreciate the importance computer’s place on time. When there is not precise enough synchronisation then all sorts of errors and problems can occur, particularly with time sensitive transactions.

Its not just transactions that can fail without adequate synchronisation but time stamps are used in computer log files so if something goes wrong or if a malicious user has invaded (which is very easy to do without adequate synchronisation) it can take a long time to discover what went wrong and even longer to fix the problems.

A lack of synchronisation can also have other effects such as data loss or failed retrieval it can also leave a company defenceless in any potential legal argument as a badly or unsynchronised network can be impossible to audit.

Millisecond synchronisation is however, not the headache many administrators assume it is going to be. Many opt to take advantage of many of the online timeservers that are available on the internet but in doing so can generate more problems than it solves such as having to leave the UDP port open in the firewall (to allow the timing information through) not-to-mention no guaranteed level of accuracy from the public time server.

A better and simpler solution is to use a dedicated network time server that uses the protocol NTP (Network Time Protocol). A NTP time server will plug straight into a network and use the GPS (Global Positioning System) or specialist radio transmissions to receive the time direct from an atomic clock and distribute it amongst the network.

The Concept of Time

  |   By

Time is something that we are all familiar with, it governs our lives even more so than money and we are constantly ‘at war’ with time as we battle to conduct our daily tasks before it runs out.

Yet when we start to examine time we discover that the concept of time we begin to realise that a non-ending linear distance between different events that we call time is purely a human invention.

Of course time exists but it certainly doesn’t follow the rules that the human concept of time does. It is not never ending or constant and changes and warps depending on speed of observers and the pull of gravity. In fact it was Einstein’s theories on relativity that gave human kind its first glimpse as to what time really is and how it affects our daily lives.

Einstein described a four-dimensional space-time, where time and space are inextricably woven together. This space-time gets warped and bent by gravity slowing time (or our perception of it). Einstein also, he suggested that the speed of light was the only constant in the universe and time altered depending on the relative speed to it.

When it comes to keeping track of time, Einstein’s theories can hamper any attempts at chronology. If both gravity and relative speed can affect time then it becomes difficult to measure time accurately.

We long ago abandoned the idea of using the celestial bodies and Earth’s rotation as a reference for our timekeeping as it was recognised in the early twentieth century that Earth’s rotation wasn’t at all accurate or reliable. Instead, we have depended n the oscillations of atoms to keep track of time. Atomic clocks measure atomic ticks of particular atoms and our concept of time is based on these ticks with every second being equal to over 9 billion oscillation of the caesium atom.

Even though we now base time on atomic oscillations, technologies such as GPS satellites (Global Positioning System) still have to counter the effects of lower gravity. In fact the effects of time can be monitored so accurately thanks to atomic clocks that those at different altitudes above sea level run at slightly differing speeds which has to be compensated for.

Atomic clocks can also be used to synchronise a computer network ensuring that they are running as accurately as possible. Most NTP time servers operate by utilising and distributing the time signal broadcast by an atomic clock (either through GPS or long wave) using the protocol NTP (Network Time Protocol).